[Secure-testing-commits] r1211 - sarge-checks/CAN
Moritz Muehlenhoff
jmm-guest@costa.debian.org
Wed, 08 Jun 2005 21:23:32 +0000
Author: jmm-guest
Date: 2005-06-08 21:23:29 +0000 (Wed, 08 Jun 2005)
New Revision: 1211
Modified:
sarge-checks/CAN/list
Log:
New kernel vulnerabilities.
Modified: sarge-checks/CAN/list
===================================================================
--- sarge-checks/CAN/list 2005-06-08 09:20:28 UTC (rev 1210)
+++ sarge-checks/CAN/list 2005-06-08 21:23:29 UTC (rev 1211)
@@ -2226,8 +2226,9 @@
NOTE: reserved
CAN-2005-1266
NOTE: reserved
-CAN-2005-1265
+CAN-2005-1265 [Invalid range checking for mmap() in the Linux kernel]
NOTE: reserved
+ - kernel-source-2.6.8 (unfixed)
CAN-2005-1264 [Local privilege escalation in the Linux kernel's raw ioctl]
- kernel-source-2.6.8 2.6.8-15sarge1
- kernel-source-2.6.8 2.6.8-16
@@ -3619,8 +3620,9 @@
- gzip 1.3.5-10
CAN-2005-0757 (The xattr file system code, as backported in Red Hat Enterprise Linux ...)
- kernel-source-2.4.27 (unfixed; bug #311164)
-CAN-2005-0756
+CAN-2005-0756 [DoS through insufficient validation of addresses for ptrace() on amd64]
NOTE: reserved
+ - kernel-source-2.6.8 (unfixed)
CAN-2005-0755 (Heap-based buffer overflow in RealPlayer 10 and earlier, Helix Player ...)
- helix-player 1.0.4-1
CAN-2005-0754 [Untrusted code execution in Kommander]