retire issues

git-svn-id: svn+ssh://svn.debian.org/svn/kernel-sec@2380 e094ebfe-e918-0410-adfb-c712417f3574

1 files changed, 14 insertions, 0 deletions

diff --git a/retired/CVE-2011-1495 b/retired/CVE-2011-1495
new file mode 100644
index 00000000..876817d1
--- /dev/null
+++ b/retired/CVE-2011-1495
@@ -0,0 +1,14 @@
+Candidate: CVE-2011-1495
+Description: information disclosure in mpt2ctl
+References:
+ jmm> http://marc.info/?l=linux-scsi&m=130202237006310&w=2
+ jmm> The /dev file is owned by root as standard, so shouldn't be an issue
+ jmm> for sane installations
+ jmm> no upstream fix as of 2011-04-18
+Notes:
+Bugs:
+upstream: released (2.6.39-rc6) [a1f74ae82d133ebb2aabb19d181944b4e83e9960]
+2.6.32-upstream-stable: released (2.6.32.40)
+sid: released (2.6.38-5)
+2.6.26-lenny-security: N/A "code not present"
+2.6.32-squeeze-security: released (2.6.32-34) [bugfix/all/mpt2sas-prevent-heap-overflows-and-unchecked-reads.patch]