[Secure-testing-commits] r666 - sarge-checks/CAN
Moritz Muehlenhoff
jmm-guest@costa.debian.org
Sat, 26 Mar 2005 08:38:43 +0000
Author: jmm-guest
Date: 2005-03-26 08:38:40 +0000 (Sat, 26 Mar 2005)
New Revision: 666
Modified:
sarge-checks/CAN/list
Log:
Mark some bugs fixed in kernel-source-2.4.27 2.4.27-9.
There's a misnaming in the changelog: CAN-2004-1114 does not relate to
the "int 0x80 hole" on AMD64, but to a Skype buffer overflow. This
should be fixed retroactively in the changelog for the next upload.
Modified: sarge-checks/CAN/list
===================================================================
--- sarge-checks/CAN/list 2005-03-26 01:40:01 UTC (rev 665)
+++ sarge-checks/CAN/list 2005-03-26 08:38:40 UTC (rev 666)
@@ -973,8 +973,7 @@
NOTE: 2.4.27 seems to be unaffected
CAN-2005-0531 (The atm_get_addr function in addr.c for Linux kernel 2.6.10 and 2.6.11 ...)
- kernel-source-2.6.8 2.6.8-14
- - kernel-source-2.4.27 (unfixed; bug #296905)
- NOTE: affects 2.6 and 2.4
+ - kernel-source-2.4.27 2.4.27-9
CAN-2005-0530 (Signedness error in the copy_from_read_buf function in n_tty.c for ...)
- kernel-source-2.6.8 2.6.8-14
NOTE: affects only 2.6 (see #296906)
@@ -1728,7 +1727,7 @@
{DSA-693-1}
CAN-2005-0384 (Unknown vulnerability in the PPP driver for the Linux kernel 2.6.8.1 ...)
- kernel-source-2.6.8 2.6.8-15
- - kernel-source-2.4.27 (pending; fixed in debian-kernel SVN)
+ - kernel-source-2.4.27 2.4.27-9
CAN-2004-1488 (wget 1.8.x and 1.9.x does not filter or quote control characters when ...)
NOTE: Submitted patch not acceptable according to Andreas Barth
- wget (unfixed; bug #261755)
@@ -2380,6 +2379,7 @@
CAN-2005-0209 (Netfilter in Linux kernel 2.6.8.1 allows remote attackers to cause a ...)
NOTE: <horms> all kernels seem to be clear with regards to 2005-0209
NOTE: <dilinger> http://oss.sgi.com/archives/netdev/2005-01/msg01072.html resolves this and it is in all our kernels
+ - kernel-source-2.4.27 2.4.27-9
CAN-2005-0208 (The HTML parsing functions in Gaim before 1.1.4 allow remote attackers ...)
- gaim 1:1.1.4
CAN-2005-0207 (Unknown vulnerability in Linux kernel 2.4.x, 2.5.x, and 2.6.x allows ...)
@@ -2976,8 +2976,7 @@
- mysql-dfsg-4.1 4.1.8a-6
- mysql-dfsg 4.0.23-3
CAN-2005-0003 (The 64 bit ELF support in Linux kernel 2.6 before 2.6.10, on 64-bit ...)
- NOTE: 2.4 unaffected; 64 bit arches only
- NOTE: Fixed upstream in 2.6.10
+ - kernel-source-2.4.27 2.4.27-9
- kernel-source-2.6.8 2.6.8-9
- kernel-source-2.6.9 2.6.9-3
CAN-2005-0002 (poppassd_pam 1.0 and earlier, when changing a user password, does not ...)