summaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
authorKees Cook <kees@outflux.net>2007-11-22 02:41:43 +0000
committerKees Cook <kees@outflux.net>2007-11-22 02:41:43 +0000
commit94ead38b0b9201fdc26baa95f73f52a90884f7ca (patch)
treec5b9c3edf56bc2151b1dda1990865bb624087c62
parenteda072bc797695ca1d67a1c6af4a72ce737db2cf (diff)
ubuntu kernels pending
git-svn-id: svn+ssh://svn.debian.org/svn/kernel-sec@1024 e094ebfe-e918-0410-adfb-c712417f3574
Diffstat
-rw-r--r--active/CVE-2006-60588
-rw-r--r--active/CVE-2006-72292
-rw-r--r--active/CVE-2007-09974
-rw-r--r--active/CVE-2007-24801
-rw-r--r--active/CVE-2007-41335
-rw-r--r--active/CVE-2007-45674
-rw-r--r--active/CVE-2007-457111
-rw-r--r--active/CVE-2007-48496
-rw-r--r--active/CVE-2007-49978
-rw-r--r--active/CVE-2007-509312
-rw-r--r--active/CVE-2007-55008
-rw-r--r--active/CVE-2007-55012
-rwxr-xr-xscripts/ubuntu-table2
13 files changed, 41 insertions, 32 deletions
diff --git a/active/CVE-2006-6058 b/active/CVE-2006-6058
index 85686e2c..e26e6699 100644
--- a/active/CVE-2006-6058
+++ b/active/CVE-2006-6058
@@ -23,7 +23,7 @@ linux-2.6: ignored
2.6.18-etch-security: ignored
2.6.8-sarge-security: ignored
2.4.27-sarge-security: ignored
-2.6.15-dapper-security: needed
-2.6.17-edgy-security: needed
-2.6.20-feisty-security: needed
-2.6.22-gutsy-security: needed
+2.6.15-dapper-security: pending (2.6.15-29.61)
+2.6.17-edgy-security: pending (2.6.17.1-12.42)
+2.6.20-feisty-security: pending (2.6.20-16.33)
+2.6.22-gutsy-security: pending (2.6.22-14.47)
diff --git a/active/CVE-2006-7229 b/active/CVE-2006-7229
index a9b5bfe3..f1a0d54e 100644
--- a/active/CVE-2006-7229
+++ b/active/CVE-2006-7229
@@ -11,7 +11,7 @@ linux-2.6: N/A
2.6.18-etch-security: N/A
2.6.8-sarge-security: N/A
2.4.27-sarge-security: N/A
-2.6.15-dapper-security: needed
+2.6.15-dapper-security: pending (2.6.15-29.61)
2.6.17-edgy-security: N/A
2.6.20-feisty-security: N/A
2.6.22-gutsy-security: N/A
diff --git a/active/CVE-2007-0997 b/active/CVE-2007-0997
index 0ccf4bde..d611f6f8 100644
--- a/active/CVE-2007-0997
+++ b/active/CVE-2007-0997
@@ -12,12 +12,12 @@ Ubuntu-Description:
Notes:
jmm> commit aadd06e5c56b9ff5117ec77e59eada43dc46e2fc
Bugs:
-upstream: released (2.6.18)
+upstream: released (2.6.18), release (2.6.17.7)
linux-2.6: released (2.6.18-1)
2.6.18-etch-security: N/A
2.6.8-sarge-security:
2.4.27-sarge-security:
2.6.15-dapper-security: N/A
-2.6.17-edgy-security: needed
+2.6.17-edgy-security: N/A
2.6.20-feisty-security: N/A
2.6.22-gutsy-security: N/A
diff --git a/active/CVE-2007-2480 b/active/CVE-2007-2480
index 2a0967d0..547ac435 100644
--- a/active/CVE-2007-2480
+++ b/active/CVE-2007-2480
@@ -19,3 +19,4 @@ linux-2.6: released (2.6.22-1)
2.6.15-dapper-security: needed (needs backporting)
2.6.17-edgy-security: needed (needs backporting)
2.6.20-feisty-security: needed
+2.6.22-gutsy-security: N/A
diff --git a/active/CVE-2007-4133 b/active/CVE-2007-4133
index cb393279..c56cb80c 100644
--- a/active/CVE-2007-4133
+++ b/active/CVE-2007-4133
@@ -12,6 +12,7 @@ linux-2.6: released (2.6.20-1)
2.6.18-etch-security: released (2.6.18.dfsg.1-13etch4) [bugfix/hugetlb-prio_tree-unit-fix.patch]
2.6.8-sarge-security:
2.4.27-sarge-security: N/A
-2.6.15-dapper-security: needed
-2.6.17-edgy-security: needed
+2.6.15-dapper-security: pending (2.6.15-29.61)
+2.6.17-edgy-security: pending (2.6.17.1-12.42)
