[Secure-testing-commits] r717 - sarge-checks/CAN
Micah Anderson
micah@costa.debian.org
Fri, 01 Apr 2005 16:28:33 +0000
Author: micah
Date: 2005-04-01 16:28:30 +0000 (Fri, 01 Apr 2005)
New Revision: 717
Modified:
sarge-checks/CAN/list
Log:
Updated some CANs
Modified: sarge-checks/CAN/list
===================================================================
--- sarge-checks/CAN/list 2005-04-01 16:25:46 UTC (rev 716)
+++ sarge-checks/CAN/list 2005-04-01 16:28:30 UTC (rev 717)
@@ -213,6 +213,8 @@
NOTE: checked tn5250, apparently the only AS/400 emulator in debian
NOTE: cannot find STRPCO or STRPCCMD in tn5250.
CAN-2005-0867 (Integer overflow in Linux kernel 2.6 allows local users to overwrite ...)
+ NOTE: According to the advisory, only SuSE kernels are affected by this
+ NOTE: http://www.novell.com/linux/security/advisories/2005_18_kernel.html
TODO: check with kernel team
CAN-2005-0866 (cdrecord before 4:2.0, when DEBUG is enabled, allows local users to ...)
- cdrecord (unfixed; bug #291376)
@@ -591,7 +593,7 @@
NOTE: not-for-us (Yahoo Messenger)
CAN-2005-0736 (Integer overflow in sys_epoll_wait in eventpoll.c for Linux kernel 2.6 ...)
NOTE: 2.6 through .11
- TODO: check with kernel team (what about 2.4.27?)
+ NOTE: There is no epoll in 2.4
- kernel-source-2.6.8 2.6.8-14
CAN-2005-0735 (newsscript.pl for NewsScript allows remote attachers to gain ...)
NOTE: not-for-us (newsscript)