diff options
author | Raphael Geissert <geissert@debian.org> | 2009-12-03 03:15:54 +0000 |
---|---|---|
committer | Raphael Geissert <geissert@debian.org> | 2009-12-03 03:15:54 +0000 |
commit | c6e00595a347aa629ca282fbb737c7558c668b5c (patch) | |
tree | b01b0290175d4d89bd8f53e8ef15e0bc763dfca6 /retired/CVE-2004-1191 | |
parent | 79127cfd9d3a7cf74b4a1f4d6792edcd25f7594a (diff) |
- i was able to track down the patches for CVE-2004-1191
- remark CVE-2009-3888 as unimportant
git-svn-id: svn+ssh://svn.debian.org/svn/kernel-sec@1627 e094ebfe-e918-0410-adfb-c712417f3574
Diffstat (limited to 'retired/CVE-2004-1191')
-rw-r--r-- | retired/CVE-2004-1191 | 22 |
1 files changed, 10 insertions, 12 deletions
diff --git a/retired/CVE-2004-1191 b/retired/CVE-2004-1191 index 15e07d0e..3b7108ab 100644 --- a/retired/CVE-2004-1191 +++ b/retired/CVE-2004-1191 @@ -6,16 +6,14 @@ Description: References: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2004-1191 http://www.novell.com/linux/security/advisories/2004_42_kernel.html - http://xforce.iss.net/xforce/xfdb/18137 + http://linux.bkbits.net:8080/linux-2.6/?PAGE=cset&REV=416e0015fxUJlgXuh_QC32U-2R9eKw Notes: - the secure-testing tracker indicates that this was fixed appropriately in all of the - linux-2.4 kernels released at the time; however, it also says that linux-2.6 needs - to be checked, which was never done. - - retiring based on the assumption that it was fixed in sarge's 2.6.8, and that - hopefully during that timeframe patches were pushed upstream -Bugs: -upstream: ignored "unable to find info about defect" -linux-2.6: ignored "unable to find info about defect" -2.6.18-etch-security: ignored "unable to find info about defect" -2.6.24-etch-security: ignored "unable to find info about defect" -2.6.26-lenny-security: ignored "unable to find info about defect" + - i've found the original bug report and bitkeeper patch (see above link) + - i have checked that the bitkeeper patch is indeed present in etch's 2.6.18 + - as of 2.6.26, pgtable.h has been completely rewritten, so it is not affected +Bugs: 300163 +upstream: released (sometime before 2.6.18) +linux-2.6: N/A "pgtable.h completely rewritten" +2.6.18-etch-security: N/A "fixed before 2.6.18" +2.6.24-etch-security: N/A "fixed before 2.6.18" +2.6.26-lenny-security: N/A "pgtable.h completely rewritten" |