2.6.20-feisty-security: N/A
+2.6.22-gutsy-security: N/A
diff --git a/active/CVE-2007-4567 b/active/CVE-2007-4567
index b772d4db..c5bca8dc 100644
--- a/active/CVE-2007-4567
+++ b/active/CVE-2007-4567
@@ -1,6 +1,6 @@
Candidate: CVE-2007-4567
References:
- http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git;a=commit;h=e76b2b2567b83448c2ee85a896433b96150c92e6
+ http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git;a=commitdiff;h=e76b2b2567b83448c2ee85a896433b96150c92e6
http://bugzilla.kernel.org/show_bug.cgi?id=8450
Description:
Ubuntu-Description:
@@ -14,5 +14,5 @@ linux-2.6:
2.4.27-sarge-security: N/A
2.6.15-dapper-security: N/A
2.6.17-edgy-security: N/A
-2.6.20-feisty-security: needed
+2.6.20-feisty-security: pending (2.6.20-2.6.20-16.33)
2.6.22-gutsy-security: N/A
diff --git a/active/CVE-2007-4571 b/active/CVE-2007-4571
index 56afd52b..8a601c59 100644
--- a/active/CVE-2007-4571
+++ b/active/CVE-2007-4571
@@ -1,6 +1,7 @@
Candidate: CVE-2007-4571
References:
- http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git;a=commit;h=ccec6e2c4a74adf76ed4e2478091a311b1806212
+ http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git;a=commitdiff;h=ccec6e2c4a74adf76ed4e2478091a311b1806212
+ http://git.kernel.org/?p=linux/kernel/git/stable/linux-2.6.22.y.git;a=commitdiff;h=788450fa451454cc8ff3593b4f9fdb653c296583
http://kernel.org/pub/linux/kernel/v2.6/ChangeLog-2.6.22.8
http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=600
Description:
@@ -13,7 +14,7 @@ linux-2.6: released (2.6.22-5)
2.6.18-etch-security: ignored (2.6.18.dfsg.1-13etch3)
2.6.8-sarge-security:
2.4.27-sarge-security:
-2.6.15-dapper-security: needed
-2.6.17-edgy-security: needed
-2.6.20-feisty-security: needed
-2.6.22-gutsy-security: needed
+2.6.15-dapper-security: deferred
+2.6.17-edgy-security: deferred
+2.6.20-feisty-security: deferred
+2.6.22-gutsy-security: deferred
diff --git a/active/CVE-2007-4849 b/active/CVE-2007-4849
index b04594dc..98935417 100644
--- a/active/CVE-2007-4849
+++ b/active/CVE-2007-4849
@@ -3,6 +3,7 @@ References:
http://git.infradead.org/?p=mtd-2.6.git;a=commitdiff;h=9ed437c50d89eabae763dd422579f73fdebf288d
http://lists.infradead.org/pipermail/linux-mtd-cvs/2007-August/005897.html
http://dev.laptop.org/ticket/2732
+ http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git;a=commitdiff;h=9ed437c50d89eabae763dd422579f73fdebf288d
Description:
JFFS2, as used on One Laptop Per Child (OLPC) build 542 and possibly other Linux
systems, when POSIX ACL support is enabled, does not properly store permissions during
@@ -20,5 +21,6 @@ linux-2.6: needed
2.6.8-sarge-security: N/A
2.4.27-sarge-security: N/A
2.6.15-dapper-security: N/A
-2.6.17-edgy-security: needed
-2.6.20-feisty-security: needed
+2.6.17-edgy-security: N/A
+2.6.20-feisty-security: pending (2.6.20-16.33)
+2.6.22-gutsy-security: pending (2.6.22-14.47)
diff --git a/active/CVE-2007-4997 b/active/CVE-2007-4997
index 11662ec6..cebb2780 100644
--- a/active/CVE-2007-4997
+++ b/active/CVE-2007-4997
@@ -1,6 +1,7 @@
Candidate: CVE-2007-4997
References:
http://git.kernel.org/?p=linux/kernel/git/avi/kvm.git;a=commitdiff;h=04045f98e0457aba7d4e6736f37eed189c48a5f7
+ http://git.kernel.org/?p=linux/kernel/git/stable/linux-2.6.23.y.git;a=commitdiff;h=04045f98e0457aba7d4e6736f37eed189c48a5f7
