diff options
| author | Moritz Muehlenhoff <jmm@debian.org> | 2010-03-26 13:59:11 +0000 |
|---|---|---|
| committer | Moritz Muehlenhoff <jmm@debian.org> | 2010-03-26 13:59:11 +0000 |
| commit | aa463350a838692503e8094c7d21409a6e6cfaf3 (patch) | |
| tree | c8997d09423eb21e379f2ac33d79d5bcaf26d7e6 /ignored | |
| parent | 971766154c1d37eb55f8ae1a7b1d764e2bc97452 (diff) | |
more issue to ignored, it's only a buglet and won't be
fixed upstream
git-svn-id: svn+ssh://svn.debian.org/svn/kernel-sec@1797 e094ebfe-e918-0410-adfb-c712417f3574
Diffstat (limited to 'ignored')
| -rw-r--r-- | ignored/CVE-2009-file-permission-bypass | 20 |
1 files changed, 20 insertions, 0 deletions
diff --git a/ignored/CVE-2009-file-permission-bypass b/ignored/CVE-2009-file-permission-bypass new file mode 100644 index 00000000..a96a2b01 --- /dev/null +++ b/ignored/CVE-2009-file-permission-bypass @@ -0,0 +1,20 @@ +Candidate: +Description: + file permissions can be circumvented via information in /proc +References: + http://securityfocus.com/archive/1/507386/30/30/threaded + http://lwn.net/Articles/359219 +Notes: + from discussion on bugtraq, it appears that this problem is exposed because of + some debian-specific patches (upstream is not affected). at this point, i am + noting the issue because there appears to be something to it, but i have not + studied it in detail nor verified any claims. + . + dannf> I don't see anything debian-specific about it. I can reproduce on 2.6.32 + and RHEL5. +Bugs: +upstream: ignored "no upstream fix" +linux-2.6: ignored "no upstream fix" +2.6.18-etch-security: ignored "no upstream fix" +2.6.24-etch-security: ignored "no upstream fix" +2.6.26-lenny-security: ignored "no upstream fix" |