From 7bfe7c70160be8e0a1e7d2de0c4d658a0fcd537e Mon Sep 17 00:00:00 2001
From: Raphael Geissert <geissert@debian.org>
Date: Sat, 19 Dec 2009 21:03:37 +0000
Subject: move tcp design flaw to ignored issues

git-svn-id: svn+ssh://svn.debian.org/svn/kernel-sec@1661 e094ebfe-e918-0410-adfb-c712417f3574
---
 active/CVE-2008-4609  | 25 -------------------------
 ignored/CVE-2008-4609 | 25 +++++++++++++++++++++++++
 2 files changed, 25 insertions(+), 25 deletions(-)
 delete mode 100644 active/CVE-2008-4609
 create mode 100644 ignored/CVE-2008-4609

diff --git a/active/CVE-2008-4609 b/active/CVE-2008-4609
deleted file mode 100644
index 711146ef..00000000
--- a/active/CVE-2008-4609
+++ /dev/null
@@ -1,25 +0,0 @@
-Candidate: CVE-2008-4609
-Description:
- The TCP implementation in (1) Linux, (2) platforms based on BSD Unix, (3) Microsoft 
- Windows, (4) Cisco products, and probably other operating systems allows remote 
- attackers to cause a denial of service (connection queue exhaustion) via multiple 
- vectors that manipulate information in the TCP state table, as demonstrated by 
- sockstress.
-References:
- http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-4609
- http://www.openwall.com/lists/oss-security/2009/09/16/4
- http://www.openwall.com/lists/oss-security/2009/09/16/5
- http://kbase.redhat.com/faq/docs/DOC-18730
- http://www.cpni.gov.uk/Docs/tn-03-09-security-assessment-TCP.pdf
-Ubuntu-Description:
-Notes:
- - apparently some fundamental flaws in tcp.  microsoft patched this in versions >xp.
- - lots of speculation but not much definitive. not sure whether its too big of a deal
- - just denial-of-services?
- - ignored by redhat
-Bugs:
-upstream: 
-linux-2.6: 
-2.6.18-etch-security: ignored
-2.6.24-etch-security: ignored
-2.6.26-lenny-security: ignored ("no upstream fix")
diff --git a/ignored/CVE-2008-4609 b/ignored/CVE-2008-4609
new file mode 100644
index 00000000..711146ef
--- /dev/null
+++ b/ignored/CVE-2008-4609
@@ -0,0 +1,25 @@
+Candidate: CVE-2008-4609
+Description:
+ The TCP implementation in (1) Linux, (2) platforms based on BSD Unix, (3) Microsoft 
+ Windows, (4) Cisco products, and probably other operating systems allows remote 
+ attackers to cause a denial of service (connection queue exhaustion) via multiple 
+ vectors that manipulate information in the TCP state table, as demonstrated by 
+ sockstress.
+References:
+ http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-4609
+ http://www.openwall.com/lists/oss-security/2009/09/16/4
+ http://www.openwall.com/lists/oss-security/2009/09/16/5
+ http://kbase.redhat.com/faq/docs/DOC-18730
+ http://www.cpni.gov.uk/Docs/tn-03-09-security-assessment-TCP.pdf
+Ubuntu-Description:
+Notes:
+ - apparently some fundamental flaws in tcp.  microsoft patched this in versions >xp.
+ - lots of speculation but not much definitive. not sure whether its too big of a deal
+ - just denial-of-services?
+ - ignored by redhat
+Bugs:
+upstream: 
+linux-2.6: 
+2.6.18-etch-security: ignored
+2.6.24-etch-security: ignored
+2.6.26-lenny-security: ignored ("no upstream fix")
-- 
cgit v1.2.3