[Secure-testing-commits] r1545 - data/CAN

Moritz Muehlenhoff jmm-guest at costa.debian.org
Tue Aug 9 11:05:20 UTC 2005


Author: jmm-guest
Date: 2005-08-09 11:05:16 +0000 (Tue, 09 Aug 2005)
New Revision: 1545

Modified:
   data/CAN/list
Log:
kernel updates


Modified: data/CAN/list
===================================================================
--- data/CAN/list	2005-08-09 09:51:16 UTC (rev 1544)
+++ data/CAN/list	2005-08-09 11:05:16 UTC (rev 1545)
@@ -1,3 +1,7 @@
+CAN-2005-XXXX [DoS by removal of default ACLs in ext2/ext3]
+	NOTE: Fixed in SVN for kernel-source-2.4.27 and 2.6.8, will probably result
+	NOTE: in a kernel DSA with other issues
+	TODO: Check, whether this is fixed in linux-2.6 SVN as well
 CAN-2005-XXXX [Buffer overflow in mysql's user defined functions]
 	- mysql-dfsg (unfixed; bug #322133; medium)
 	- mysql-dfsg-4.1 4.1.13-1 (medium)
@@ -182,7 +186,9 @@
 CAN-2005-2457
 	NOTE: reserved
 CAN-2005-2456 (Array index overflow in the xfrm_sk_policy_insert function in ...)
-	NOTE: Does not affect 2.4 per Horms
+	NOTE: Does affect 2.4 per Horms, fix will be in 2.4.27 DSA
+	TODO: Check if this made it into further 2.4 sid uploads as well (there doesn't
+	TODO: seem to be a more recent 2.4 package right now)
 	- linux-2.6 2.6.12-2 (bug #321401; medium)
 CAN-2005-2455 (Greasemonkey before 0.3.5 allows remote web servers to (1) read ...)
 	NOTE: not-for-us (Greasemonkey)




More information about the Secure-testing-commits mailing list