From f6a453ba0ca101605c1b35d53653dd63b3e799df Mon Sep 17 00:00:00 2001
From: Moritz Muehlenhoff <jmm@debian.org>
Date: Wed, 16 Apr 2014 16:07:38 +0000
Subject: some update

git-svn-id: svn+ssh://svn.debian.org/svn/kernel-sec@3320 e094ebfe-e918-0410-adfb-c712417f3574
---
 dsa-texts/2.6.32-48squeeze5 | 25 +++++++++++++++++++++++++
 1 file changed, 25 insertions(+)

(limited to 'dsa-texts/2.6.32-48squeeze5')

diff --git a/dsa-texts/2.6.32-48squeeze5 b/dsa-texts/2.6.32-48squeeze5
index e6b62ddf..84294c63 100644
--- a/dsa-texts/2.6.32-48squeeze5
+++ b/dsa-texts/2.6.32-48squeeze5
@@ -35,11 +35,36 @@ CVE-2013-2147
     allowing users to gain access to sensitive kernel memory.
 
 CVE-2013-2889
+
+    Kees Cook discovered that missing input sanitising in the HID
+    driver for Zeroplus game pads could lead to local denial of service.
+
 CVE-2013-2893
+
+    Kees Cook discovered that missing input sanitising in the HID
+    driver for various Logitech force feedback devices could lead to local 
+    denial of service.
+
 CVE-2013-2929
+
+    Vasily Kulikov discovered that a flaw in the get_dumpable() function of
+    the ptrace subsytsem could lead to information disclosure. 
+    'fs.suid_dumpable' needs to be set to 2.
+
 CVE-2013-4162
+
+    Hannes Frederic Sowa discovered that incorrect handling of IPv6 sockets
+    using the UDP_CORK option could result in denial of service.
+
 CVE-2013-4299
+
+    A bug in the device mapper can lead to information disclosure.
+
 CVE-2013-4345
+
+    Stephan Mueller found in bug in the ANSI pseudo random number generator
+    which could lead to the use of less entropy than expected.
+
 CVE-2013-4511
 CVE-2013-4512
 CVE-2013-4587
-- 
cgit v1.2.3