diff options
| author | Kees Cook <kees@outflux.net> | 2007-05-31 20:54:49 +0000 |
|---|---|---|
| committer | Kees Cook <kees@outflux.net> | 2007-05-31 20:54:49 +0000 |
| commit | eaf8a47df72b4fe638c64ecdf28d677bebc85a61 (patch) | |
| tree | 7a255c07c92138d13804eb60e4e744736462d27b /ignored | |
| parent | 7445c7c68c55e281eeaeef8a1df1c466d1621b54 (diff) | |
updates for ubuntu releases
git-svn-id: svn+ssh://svn.debian.org/svn/kernel-sec@843 e094ebfe-e918-0410-adfb-c712417f3574
Diffstat (limited to 'ignored')
| -rw-r--r-- | ignored/CVE-2006-6058 | 26 | ||||
| -rw-r--r-- | ignored/CVE-2007-1217 | 10 |
2 files changed, 33 insertions, 3 deletions
diff --git a/ignored/CVE-2006-6058 b/ignored/CVE-2006-6058 new file mode 100644 index 00000000..f3610b89 --- /dev/null +++ b/ignored/CVE-2006-6058 @@ -0,0 +1,26 @@ +Candidate: CVE-2006-6058 +References: + MISC:http://projects.info-pull.com/mokb/MOKB-17-11-2006.html + FRSIRT:ADV-2006-4613 + URL:http://www.frsirt.com/english/advisories/2006/4613 + SECUNIA:23034 + URL:http://secunia.com/advisories/23034 +Description: + The minix filesystem code in Linux kernel 2.6.x up to 2.6.18, and possibly + other versions, allows local users to cause a denial of service (hang) via a + malformed minix file stream that triggers an infinite loop in the minix_bmap + function. NOTE: this issue might be due to an integer overflow or signedness + error. +Ubuntu-Description: +Notes: + dannf> ignored for sarge for now - only applies under very rare circumstances + and don't know if there's an upstream fix + jmm> We can ignore this, it has no practical ramifications +Bugs: +upstream: +linux-2.6: ignored +2.6.18-etch-security: ignored +2.6.8-sarge-security: ignored +2.4.27-sarge-security: ignored +2.6.15-dapper-security: needed +2.6.17-edgy-security: needed diff --git a/ignored/CVE-2007-1217 b/ignored/CVE-2007-1217 index d7e29322..9e95216c 100644 --- a/ignored/CVE-2007-1217 +++ b/ignored/CVE-2007-1217 @@ -1,6 +1,10 @@ Candidate: CVE-2007-1217 References: Description: + Buffer overflow in the bufprint function in capiutil.c in libcapi, as used + in Linux kernel 2.6.9 to 2.6.20 and isdn4k-utils, allows local users to + cause a denial of service (crash) and possibly gain privileges via a + crafted CAPI packet. Ubuntu-Description: Notes: jmm> Analysis by Karsten Keil (the Linux ISDN maintainer) pointed out, that this @@ -18,6 +22,6 @@ linux-2.6: released (2.6.21-1) 2.6.18-etch-security: ignored 2.6.8-sarge-security: ignored 2.4.27-sarge-security: ignored -2.6.15-dapper-security: -2.6.17-edgy-security: -2.6.20-feisty-security: +2.6.15-dapper-security: ignored +2.6.17-edgy-security: ignored +2.6.20-feisty-security: ignored |