summaryrefslogtreecommitdiffstats
path: root/retired
diff options
context:
space:
mode:
authorMoritz Muehlenhoff <jmm@debian.org>2011-06-20 08:59:30 +0000
committerMoritz Muehlenhoff <jmm@debian.org>2011-06-20 08:59:30 +0000
commitd796e0e961aea054fe52744f3a2fb848c808a6ac (patch)
tree22d5a7c4cdbddba5120d6f8a1fd54fbd5b3e86e6 /retired
parent19f0085243a3590e952d85e605f87bd19b2decf4 (diff)
retire issues
git-svn-id: svn+ssh://svn.debian.org/svn/kernel-sec@2372 e094ebfe-e918-0410-adfb-c712417f3574
Diffstat (limited to 'retired')
-rw-r--r--retired/CVE-2011-147712
-rw-r--r--retired/CVE-2011-149310
-rw-r--r--retired/CVE-2011-159312
3 files changed, 34 insertions, 0 deletions
diff --git a/retired/CVE-2011-1477 b/retired/CVE-2011-1477
new file mode 100644
index 00000000..86bf9909
--- /dev/null
+++ b/retired/CVE-2011-1477
@@ -0,0 +1,12 @@
+Candidate: CVE-2011-1477
+Description: buffer overflow in YM8312/OPL-3 chips
+References:
+ http://marc.info/?l=linux-kernel&m=130089499728386&w=2
+Notes:
+ jmm> OSS disabled since Squeeze
+Bugs:
+upstream: released (2.6.39-rc1) [b769f49463711205d57286e64cf535ed4daf59e9]
+2.6.32-upstream-stable: released (2.6.32.37) [ef79e147a62e11f6a657b076bc98192fba725645]
+sid: released (2.6.38-4) [bugfix/all/stable/2.6.38.3.patch]
+2.6.26-lenny-security: released (2.6.26-26lenny3) [bugfix/all/sound-oss-remove-offset-from-load_patch-callbacks.patch]
+2.6.32-squeeze-security: released (2.6.32-34) [bugfix/all/stable/2.6.32.37.patch]
diff --git a/retired/CVE-2011-1493 b/retired/CVE-2011-1493
new file mode 100644
index 00000000..621f160a
--- /dev/null
+++ b/retired/CVE-2011-1493
@@ -0,0 +1,10 @@
+Candidate: CVE-2011-1493
+Description: multiple missing input validation in ROSE
+References:
+Notes:
+Bugs:
+upstream: released (2.6.39-rc1) [be20250c13f88375345ad99950190685eda51eb8]
+2.6.32-upstream-stable: released (2.6.32.37) [62fdb8668c631619251cff6d964556e0f67b8dcd]
+sid: released (2.6.38-4) [bugfix/all/stable/2.6.38.3.patch]
+2.6.26-lenny-security: released (2.6.26-26lenny3) [bugfix/all/rose-prevent-heap-corruption-with-bad-facilities.patch]
+2.6.32-squeeze-security: released (2.6.32-34) [bugfix/all/stable/2.6.32.37.patch]
diff --git a/retired/CVE-2011-1593 b/retired/CVE-2011-1593
new file mode 100644
index 00000000..82acb5e8
--- /dev/null
+++ b/retired/CVE-2011-1593
@@ -0,0 +1,12 @@
+Candidate: CVE-2011-1593
+Description: proc: signedness issue in next_pidmap()
+References:
+ https://bugzilla.redhat.com/show_bug.cgi?id=697822
+ http://groups.google.com/group/fa.linux.kernel/browse_thread/thread/93c1088451fd3522/4a28ecb7f755a88d?#4a28ecb7f755a88d
+Notes:
+Bugs:
+upstream: released (2.6.39-rc4) [c78193e9, d8bdc59f]
+2.6.32-upstream-stable: released (2.6.32.39) [67e022f3add1879292986e779b2aaf6ecb93fa58]
+sid: released (2.6.38-4) [bugfix/all/stable/2.6.38.4.patch]
+2.6.26-lenny-security: released (2.6.26-26lenny3) [bugfix/all/next_pidmap-fix-overflow-condition.patch, bugfix/all/proc-do-proper-range-check-on-readdir-offset.patch]
+2.6.32-squeeze-security: released (2.6.32-34) [bugfix/all/stable/2.6.32.39.patch]

© 2014-2024 Faster IT GmbH | imprint | privacy policy