From 7f4f7f3a53bb8f48a8459069684c987bac9348fd Mon Sep 17 00:00:00 2001 From: Moritz Muehlenhoff Date: Mon, 20 Jun 2011 10:20:26 +0000 Subject: retire issues git-svn-id: svn+ssh://svn.debian.org/svn/kernel-sec@2380 e094ebfe-e918-0410-adfb-c712417f3574 --- retired/CVE-2011-1495 | 14 ++++++++++++++ 1 file changed, 14 insertions(+) create mode 100644 retired/CVE-2011-1495 (limited to 'retired/CVE-2011-1495') diff --git a/retired/CVE-2011-1495 b/retired/CVE-2011-1495 new file mode 100644 index 00000000..876817d1 --- /dev/null +++ b/retired/CVE-2011-1495 @@ -0,0 +1,14 @@ +Candidate: CVE-2011-1495 +Description: information disclosure in mpt2ctl +References: + jmm> http://marc.info/?l=linux-scsi&m=130202237006310&w=2 + jmm> The /dev file is owned by root as standard, so shouldn't be an issue + jmm> for sane installations + jmm> no upstream fix as of 2011-04-18 +Notes: +Bugs: +upstream: released (2.6.39-rc6) [a1f74ae82d133ebb2aabb19d181944b4e83e9960] +2.6.32-upstream-stable: released (2.6.32.40) +sid: released (2.6.38-5) +2.6.26-lenny-security: N/A "code not present" +2.6.32-squeeze-security: released (2.6.32-34) [bugfix/all/mpt2sas-prevent-heap-overflows-and-unchecked-reads.patch] -- cgit v1.2.3