Description:
Ubuntu-Description:
Notes:
@@ -17,6 +18,7 @@ linux-2.6: needed
2.6.18-etch-security: pending (2.6.18.dfsg.1-13etch5) [bugfix/ieee80211-underflow.patch]
2.6.8-sarge-security: N/A
2.4.27-sarge-security: N/A
-2.6.15-dapper-security: needed
-2.6.17-edgy-security: needed
-2.6.20-feisty-security: needed
+2.6.15-dapper-security: pending (2.6.15-29.61)
+2.6.17-edgy-security: pending (2.6.17.1-12.42)
+2.6.20-feisty-security: pending (2.6.20-16.33)
+2.6.22-gutsy-security: pending (2.6.22-14.47)
diff --git a/active/CVE-2007-5093 b/active/CVE-2007-5093
index 8e2b5fbf..d10018e7 100644
--- a/active/CVE-2007-5093
+++ b/active/CVE-2007-5093
@@ -1,6 +1,7 @@
Candidate: CVE-2007-5093
References:
http://git.kernel.org/?p=linux/kernel/git/stable/linux-2.6-stable.git;a=commitdiff;h=852ffe0acf89f959e8d35080bbd2bdc2d8f2e9e5
+ http://git.kernel.org/?p=linux/kernel/git/stable/linux-2.6.22.y.git;a=commitdiff;h=85237f202d46d55c1bffe0c5b1aa3ddc0f1dce4d
MLIST:20070902 Oops in pwc v4l driver
URL:http://marc.info/?l=linux-kernel&m=118873457814808&w=2
MLIST:20070903 Re: Oops in pwc v4l driver
@@ -17,13 +18,14 @@ Description:
unless the attacker can convince the victim to unplug the affected device.
Ubuntu-Description:
Notes:
+ kees> debug regression was fixed in http://git.kernel.org/?p=linux/kernel/git/stable/linux-2.6.22.y.git;a=commitdiff;h=a3a066bffd7754e6d40c48972e698352f6cd6c4e
Bugs:
-upstream:
+upstream: released (2.6.22.6)
linux-2.6:
2.6.18-etch-security: released (2.6.18.dfsg.1-13etch4) [bugfix/usb-pwc-disconnect-block.patch]
2.6.8-sarge-security:
2.4.27-sarge-security:
-2.6.15-dapper-security: needed
-2.6.17-edgy-security: needed
-2.6.20-feisty-security: needed
-2.6.20-gutsy-security: needed
+2.6.15-dapper-security: pending (2.6.15-29.61)
+2.6.17-edgy-security: pending (2.6.17.1-12.42)
+2.6.20-feisty-security: pending (2.6.20-16.33)
+2.6.22-gutsy-security: N/A
diff --git a/active/CVE-2007-5500 b/active/CVE-2007-5500
index 76b5736d..1b613293 100644
--- a/active/CVE-2007-5500
+++ b/active/CVE-2007-5500
@@ -12,7 +12,7 @@ linux-2.6:
2.6.18-etch-security:
2.6.8-sarge-security:
2.4.27-sarge-security:
-2.6.15-dapper-security: needed
-2.6.17-edgy-security: needed
-2.6.20-feisty-security: needed
-2.6.22-gutsy-security: needed
+2.6.15-dapper-security: pending (2.6.15-29.61)
+2.6.17-edgy-security: pending (2.6.17.1-12.42)
+2.6.20-feisty-security: pending (2.6.20-16.33)
+2.6.22-gutsy-security: pending (2.6.22-14.47)
diff --git a/active/CVE-2007-5501 b/active/CVE-2007-5501
index 84b5e715..1f62fc40 100644
--- a/active/CVE-2007-5501
+++ b/active/CVE-2007-5501
@@ -15,4 +15,4 @@ linux-2.6: needed
2.6.15-dapper-security: N/A
2.6.17-edgy-security: N/A
2.6.20-feisty-security: N/A
-2.6.22-gutsy-security: needed
+2.6.22-gutsy-security: pending (2.6.22-14.47)
diff --git a/scripts/ubuntu-table b/scripts/ubuntu-table
index 868b5c6e..f9690b64 100755
--- a/scripts/ubuntu-table
+++ b/scripts/ubuntu-table
@@ -1,7 +1,7 @@
#!/usr/bin/env python
import os, re, sys
-releases = ['2.6.15-dapper-security', '2.6.17-edgy-security', '2.6.20-feisty-security']
+releases = ['2.6.15-dapper-security', '2.6.17-edgy-security', '2.6.20-feisty-security', '2.6.22-gutsy-security']
table = dict()
cves = [elem for elem in os.listdir('.') if re.match('^CVE-\d+-\d+$',elem)]

© 2014-2024 Faster IT GmbH | imprint | privacy policy