diff options
author | dann frazier <dannf@debian.org> | 2008-01-17 22:49:47 +0000 |
---|---|---|
committer | dann frazier <dannf@debian.org> | 2008-01-17 22:49:47 +0000 |
commit | 7b2149f741cda70666181c6490d654ed49c8679b (patch) | |
tree | 17a7d2b0c9713a5c7051bc074142871e784de633 /retired/CVE-2004-1190 | |
parent | 1ccbd81b4c085ec2e37808879964c1c880a736f7 (diff) |
permanently ignore CVE-2004-1190 for 2.4 and retire
git-svn-id: svn+ssh://svn.debian.org/svn/kernel-sec@1091 e094ebfe-e918-0410-adfb-c712417f3574
Diffstat (limited to 'retired/CVE-2004-1190')
-rw-r--r-- | retired/CVE-2004-1190 | 19 |
1 files changed, 19 insertions, 0 deletions
diff --git a/retired/CVE-2004-1190 b/retired/CVE-2004-1190 new file mode 100644 index 00000000..7f76542e --- /dev/null +++ b/retired/CVE-2004-1190 @@ -0,0 +1,19 @@ +Candidate: CVE-2004-1190 +References: + http://www.novell.com/linux/security/advisories/2004_42_kernel.html + http://xforce.iss.net/xforce/xfdb/18370 +Description: + SUSE Linux before 9.1 and SUSE Linux Enterprise Server before 9 do not + properly check commands sent to CD devices that have been opened read-only, + which could allow local users to conduct unauthorized write activities to + modify the firmware of associated SCSI devices. + . + dannf> skipping for 2.4/sarge3 - not sure if 2.4 is affected, but we should + revisit +Notes: +Bugs: 300162 +upstream: released (2.6.10) +linux-2.6: N/A +2.6.8-sarge-security: released (2.6.8-14) [scsi-ioctl-cmd-warned.dpatch, scsi-ioctl-remove-dup.dpatch, scsi-ioctl-permit.dpatch, SG_IO-cap.dpatch, SG_IO-safe-commands-2.dpatch, SG_IO-safe-commands-3.dpatch, SG_IO-safe-commands-5.dpatch] +2.4.27-sarge-security: ignored +2.6.18-etch-security: N/A |