[Secure-testing-commits] r300 - sarge-checks/CAN

Joey Hess joeyh@costa.debian.org
Thu, 20 Jan 2005 20:01:57 +0100 

Author: joeyh
Date: 2005-01-20 20:01:55 +0100 (Thu, 20 Jan 2005)
New Revision: 300

Modified:
   sarge-checks/CAN/list
Log:
kernel updates


Modified: sarge-checks/CAN/list
===================================================================
--- sarge-checks/CAN/list	2005-01-20 18:43:10 UTC (rev 299)
+++ sarge-checks/CAN/list	2005-01-20 19:01:55 UTC (rev 300)
@@ -1,6 +1,6 @@
 CAN-2005-0124
-	TODO: check with kernel team re 2.4
-	NOTE: 2.6.8 apparenlty ok
+	- kernel-source-2.4.27 2.4.27-8
+	NOTE: 2.6.8 apparently ok
 CAN-2005-0123
 	NOTE: reserved
 CAN-2005-0122
@@ -346,8 +346,12 @@
 CAN-2005-0002 (poppassd_pam 1.0 and earlier, when changing a user password, does not ...)
 	NOTE: not-for-us (poppassd_pam)
 CAN-2005-0001 (Race condition in the page fault handler (fault.c) for Linux kernel ...)
-	NOTE: bug in i386 SMP page fault handler, local root (bugtraq)
-	TODO: check with kernel team
+	NOTE: bug in i386 SMP page fault handler, local root
+	- kernel-source-2.4.27 2.4.27-8
+	- kernel-image-2.4.27-i386 2.4.27-8
+	- kernel-source-2.6.8 2.6.8-13
+	- kernel-image-2.6.8-i386 2.6.8-13
+	NOTE: and binary packages for other arches
 CAN-2004-1339 (SQL injection vulnerability in the (1) MDSYS.SDO_GEOM_TRIG_INS1 and ...)
 	NOTE: not-for-us (oracle)
 CAN-2004-1338 (The triggers in Oracle 9i and 10g allow local users to gain privileges ...)
@@ -355,7 +359,7 @@
 CAN-2004-1337 (The POSIX Capability Linux Security Module (LSM) for Linux kernel 2.6 ...)
 	NOTE: <dilinger> joeyh: we're mostly not vulnerable, because the module is generally loaded from the initrd (or very early on at some point)
 	TODO: re-check with kernel team re fix
-	NOTE: apparent it only affects 2.6
+	NOTE: apparently it only affects 2.6
 CAN-2004-1336 (The xdvizilla script in tetex-bin 2.0.2 creates temporary files with ...)
 	- tetex-bin 2.0.2-25
 CAN-2004-1335 (Memory leak in the ip_options_get function in the Linux kernel before ...)
@@ -4351,11 +4355,13 @@
 CAN-2003-0466 (Off-by-one error in the fb_realpath() function, as derived from the ...)
 	{DSA-357}
 CAN-2003-0465 strncpy in kernel does not pad with zeroes
-	- kernel-source-2.4.27 (unfixed; bug #280492)
+	- kernel-source-2.4.27 (unfixed; bug #280492; only mips and alpha unfixed)
 	NOTE: generic .c version fixed in 2.6.x but not in 2.4.x
 	NOTE: arch specific asm versions: 
 	NOTE: x86 is not affected
 	NOTE: ppc32 fixed in 2.4.22-rc4
+	- kernel-source-2.4.27 2.4.27-8
+	NOTE: above fixes s390x, ppc64 and s390
 CAN-2003-0464 (The RPC code in Linux kernel 2.4 sets the reuse flag when sockets are ...)
 	NOTE: fixed in linux 2.4.22-pre8
 CAN-2003-0463