diff options
author | Raphael Geissert <geissert@debian.org> | 2010-03-31 03:08:14 +0000 |
---|---|---|
committer | Raphael Geissert <geissert@debian.org> | 2010-03-31 03:08:14 +0000 |
commit | 5f607b0384aa271bdafb82d50963656d4999e884 (patch) | |
tree | 150b3599446264c4daf99f438fc62bc463573f59 | |
parent | 665721ea09ba1447d29203139083c323332caf3f (diff) |
info and new issues
git-svn-id: svn+ssh://svn.debian.org/svn/kernel-sec@1799 e094ebfe-e918-0410-adfb-c712417f3574
-rw-r--r-- | active/CVE-2009-4537 | 14 | ||||
-rw-r--r-- | active/CVE-2010-1187 | 12 | ||||
-rw-r--r-- | retired/CVE-2010-1188 | 12 |
3 files changed, 29 insertions, 9 deletions
diff --git a/active/CVE-2009-4537 b/active/CVE-2009-4537 index e1011e7f3..83b05babc 100644 --- a/active/CVE-2009-4537 +++ b/active/CVE-2009-4537 @@ -3,17 +3,13 @@ Description: regression in r8169 driver References: http://www.openwall.com/lists/oss-security/2009/12/31/1 + http://marc.info/?t=126202986900002&r=1&w=2 Notes: - jmm> No final upstream patch yet, discussion at http://marc.info/?t=126202986900002&r=1&w=2 - gilbert> redhat adopted and shipped the patch proposed at - http://marc.info/?l=linux-netdev&m=126210110408898&w=2 in all of - their kernels. it was mentioned partway through the discussion, - and there weren't any objections to it, but there also weren't - any approvals either. - gilbert> patch has still not been accepted upstream as of 20100315, and - discussion died in early january. + any deviation from the default settings opens the hole back up. Ben Hutchings has + volunteered to work on a comprehensive fix if someone provides him the hardware. See: + http://lkml.org/lkml/2010/3/29/448 Bugs: -upstream: +upstream: released (2.6.34-rc3) [c0cd884a] 2.6.32-upstream-stable: linux-2.6: 2.6.18-etch-security: ignored (EOL) diff --git a/active/CVE-2010-1187 b/active/CVE-2010-1187 new file mode 100644 index 000000000..79bf395e4 --- /dev/null +++ b/active/CVE-2010-1187 @@ -0,0 +1,12 @@ +Candidate: CVE-2010-1187 +Description: + tipc oops +References: + http://www.openwall.com/lists/oss-security/2010/03/30/6 +Notes: +Bugs: +upstream: released (2.6.34-rc2) [d0021b25] +2.6.32-upstream-stable: needed +linux-2.6: needed +2.6.26-lenny-security: needed +2.6.32-squeeze-security: needed diff --git a/retired/CVE-2010-1188 b/retired/CVE-2010-1188 new file mode 100644 index 000000000..fb4654f35 --- /dev/null +++ b/retired/CVE-2010-1188 @@ -0,0 +1,12 @@ +Candidate: CVE-2010-1188 +Description: + ipv6 skb unexpectedly freed +References: + http://www.openwall.com/lists/oss-security/2010/03/30/7 +Notes: +Bugs: +upstream: released (2.6.20) [fb7e2399] +2.6.32-upstream-stable: N/A "fixed before 2.6.32" +linux-2.6: released (2.6.20-1) +2.6.26-lenny-security: N/A "fixed before 2.6.26" +2.6.32-squeeze-security: N/A "fixed before 2.6.32" |