retire a couple issues and a new one

git-svn-id: svn+ssh://svn.debian.org/svn/kernel-sec@2085 e094ebfe-e918-0410-adfb-c712417f3574
author: Raphael Geissert <geissert@debian.org> 2010-12-12 23:54:50 +0000
committer: Raphael Geissert <geissert@debian.org> 2010-12-12 23:54:50 +0000
commit: 9aedbccf8d736b06b791096e1d380213c55fc1c1 (patch)
tree: 2a9521e14e26d9d476e45b68e0ddbcf4f3a246b9 /retired/CVE-2010-4157
parent: 851360b91d5eeb8eee45fef3840b704a2972ff61 (diff)
1 files changed, 12 insertions, 0 deletions
diff --git a/retired/CVE-2010-4157 b/retired/CVE-2010-4157
new file mode 100644
index 00000000..412345c5
--- /dev/null
+++ b/retired/CVE-2010-4157
@@ -0,0 +1,12 @@
+Candidate: CVE-2010-4157
+Description: gdth: integer overflow in ioc_general()
+References:
+Notes:
+ dannf> Not a security issue (discussed on oss-security, iirc)
+ jmm> It was clarified later on oss-sec, that this is in fact exploitable
+Bugs:
+upstream: released (2.6.37-rc1) [f63ae56e4e97fb12053590e41a4fa59e7daa74a4]
+2.6.32-upstream-stable: released (2.6.32.26)
+linux-2.6: released (2.6.32-28) [bugfix/all/stable/2.6.32.26.patch]
+2.6.26-lenny-security: released (2.6.26-26lenny1) [bugfix/all/gdth-integer-overflow-in-ioctl.patch]
+2.6.32-squeeze-security: released (2.6.32-28) [bugfix/all/stable/2.6.32.26.patch]
author	Raphael Geissert <geissert@debian.org>	2010-12-12 23:54:50 +0000
committer	Raphael Geissert <geissert@debian.org>	2010-12-12 23:54:50 +0000
commit	9aedbccf8d736b06b791096e1d380213c55fc1c1 (patch)
tree	2a9521e14e26d9d476e45b68e0ddbcf4f3a246b9 /retired/CVE-2010-4157
parent	851360b91d5eeb8eee45fef3840b704a2972ff61 (diff)