Triage linux/linux-2.6 issues

Various issues are in code we don't ship, or were fixed without a DSA.

Several unimportant, unfixed issues in linux-2.6 still apply to linux.


git-svn-id: svn+ssh://svn.debian.org/svn/secure-testing@36825 e39458fd-73e7-0310-bf30-c45bca0a0e42

1 files changed, 5 insertions, 3 deletions

diff --git a/data/CVE/2006.list b/data/CVE/2006.list
index 8f12221b88..1a310d9e64 100644
--- a/data/CVE/2006.list
+++ b/data/CVE/2006.list
@@ -2519,8 +2519,10 @@ CVE-2006-XXXX [smb4k security issue]
 CVE-2006-6129 (Integer overflow in the fatfile_getarch2 in Apple Mac OS X allows ...)
 	NOT-FOR-US: Apple Mac OS X
 CVE-2006-6128 (The ReiserFS functionality in Linux kernel 2.6.18, and possibly other ...)
-	- linux-2.6 <unfixed> (unimportant)
-	NOTE: Mounting filesystem partitions should be limited to root
+	- linux <not-affected> (Kernel rejects the malformed filesystem)
+	- linux-2.6 <removed>
+	[squeeze] - linux-2.6 <not-affected> (Kernel rejects the malformed filesystem)
+	NOTE: It's not obvious when or how this was fixed
 CVE-2006-6127 (Apple Mac OS X kernel allows local users to cause a denial of service ...)
 	NOT-FOR-US: Apple Mac OS X
 CVE-2006-6126 (Apple Mac OS X allows local users to cause a denial of service (memory ...)
@@ -3463,7 +3465,7 @@ CVE-2006-5703 (Cross-site scripting (XSS) vulnerability in tiki-featured_link.ph
 CVE-2006-5702 (Tikiwiki 1.9.5 allows remote attackers to obtain sensitive information ...)
 	- tikiwiki 1.9.6+dfsg-1 (medium)
 CVE-2006-5701 (Double free vulnerability in squashfs module in the Linux kernel ...)
-	- linux-2.6 <unfixed> (unimportant)
+	- linux-2.6 <not-affected> (Vulnerable code not present)
 	- squashfs 1:3.1r2-6.1
 	NOTE: Mounting filesystem partitions should be limited to root
 CVE-2006-5700