diff options
author | Kees Cook <kees@outflux.net> | 2007-02-27 21:01:17 +0000 |
---|---|---|
committer | Kees Cook <kees@outflux.net> | 2007-02-27 21:01:17 +0000 |
commit | 4ac707a48e0bbe97a6f670eee3288021fe2ed88d (patch) | |
tree | 178000058e41a2f704a778a0284f3382dde84b48 | |
parent | b3e64118f3df38f86912a7d4a90fc9324dbf37dc (diff) |
added CVE-2007-0958, CVE-2007-0772, updated some ubuntu bits
git-svn-id: svn+ssh://svn.debian.org/svn/kernel-sec@709 e094ebfe-e918-0410-adfb-c712417f3574
-rw-r--r-- | active/CVE-2006-6128 | 7 | ||||
-rw-r--r-- | active/CVE-2007-0006 | 6 | ||||
-rw-r--r-- | active/CVE-2007-0772 | 22 | ||||
-rw-r--r-- | active/CVE-2007-0958 | 19 | ||||
-rwxr-xr-x | scripts/ubuntu-todo | 2 |
5 files changed, 48 insertions, 8 deletions
diff --git a/active/CVE-2006-6128 b/active/CVE-2006-6128 index 18d5f166..df547c38 100644 --- a/active/CVE-2006-6128 +++ b/active/CVE-2006-6128 @@ -19,7 +19,6 @@ linux-2.6: 2.6.18-etch-security: 2.6.8-sarge-security: 2.4.27-sarge-security: -2.6.12-breezy-security: -2.6.15-dapper-security: -2.6.17-edgy-security: -2.6.19-feisty: +2.6.12-breezy-security: needed +2.6.15-dapper-security: needed +2.6.17-edgy-security: needed diff --git a/active/CVE-2007-0006 b/active/CVE-2007-0006 index aaa4827b..7a3fc6a4 100644 --- a/active/CVE-2007-0006 +++ b/active/CVE-2007-0006 @@ -15,6 +15,6 @@ linux-2.6: 2.6.18-etch-security: 2.6.8-sarge-security: N/A 2.4.27-sarge-security: N/A -2.6.12-breezy-security: -2.6.15-dapper-security: -2.6.17-edgy-security: +2.6.12-breezy-security: needed +2.6.15-dapper-security: needed +2.6.17-edgy-security: needed diff --git a/active/CVE-2007-0772 b/active/CVE-2007-0772 new file mode 100644 index 00000000..3595f73f --- /dev/null +++ b/active/CVE-2007-0772 @@ -0,0 +1,22 @@ +Candidate: CVE-2007-0772 +References: + CONFIRM:http://kernel.org/pub/linux/kernel/v2.6/ChangeLog-2.6.20.1 + FRSIRT:ADV-2007-0660 + URL:http://www.frsirt.com/english/advisories/2007/0660 + SECUNIA:24215 + URL:http://secunia.com/advisories/24215 +Description: + The Linux kernel before 2.6.20.1 allows remote attackers to cause a denial + of service (oops) via a crafed NFSACL 2 ACCESS request that triggers a free + of an incorrect pointer. +Ubuntu-Description: +Notes: +Bugs: +upstream: +linux-2.6: +2.6.18-etch-security: +2.6.8-sarge-security: +2.4.27-sarge-security: +2.6.12-breezy-security: needed +2.6.15-dapper-security: needed +2.6.17-edgy-security: needed diff --git a/active/CVE-2007-0958 b/active/CVE-2007-0958 new file mode 100644 index 00000000..e1938d9d --- /dev/null +++ b/active/CVE-2007-0958 @@ -0,0 +1,19 @@ +Candidate: CVE-2007-0958 +References: + MISC:http://www.isec.pl/vulnerabilities/isec-0017-binfmt_elf.txt + CONFIRM:http://www.kernel.org/pub/linux/kernel/v2.6/ChangeLog-2.6.20 +Description: + Linux kernel 2.6.x before 2.6.20 allows local users to read unreadable + binaries by using the interpreter (PT_INTERP) functionality and triggering + a core dump, a variant of CVE-2004-1073. +Ubuntu-Description: +Notes: +Bugs: +upstream: +linux-2.6: +2.6.18-etch-security: +2.6.8-sarge-security: +2.4.27-sarge-security: +2.6.12-breezy-security: needed +2.6.15-dapper-security: needed +2.6.17-edgy-security: needed diff --git a/scripts/ubuntu-todo b/scripts/ubuntu-todo index a8f5c439..4792dd1b 100755 --- a/scripts/ubuntu-todo +++ b/scripts/ubuntu-todo @@ -1,2 +1,2 @@ #!/bin/sh -e -egrep '(hoary|breezy|dapper|edgy).*(needed|pending)' * +egrep '(hoary|breezy|dapper|edgy|feisty).*(needed|pending)' * |