[Secure-testing-commits] r27 - sarge-checks/CAN
Joey Hess
joeyh@haydn.debian.org
Thu, 28 Oct 2004 15:14:41 -0600
Author: joeyh
Date: 2004-10-28 15:14:27 -0600 (Thu, 28 Oct 2004)
New Revision: 27
Modified:
sarge-checks/CAN/list
Log:
updated kernel CANs based on ultra monkey DB
Modified: sarge-checks/CAN/list
===================================================================
--- sarge-checks/CAN/list 2004-10-28 20:33:28 UTC (rev 26)
+++ sarge-checks/CAN/list 2004-10-28 21:14:27 UTC (rev 27)
@@ -834,7 +834,7 @@
CAN-2004-0588
- usermin 1.090-1
CAN-2004-0587
- TODO: unchecked
+ - qla2x00-source (unfixed; bug #27870)
CAN-2004-0586
NOTE: not-for-us (Windows)
CAN-2004-0585
@@ -1024,7 +1024,7 @@
CAN-2004-0496
TODO: unchecked
CAN-2004-0495
- TODO: unchecked
+ NOTE: fixed in 2.4.27-rc1
CAN-2004-0494
TODO: unchecked
CAN-2004-0493
@@ -1120,7 +1120,7 @@
CAN-2004-0448
NOTE: covered by DSA-510
CAN-2004-0447
- TODO: unchecked
+ NOTE: fixed in linux 2.4.26
CAN-2004-0446
NOTE: reserved
CAN-2004-0445
@@ -1189,7 +1189,7 @@
- cvs 1:1.12.9-1
NOTE: covered by DSA-519
CAN-2004-0415
- NOTE: reserved (baruch)
+ NOTE: fixed in 2.4.27-rc6
CAN-2004-0414
- cvs 1:1.12.9-1
CAN-2004-0413
@@ -1238,7 +1238,9 @@
CAN-2004-0395
NOTE: covered by DSA-509
CAN-2004-0394
- NOTE: fixed after 2.6.4/2.4.26 kernel
+ NOTE: apparently not very exploitable, does not affect 2.6
+ NOTE: patch: http://www.ultramonkey.org/bugs/cve-patch/CAN-2004-0394.patch
+ NOTE: not fixed in 2.4.27 by inspection, didn't bother with a bug
CAN-2004-0393
NOTE: covered by DSA-524
CAN-2004-0392
@@ -1554,7 +1556,7 @@
CAN-2004-0229
TODO: unchecked
CAN-2004-0228
- TODO: unchecked
+ NOTE: fixed in linux 2.4.27-pre3
CAN-2004-0227
TODO: unchecked
CAN-2004-0226
@@ -1638,15 +1640,17 @@
CAN-2004-0182
TODO: unchecked
CAN-2004-0181
- TODO: unchecked
+ NOTE: fixed in 2.4.26-pre5
CAN-2004-0180
NOTE: covered by DSA-486
CAN-2004-0179
NOTE: covered by DSA-487
CAN-2004-0178
NOTE: covered by DSA-479
+ NOTE: fixed in 2.4.26-pre3
CAN-2004-0177
NOTE: covered by DSA-479
+ NOTE: fixed in 2.4.26-pre4
CAN-2004-0176
TODO: unchecked
CAN-2004-0175
@@ -1722,7 +1726,7 @@
CAN-2004-0134
TODO: unchecked
CAN-2004-0133
- TODO: unchecked
+ NOTE: fixed in 2.4.26-pre2
CAN-2004-0132
TODO: unchecked
CAN-2004-0130
@@ -1753,6 +1757,7 @@
NOTE: covered by DSA-455
CAN-2004-0109
NOTE: covered by DSA-479
+ NOTE: fixed in 2.4.26-rc4
CAN-2004-0108
NOTE: covered by DSA-460
CAN-2004-0107
@@ -1803,6 +1808,7 @@
NOTE: covered by DSA-465
CAN-2004-0077
NOTE: covered by DSA-438
+ NOTE: fixed in 2.4.26-pre3
CAN-2004-0076
NOTE: rejected
CAN-2004-0074
@@ -1911,6 +1917,7 @@
NOTE: covered by DSA-416
CAN-2004-0010
NOTE: covered by DSA-479
+ NOTE: fixed in 2.4.25-pre7
CAN-2004-0008
NOTE: covered by DSA-434
- gaim 1:0.75-2
@@ -1924,6 +1931,7 @@
NOTE: covered by DSA-434
CAN-2004-0003
NOTE: covered by DSA-479
+ NOTE: fixed in 2.4.26-rc4
CAN-2004-0002
TODO: unchecked
@@ -2008,7 +2016,9 @@
NOTE: reserved
CAN-2003-0985
NOTE: covered by DSA-413
+ NOTE: fixed in 2.4.24-rc1
CAN-2003-0984
+ NOTE: fixed in 2.4.24-rc1
CAN-2003-0983
CAN-2003-0982
CAN-2003-0981
@@ -2039,6 +2049,8 @@
NOTE: covered by DSA-404
CAN-2003-0961
NOTE: covered by DSA-403
+ NOTE: do_brk hole
+ NOTE: fixed in 2.4.23-pre7
CAN-2003-0960
CAN-2003-0959
NOTE: reserved
@@ -2390,7 +2402,9 @@
CAN-2003-0702
CAN-2003-0701
CAN-2003-0700
+ NOTE: fixed in 2.4.22-pre3
CAN-2003-0699
+ NOTE: fixed in 2.4.21-rc2
CAN-2003-0698
NOTE: reserved
CAN-2003-0697
@@ -2471,6 +2485,7 @@
CAN-2003-0643
NOTE: reserved
NOTE: covered by DSA-358
+ NOTE: fixed in 2.4.22-pre10 (Introduced in 2.4.3-pre3)
CAN-2003-0642
CAN-2003-0641
CAN-2003-0640
@@ -2501,6 +2516,7 @@
NOTE: covered by DSA-364
CAN-2003-0619
NOTE: covered by DSA-358
+ NOTE: fixed in 2.4.21-pre3
CAN-2003-0618
NOTE: covered by DSA-431
CAN-2003-0617
@@ -2593,10 +2609,13 @@
CAN-2003-0553
CAN-2003-0552
NOTE: covered by DSA-358
+ NOTE: fixed in 2.4.22-pre3
CAN-2003-0551
NOTE: covered by DSA-358
+ NOTE: fixed in 2.4.22-pre3
CAN-2003-0550
NOTE: covered by DSA-358
+ NOTE: fixed in 2.4.22-pre3
CAN-2003-0549
CAN-2003-0548
CAN-2003-0547
@@ -2663,6 +2682,7 @@
CAN-2003-0502
CAN-2003-0501
NOTE: covered by DSA-358
+ NOTE: fixed in 2.4.22-pre10
CAN-2003-0500
NOTE: covered by DSA-338
CAN-2003-0499
@@ -2694,6 +2714,7 @@
CAN-2003-0477
CAN-2003-0476
NOTE: covered by DSA-358
+ NOTE: fixed in 2.4.22-pre4
CAN-2003-0475
CAN-2003-0474
CAN-2003-0473