retire issues

git-svn-id: svn+ssh://svn.debian.org/svn/kernel-sec@2095 e094ebfe-e918-0410-adfb-c712417f3574

2 files changed, 25 insertions, 0 deletions

diff --git a/retired/CVE-2010-2942 b/retired/CVE-2010-2942
new file mode 100644
index 00000000..5571009f
--- /dev/null
+++ b/retired/CVE-2010-2942
@@ -0,0 +1,14 @@
+Candidate: CVE-2010-2942
+Description:
+ 32-bits of kernel memory are leaked to user land via tc dump
+References:
+ http://www.openwall.com/lists/oss-security/2010/08/18/1
+ jmm> http://patchwork.ozlabs.org/patch/61857/
+ jmm> https://bugzilla.redhat.com/show_bug.cgi?id=624903
+Notes:
+Bugs:
+upstream: released (2.6.36-rc3) [1c40be1]
+2.6.32-upstream-stable: released (2.6.32.27)
+linux-2.6: released (2.6.32-25) [bugfix/all/act_nat-use-stack-variable.patch, bugfix/all/net-sched-fix-some-memory-leaks.patch]
+2.6.26-lenny-security: released (2.6.26-25) [bugfix/all/net-sched-fix-some-kernel-memory-leaks.patch]
+2.6.32-squeeze-security: released (2.6.32-25) [bugfix/all/act_nat-use-stack-variable.patch, bugfix/all/net-sched-fix-some-memory-leaks.patch]
diff --git a/retired/CVE-2010-3849 b/retired/CVE-2010-3849
new file mode 100644
index 00000000..fec9b24e
--- /dev/null
+++ b/retired/CVE-2010-3849
@@ -0,0 +1,11 @@
+Candidate: CVE-2010-3849
+Description:
+References:
+ http://git.kernel.org/?p=linux/kernel/git/davem/net-2.6.git;a=commit;h=fa0e846494792e722d817b9d3d625a4ef4896c96
+Notes:
+Bugs:
+upstream: released (2.6.37-rc4) [fa0e846494792e722d817b9d3d625a4ef4896c96]
+2.6.32-upstream-stable: released (2.6.32.27)
+linux-2.6: released (2.6.32-28) [bugfix/all/econet-disallow-NULL-remote-addr-for-sendmsg.patch]
+2.6.26-lenny-security: released (2.6.26-26lenny1) [bugfix/all/econet-disallow-NULL-remote-addr-for-sendmsg.patch]
+2.6.32-squeeze-security: released (2.6.32-28) [bugfix/all/econet-disallow-NULL-remote-addr-for-sendmsg.patch]