[Secure-testing-commits] r1729 - data/CAN

Moritz Muehlenhoff jmm-guest at costa.debian.org
Tue Aug 30 08:00:22 UTC 2005 

Author: jmm-guest
Date: 2005-08-30 08:00:18 +0000 (Tue, 30 Aug 2005)
New Revision: 1729

Modified:
   data/CAN/list
Log:
Processing the latest 2.4.27 upload.


Modified: data/CAN/list
===================================================================
--- data/CAN/list	2005-08-30 07:44:21 UTC (rev 1728)
+++ data/CAN/list	2005-08-30 08:00:18 UTC (rev 1729)
@@ -1,3 +1,8 @@
+CAN-2005-XXXX [xattr sharing bug in kernel's ext3 code]
+	- kernel-source-2.4.27 2.4.27-11 (medium)
+	NOTE: http://lists.debian.org/debian-kernel/2005/08/msg00238.html
+CAN-2005-XXXX [Remote DoS when using ipt_recent on 64 bit systems]
+	- kernel-source-2.4.27 2.4.27-11 (bug #322237; medium)
 CAN-2005-XXXX [polygen doesn't honor umask when creating grm.o files]
 	- polygen 1.0.6-8 (low)
 CAN-2005-XXXX [Unspecified XSS in phpgroupware's phpgwapi]
@@ -1069,12 +1074,11 @@
 CAN-2005-XXXX [Crypto weakness in Tor's handshaking process]
 	- tor 0.1.0.14-1 (medium)
 CAN-2005-2457 (The driver for compressed ISO file systems (zisofs) in the Linux ...)
-	NOTE: Will be fixed in DSAs for 2.4.27 and 2.6.8
 	- linux-2.6 2.6.12-3 (medium)
 	- kernel-source-2.4.27 2.4.27-11 (medium)
 CAN-2005-2456 (Array index overflow in the xfrm_sk_policy_insert function in ...)
-	NOTE: Will also be fixed in DSAs for 2.4.27 and 2.6.8
 	- linux-2.6 2.6.12-2 (bug #321401; medium)
+	- kernel-source-2.4.27 2.4.27-11 (medium)
 CAN-2005-2455 (Greasemonkey before 0.3.5 allows remote web servers to (1) read ...)
 	NOTE: not-for-us (Greasemonkey)
 CAN-2005-2454
@@ -4057,7 +4061,8 @@
 CAN-2005-1768 (Race condition in the ia32 compatibility code for the execve system ...)
 	- kernel-source-2.4.27 2.4.27-11 (medium)
 CAN-2005-1767 (Unknown vulnerability in the Linux kernel 2.6.x and 2.4.x allows local ...)
-	NOTE: linux-2.6 not affected (already fixed), 2.6.8 and 2.4.27 will be handled through DSAs
+	NOTE: linux-2.6 not affected (already fixed)
+	- kernel-source 2.4.27 2.4.27-11 (unknown)
 CAN-2005-1766 (Heap-based buffer overflow in rtffplin.cpp in RealPlayer 10.5 ...)
 	NOTE: not-for-us (RealPlayer)
 CAN-2005-1765 (syscall in the Linux kernel 2.6.8.1 and 2.6.10 for the AMD64 platform, ...)
@@ -4074,7 +4079,6 @@
 	- kernel-source-2.6.8 2.6.8-16sarge1
 CAN-2005-1762 (The ptrace call in the Linux kernel 2.6.8.1 and 2.6.10 for the AMD64 ...)
 	- linux-2.6 2.6.12-1 (medium)
-	NOTE: Fixed in the 2.6.11 stable series and merged into 2.6.12
 	- kernel-source-2.6.8 2.6.8-17
 	- kernel-source-2.6.8 2.6.8-16sarge1
 	- kernel-source-2.4.27 2.4.27-11

More information about the Secure-testing-commits mailing list