diff options
author | Moritz Muehlenhoff <jmm@debian.org> | 2011-06-20 08:59:30 +0000 |
---|---|---|
committer | Moritz Muehlenhoff <jmm@debian.org> | 2011-06-20 08:59:30 +0000 |
commit | d796e0e961aea054fe52744f3a2fb848c808a6ac (patch) | |
tree | 22d5a7c4cdbddba5120d6f8a1fd54fbd5b3e86e6 /retired | |
parent | 19f0085243a3590e952d85e605f87bd19b2decf4 (diff) |
retire issues
git-svn-id: svn+ssh://svn.debian.org/svn/kernel-sec@2372 e094ebfe-e918-0410-adfb-c712417f3574
Diffstat (limited to 'retired')
-rw-r--r-- | retired/CVE-2011-1477 | 12 | ||||
-rw-r--r-- | retired/CVE-2011-1493 | 10 | ||||
-rw-r--r-- | retired/CVE-2011-1593 | 12 |
3 files changed, 34 insertions, 0 deletions
diff --git a/retired/CVE-2011-1477 b/retired/CVE-2011-1477 new file mode 100644 index 00000000..86bf9909 --- /dev/null +++ b/retired/CVE-2011-1477 @@ -0,0 +1,12 @@ +Candidate: CVE-2011-1477 +Description: buffer overflow in YM8312/OPL-3 chips +References: + http://marc.info/?l=linux-kernel&m=130089499728386&w=2 +Notes: + jmm> OSS disabled since Squeeze +Bugs: +upstream: released (2.6.39-rc1) [b769f49463711205d57286e64cf535ed4daf59e9] +2.6.32-upstream-stable: released (2.6.32.37) [ef79e147a62e11f6a657b076bc98192fba725645] +sid: released (2.6.38-4) [bugfix/all/stable/2.6.38.3.patch] +2.6.26-lenny-security: released (2.6.26-26lenny3) [bugfix/all/sound-oss-remove-offset-from-load_patch-callbacks.patch] +2.6.32-squeeze-security: released (2.6.32-34) [bugfix/all/stable/2.6.32.37.patch] diff --git a/retired/CVE-2011-1493 b/retired/CVE-2011-1493 new file mode 100644 index 00000000..621f160a --- /dev/null +++ b/retired/CVE-2011-1493 @@ -0,0 +1,10 @@ +Candidate: CVE-2011-1493 +Description: multiple missing input validation in ROSE +References: +Notes: +Bugs: +upstream: released (2.6.39-rc1) [be20250c13f88375345ad99950190685eda51eb8] +2.6.32-upstream-stable: released (2.6.32.37) [62fdb8668c631619251cff6d964556e0f67b8dcd] +sid: released (2.6.38-4) [bugfix/all/stable/2.6.38.3.patch] +2.6.26-lenny-security: released (2.6.26-26lenny3) [bugfix/all/rose-prevent-heap-corruption-with-bad-facilities.patch] +2.6.32-squeeze-security: released (2.6.32-34) [bugfix/all/stable/2.6.32.37.patch] diff --git a/retired/CVE-2011-1593 b/retired/CVE-2011-1593 new file mode 100644 index 00000000..82acb5e8 --- /dev/null +++ b/retired/CVE-2011-1593 @@ -0,0 +1,12 @@ +Candidate: CVE-2011-1593 +Description: proc: signedness issue in next_pidmap() +References: + https://bugzilla.redhat.com/show_bug.cgi?id=697822 + http://groups.google.com/group/fa.linux.kernel/browse_thread/thread/93c1088451fd3522/4a28ecb7f755a88d?#4a28ecb7f755a88d +Notes: +Bugs: +upstream: released (2.6.39-rc4) [c78193e9, d8bdc59f] +2.6.32-upstream-stable: released (2.6.32.39) [67e022f3add1879292986e779b2aaf6ecb93fa58] +sid: released (2.6.38-4) [bugfix/all/stable/2.6.38.4.patch] +2.6.26-lenny-security: released (2.6.26-26lenny3) [bugfix/all/next_pidmap-fix-overflow-condition.patch, bugfix/all/proc-do-proper-range-check-on-readdir-offset.patch] +2.6.32-squeeze-security: released (2.6.32-34) [bugfix/all/stable/2.6.32.39.patch] |