diff options
author | dann frazier <dannf@debian.org> | 2008-07-20 21:58:00 +0000 |
---|---|---|
committer | dann frazier <dannf@debian.org> | 2008-07-20 21:58:00 +0000 |
commit | cffb363c568e15bb95549d0c5746068cca9c94bf (patch) | |
tree | e0434734275d36074875867c87f80245c22cc450 /retired/CVE-2007-2242 | |
parent | 5573dc627c8198493da4d51a700922f187269fb9 (diff) |
Debian updates; retire several issues
git-svn-id: svn+ssh://svn.debian.org/svn/kernel-sec@1197 e094ebfe-e918-0410-adfb-c712417f3574
Diffstat (limited to 'retired/CVE-2007-2242')
-rw-r--r-- | retired/CVE-2007-2242 | 33 |
1 files changed, 33 insertions, 0 deletions
diff --git a/retired/CVE-2007-2242 b/retired/CVE-2007-2242 new file mode 100644 index 00000000..b656dac1 --- /dev/null +++ b/retired/CVE-2007-2242 @@ -0,0 +1,33 @@ +Candidate: CVE-2007-2242 +References: + http://git.kernel.org/?p=linux/kernel/git/stable/linux-2.6.20.y.git;a=commit;h=010831ab8436dfd9304b203467566fb6b135c24f + http://git.kernel.org/?p=linux/kernel/git/stable/linux-2.6.20.y.git;a=commit;h=9d08f139275450f9366d85ba09b9a2e09bb33766 +Description: + The IPv6 protocol allows remote attackers to cause a denial of service via + crafted IPv6 type 0 route headers (IPV6_RTHDR_TYPE_0) that create network + amplification between two routers. +Ubuntu-Description: + A flaw was discovered in the IPv6 stack's handling of type 0 route headers. + By sending a specially crafted IPv6 packet, a remote attacker could cause + a denial of service between two IPv6 hosts. +Notes: + dannf> Some info from Vlad Yasevich: + <vlad> dannf: is someone including commits 010831ab8436dfd9304b203467566fb6b135c24f and 9d08f139275450f9366d85ba09b9a2e09bb33766 (IPv6 routing header changes) in the debian kernel? + ... + <dannf> vlad: right, but (010831ab8436dfd9304b203467566fb6b135c24f) is security, so it'll be included in etch if necessary + <dannf> s/necessary/affected/ + <vlad> dannf: you need the second one I listed as well, since the first one has a bug in it. + <dannf> vlad: oh, ok - thx + <vlad> dannf: although for the purposes of 2.6.18, the second one might be a no-op and the first one might need to be modified a bit. + jmm> Contacted Willy + dannf> functions are different, but 2.4 code looks similar + dannf> My 2.4 backport attempt causes a crash at boot time, ignoring for now +Bugs: 421595 +upstream: released (2.6.21) +linux-2.6: released (2.6.21-1) +2.6.18-etch-security: released (2.6.18.dfsg.1-13etch1) [bugfix/ipv6-disallow-RH0-by-default.patch] +2.6.8-sarge-security: needed +2.4.27-sarge-security: ignored (2.4.27-10sarge6) "needs port" +2.6.15-dapper-security: released (2.6.15-29.58) +2.6.17-edgy-security: released (2.6.17.1-11.39) [fee89820efa8e3479b39149dcfb2b1bccdaadedc] +2.6.20-feisty-security: released (2.6.20-16.28) |