[Secure-testing-commits] r618 - sarge-checks/CAN
Dominic Hargreaves
dom-guest@costa.debian.org
Tue, 22 Mar 2005 18:56:00 +0100
Author: dom-guest
Date: 2005-03-22 18:55:57 +0100 (Tue, 22 Mar 2005)
New Revision: 618
Modified:
sarge-checks/CAN/list
Log:
Add kernel-image-2.6.8-ia64 packages that are build against
kernel-source-2.6.8-14.
Rationale: kernel-source-2.6.8 has entered testing; kernel-image-2.6.8-ia64
is built but hasn't entered testing yet. This is the only kernel-image-2.6.8*
package uploaded to build-dep on kernel-tree-2.6.8-14 so far.
Once packages start being built against -15 we can start listing those too.
Modified: sarge-checks/CAN/list
===================================================================
--- sarge-checks/CAN/list 2005-03-22 17:17:22 UTC (rev 617)
+++ sarge-checks/CAN/list 2005-03-22 17:55:57 UTC (rev 618)
@@ -209,6 +209,7 @@
NOTE: 2.6 through .11
TODO: check with kernel team (what about 2.4.27?)
- kernel-source-2.6.8 2.6.8-14
+ - kernel-image-2.6.8-ia64 2.6.8-13
CAN-2005-0735 (newsscript.pl for NewsScript allows remote attachers to gain ...)
NOTE: not-for-us (newsscript)
CAN-2005-0734 (PY Software Active Webcam WebServer (webcam.exe) 5.5 allows remote ...)
@@ -889,17 +890,21 @@
NOTE: not-for-us (Trend Micro AntiVirus)
CAN-2005-0532 (The reiserfs_copy_from_user_to_file_region function in reiserfs/file.c ...)
- kernel-source-2.6.8 2.6.8-14
+ - kernel-image-2.6.8-ia64 2.6.8-13
NOTE: 2.4.27 seems to be unaffected
CAN-2005-0531 (The atm_get_addr function in addr.c for Linux kernel 2.6.10 and 2.6.11 ...)
- kernel-source-2.6.8 2.6.8-14
+ - kernel-image-2.6.8-ia64 2.6.8-13
- kernel-source-2.4.27 (unfixed; bug #296905)
NOTE: affects 2.6 and 2.4
CAN-2005-0530 (Signedness error in the copy_from_read_buf function in n_tty.c for ...)
- kernel-source-2.6.8 2.6.8-14
+ - kernel-image-2.6.8-ia64 2.6.8-13
- kernel-source-2.4.27 (unfixed; bug #296906)
NOTE: affects 2.6 and 2.4
CAN-2005-0529 (Linux kernel 2.6.10 and 2.6.11rc1-bk6 uses different size types for ...)
- kernel-source-2.6.8 2.6.8-14
+ - kernel-image-2.6.8-ia64 2.6.8-13
NOTE: 2.4.27 seems to be unaffected
CAN-2005-0528
NOTE: reserved
@@ -2302,6 +2307,7 @@
NOTE: http://linux.bkbits.net:8080/linux-2.6/cset@41db2d65wbgJvuXTv4x9_quExW0vEA
NOTE: fixed in upstream 2.6.10, 2.6.9 is dead
- kernel-source-2.6.8 2.6.8-14
+ - kernel-image-2.6.8-ia64 2.6.8-13
CAN-2005-0206 (The patch for integer overflow vulnerabilities in Xpdf 2.0 and 3.0 ...)
- tetex-bin (unfixed; bug #300182)
TODO: check other packages
@@ -2316,6 +2322,7 @@
NOTE: in the bug report
- kernel-source-2.4.27 (unfixed; bug #296700)
- kernel-source-2.6.8 2.6.8-14
+ - kernel-image-2.6.8-ia64 2.6.8-13
- kernel-source-2.6.9 (unfixed; bug #296700)
- kernel-source-2.6.10 (unfixed; bug #296700)
CAN-2005-0203
@@ -2379,12 +2386,14 @@
NOTE: <horms> i would try asking marcello
NOTE: reponse from Marcelo: No - v2.4 is safe because back there current->signal was not shared.
- kernel-source-2.6.8 2.6.8-14
+ - kernel-image-2.6.8-ia64 2.6.8-13
- kernel-source-2.6.9 2.6.9-6
- kernel-source-2.6.10 2.6.10-6
CAN-2005-0177 (nls_ascii.c in Linux before 2.6.8.1 uses an incorrect table size, ...)
NOTE: According to joshk, doesn't apply to 2.4.27
NOTE: see USN-82-1
- kernel-source-2.6.8 2.6.8-14
+ - kernel-image-2.6.8-ia64 2.6.8-13
- kernel-source-2.6.9 2.6.9-6
- kernel-source-2.6.10 2.6.10-6
CAN-2005-0176 (The shmctl function in Linux 2.6.9 and earlier allows local users to ...)
@@ -2508,9 +2517,11 @@
CAN-2005-0136
NOTE: reserved
- kernel-source-2.6.8 2.6.8-14
+ - kernel-image-2.6.8-ia64 2.6.8-13
CAN-2005-0135
NOTE: reserved
- kernel-source-2.6.8 2.6.8-14
+ - kernel-image-2.6.8-ia64 2.6.8-13
CAN-2005-0134
NOTE: reserved
CAN-2004-1381 (Firefox before 1.0 and Mozilla before 1.7.5 allow inactive ...)
@@ -2910,6 +2921,7 @@
NOTE: not-for-us (oracle)
CAN-2004-1337 (The POSIX Capability Linux Security Module (LSM) for Linux kernel 2.6 ...)
- kernel-source-2.6.8 2.6.8-14
+ - kernel-image-2.6.8-ia64 2.6.8-13
- kernel-source-2.6.9 2.6.9-6
- kernel-source-2.6.10 2.6.10-1
CAN-2004-1336 (The xdvizilla script in tetex-bin 2.0.2 creates temporary files with ...)
@@ -3552,6 +3564,7 @@
CAN-2004-1058 (Race condition in Linux kernel 2.6 allows local users to read the ...)
NOTE: Fixed in 2.6.10 upstream
- kernel-source-2.6.8 2.6.8-14
+ - kernel-image-2.6.8-ia64 2.6.8-13
- kernel-source-2.6.9 s.6.9-14
CAN-2004-1057 (Multiple drivers in Linux kernel 2.4.19 and earlier do not properly ...)
NOTE: fixed after kernel 2.4.19