[Secure-testing-commits] r344 - in sarge-checks: CAN DSA

Joey Hess joeyh@costa.debian.org
Fri, 04 Feb 2005 22:06:02 +0100 

Author: joeyh
Date: 2005-02-04 22:05:59 +0100 (Fri, 04 Feb 2005)
New Revision: 344

Modified:
   sarge-checks/CAN/list
   sarge-checks/DSA/list
Log:
kernel updates and python2.1 ok.


Modified: sarge-checks/CAN/list
===================================================================
--- sarge-checks/CAN/list	2005-02-04 20:14:15 UTC (rev 343)
+++ sarge-checks/CAN/list	2005-02-04 21:05:59 UTC (rev 344)
@@ -482,13 +482,11 @@
 CAN-2005-0002 (poppassd_pam 1.0 and earlier, when changing a user password, does not ...)
 	NOTE: not-for-us (poppassd_pam)
 CAN-2005-0001 (Race condition in the page fault handler (fault.c) for Linux kernel ...)
-	NOTE: bug in i386 SMP page fault handler, local root
+	NOTE: i386 and smp specific
+	- kernel-source-2.6.8 2.6.8-13
+	- kernel-image-2.6.8-i386 2.6.8-13
 	- kernel-source-2.4.27 2.4.27-8
 	- kernel-image-2.4.27-i386 2.4.27-8
-	- kernel-source-2.6.8 2.6.8-13
-	- kernel-image-2.6.8-i386 2.6.8-13
-	- kernel-patch-powerpc-2.6.8 2.6.8-10
-	NOTE: and binary packages for other arches
 CAN-2004-1339 (SQL injection vulnerability in the (1) MDSYS.SDO_GEOM_TRIG_INS1 and ...)
 	NOTE: not-for-us (oracle)
 CAN-2004-1338 (The triggers in Oracle 9i and 10g allow local users to gain privileges ...)
@@ -714,9 +712,24 @@
 CAN-2004-1235 (Race condition in the (1) load_elf_library and (2) binfmt_aout ...)
 	- kernel-source-2.6.8 2.6.8-12
 	- kernel-image-2.6.8-2-386 2.6.8-12
+	- kernel-image-2.6.8-alpha 2.6.8-7
+	- kernel-image-2.6.8-hppa (unfixed; fix in svn)
+	- kernel-image-2.6.8-ia64 2.6.8-11
+	- kernel-image-2.6.8-m68k 2.6.8-3
+	- kernel-patch-powerpc-2.6.8 2.6.8-9
+	- kernel-image-2.6.8-s390 2.6.8-5
+	- kernel-image-2.6.8-sparc 2.6.8-6
 	- kernel-source-2.4.27 2.4.27-8
-	- kernel-image-2.4.27-1-386 2.4.27-8
-	NOTE: and other binary packages built from them
+	- kernel-image-2.4.27-i386 2.4.27-8
+	- kernel-image-2.4.27-alpha 2.4.27-6
+	- kernel-image-2.4.27-hppa 2.4.27-3
+	- kernel-image-2.4.27-ia64 2.4.27-6
+	- kernel-patch-2.4.27-mips 2.4.27-8.040815-1
+	- kernel-image-2.4.27-s390 2.4.27-2
+	- kernel-image-2.4.27-arm (unfixed)
+	- kernel-image-2.4.27-m68k 2.4.27-3
+	- kernel-patch-powerpc-2.4.27 (unfixed)
+	- kernel-image-2.4.27-sparc (unfixed; fix in svn)
 CAN-2004-1234 (load_elf_binary in Linux before 2.4.26 allows local users to cause a ...)
 	NOTE: fixed after 2.4.25
 CAN-2004-1233 (Integer overflow in Gadu-Gadu allows remote attackers to cause a ...)
@@ -1107,8 +1120,15 @@
 CAN-2004-1056 (Direct Rendering Manager (DRM) driver in Linux kernel 2.6 does not ...)
 	- kernel-source-2.4.27 2.4.27-8
 	- kernel-image-2.4.27-i386 2.4.27-8
+	- kernel-image-2.4.27-alpha 2.4.27-6
+	- kernel-image-2.4.27-hppa 2.4.27-3
+	- kernel-image-2.4.27-ia64 2.4.27-6
+	- kernel-patch-2.4.27-mips 2.4.27-8.040815-1
+	- kernel-patch-powerpc-2.4.27 (unfixed)
+	- kernel-image-2.4.27-sparc 2.4.27-2
+	NOTE: above should cover 2.4
 	- kernel-source-2.6.8 2.6.8-11
-	NOTE: and the binaries built from them
+	NOTE: and the binaries built from it
 CAN-2004-1055 (Multiple cross-site scripting (XSS) vulnerabilities in phpMyAdmin ...)
 	- phpmyadmin 2:2.6.0-pl3-1
 CAN-2004-1054 (Untrusted execution path vulnerability in invscout in IBM AIX 5.1.0, ...)

Modified: sarge-checks/DSA/list
===================================================================
--- sarge-checks/DSA/list	2005-02-04 20:14:15 UTC (rev 343)
+++ sarge-checks/DSA/list	2005-02-04 21:05:59 UTC (rev 344)
@@ -8,7 +8,6 @@
 	NOTE: not fixed in testing at time of DSA
 [04 Feb 2005] DSA-666-1 python2.2 - design flaw
 	{CAN-2005-0089}
-	- python2.1 (unknown; pinged joey)
 	- python2.2 2.2.3-14
 	- python2.3 2.3.4-20
 	- python2.4 2.4-5