[Secure-testing-commits] r218 - sarge-checks/CAN

Joey Hess joeyh@haydn.debian.org
Thu, 30 Dec 2004 12:03:32 -0700 

Author: joeyh
Date: 2004-12-30 12:03:13 -0700 (Thu, 30 Dec 2004)
New Revision: 218

Modified:
   sarge-checks/CAN/list
Log:
kernel security updates


Modified: sarge-checks/CAN/list
===================================================================
--- sarge-checks/CAN/list	2004-12-30 17:57:42 UTC (rev 217)
+++ sarge-checks/CAN/list	2004-12-30 19:03:13 UTC (rev 218)
@@ -371,8 +371,7 @@
 CAN-2004-1138 (Unknown vulnerability in Vim modeline options, such as (1) termcap, ...)
 	- vim 1:6.3-046+0sarge1
 CAN-2004-1137 (Multiple vulnerabilities in the IGMP functionality for Linux kernel ...)
-	NOTE: Fixed in kernel team svn
-	TODO: track fix
+	- kernel-image-2.4.27-i386 2.4.27-7
 CAN-2004-1136 (Buffer overflow in CuteFTP Professional 6.0, and possibly other ...)
 	NOTE: not-for-us (CuteFTP)
 CAN-2004-1135 (Multiple buffer overflows in WS_FTP Server 5.03 2004.10.14 allow ...)
@@ -502,6 +501,7 @@
 	- zope-zwiki (unfixed; bug #282944)
 CAN-2004-1074 (The binfmt functionality in the Linux kernel, when "memory overcommit" ...)
 	- kernel-source-2.6.8 2.6.8-9
+	- kernel-source-2.4.27 2.4.27-7
 CAN-2004-1073 (The open_exec function in the execve functionality (exec.c) in Linux ...)
 	NOTE: fixed in 2.6.8 and 2.4.27
 CAN-2004-1072 (The binfmt_elf loader (binfmt_elf.c) in Linux kernel 2.4.x up to ...)
@@ -514,8 +514,8 @@
 	NOTE: fixed in kernel team svn, 2.6 only issue
 	TODO: make sure it gets to testing, add release version
 CAN-2004-1068 (A "missing serialization" error in the unix_dgram_recvmsg function in ...)
-	NOTE: fixed in kernel team svn, 2.6 only issue
-	TODO: make sure it gets to testing, add release version
+	TODO: make sure it gets to testing, and the kernel-images built from it
+	- kernel-source-2.4.27 2.4.27-7
 CAN-2004-1067 (Off-by-one error in the mysasl_canon_user function in Cyrus IMAP ...)
 	NOTE: verified cyrus21-imapd 2.1.17-3 is not vulnerable, seems
 	NOTE: to only affect 2.2 series.
@@ -532,6 +532,7 @@
 	- php4 4:4.3.10-1
 CAN-2004-1062
 	NOTE: reserved
+	- viewcvs (unfixed; bug #287771)
 CAN-2004-1061
 	NOTE: reserved
 CAN-2004-1060
@@ -629,8 +630,7 @@
 CAN-2004-1017
 	NOTE: reserved
 CAN-2004-1016 (The scm_send function in the scm layer for Linux kernel 2.4.x up to ...)
-	NOTE: fixed in kernel team svn
-	TODO: track fix
+	- kernel-image-2.4.27-i386 2.4.27-7
 CAN-2004-1015 (Buffer overflow in proxyd for Cyrus IMAP Server 2.2.9 and earlier, ...)
 	NOTE: cyrus-imapd not vulnerable
 	NOTE: cyrus21-imapd not vulnerable
@@ -1106,12 +1106,8 @@
 	{DSA-600-1}
 CAN-2004-0814 (Multiple race conditions in the terminal layer in Linux 2.4.x, and ...)
 	- kernel-source-2.6.8 2.6.8-8
-	- kernel-source-2.4.27 2.4.27-6
-	NOTE: "fix race conditions in linux terminal subsystem"
+	- kernel-source-2.4.27 2.4.27-7
 	NOTE: and all kernels build from it:
-	- kernel-image-2.6.8-1-386 2.6.8-5
-	- kernel-image-2.4.27-i386 2.4.27-6
-	TODO: other arches?
 CAN-2004-0813 (Unknown vulnerability in the SG_IO functionality in ide-cd allows ...)
 	NOTE: ide-cd SG_IO vulnerability
 	NOTE: fixed in recent 2.6 and 2.4 kernels