diff options
author | Moritz Muehlenhoff <jmm@debian.org> | 2007-04-30 17:17:18 +0000 |
---|---|---|
committer | Moritz Muehlenhoff <jmm@debian.org> | 2007-04-30 17:17:18 +0000 |
commit | a7d7adb819f329fecd6d48e9af34d4f21c1c49d4 (patch) | |
tree | f6ef22fcffc4995d9395c9e569c874e22af33e11 /ignored/CVE-2005-2873 | |
parent | dfce9f8dc961eaa94eb9c9ac11012f02407e74a9 (diff) |
moving ipt_recent design issue to ignored/, the directory for
issues, which are broken by design or too complex to backport
git-svn-id: svn+ssh://svn.debian.org/svn/kernel-sec@776 e094ebfe-e918-0410-adfb-c712417f3574
Diffstat (limited to 'ignored/CVE-2005-2873')
-rw-r--r-- | ignored/CVE-2005-2873 | 28 |
1 files changed, 28 insertions, 0 deletions
diff --git a/ignored/CVE-2005-2873 b/ignored/CVE-2005-2873 new file mode 100644 index 00000000..3b3066ce --- /dev/null +++ b/ignored/CVE-2005-2873 @@ -0,0 +1,28 @@ +Candidate: CVE-2005-2873 +References: + URL: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2005-2873 + Final-Decision: + Interim-Decision: + Modified: + Proposed: + Assigned: 20050909 + Category: SF + MISC:http://blog.blackdown.de/2005/05/09/fixing-the-ipt_recent-netfilter-module/ +Description: + The ipt_recent kernel module (ipt_recent.c) in Linux kernel 2.6.12 and + earlier does not properly perform certain time tests when the jiffies + value is greater than LONG_MAX, which can cause ipt_recent netfilter + rules to block too early, a different vulnerability than + CVE-2005-2872. +Notes: + horms> No patch that is acceptable upstream is available + http://lists.debian.org/debian-kernel/2005/09/msg00257.html + jmm> There's now a complete rewrite by Patrick McHardy in 2.6.18 + jmm> This change won't be backported to Sarge, if this poses a problem an update + jmm> to Etch is required +upstream: released (2.6.18) +Bugs: 332381, 332231, 332228 +linux-2.6: released (2.6.18-1) +2.6.8-sarge-security: ignored (2.6.8-16sarge5) +2.4.27-sarge-security: ignored (2.4.27-10sarge4) +2.6.18-etch-security: N/A |