[Secure-testing-commits] r2381 - data/CAN

Mon Oct 10 12:16:36 UTC 2005

Author: jmm-guest
Date: 2005-10-10 12:16:27 +0000 (Mon, 10 Oct 2005)
New Revision: 2381

Modified:
   data/CAN/list
Log:
2.4 affected by HFS+ mount DoS (someone confirmed it on linux-kernel)


Modified: data/CAN/list
===================================================================

--- data/CAN/list	2005-10-10 12:12:05 UTC (rev 2380)
+++ data/CAN/list	2005-10-10 12:16:27 UTC (rev 2381)
@@ -165,28 +165,22 @@
 CAN-2005-3110 (Race condition in ebtables netfilter module (ebtables.c) in Linux 2.6, ...)
 	- linux-2.6 2.6.12-1
 	- kernel-source-2.6.8 2.6.8-16sarge1
-	NOTE: Reported directly to Horms
 	NOTE: 2.4.27 not applicable
 CAN-2005-3109 (The HFS and HFS+ (hfsplus) modules in Linux 2.6 allows attackers to ...)
 	- linux-2.6 2.6.12-1
 	- kernel-source-2.6.8 2.6.8-16sarge1
-	NOTE: Reported directly to Horms
-	TODO: 2.4.27 affected? Horms asking upstream: http://lkml.org/lkml/2005/10/7/3/index.html
+	- kernel-source-2.4.27 <unfixed> 
 CAN-2005-3108 (mm/ioremap.c in Linux 2.6 on 64-bit x86 systems allows local users to ...)
 	- linux-2.6 2.6.12-1
 	- kernel-source-2.6.8 2.6.8-16sarge1
-	NOTE: Reported directly to Horms
 CAN-2005-3107 (fs/exec.c in Linux 2.6, when one thread is tracing another thread that ...)
 	- linux-2.6 <unfixed>
 	- kernel-source-2.6.8 2.6.8-16sarge1
-	NOTE: Reported directly to Horms
 CAN-2005-3106 (Race condition in Linux 2.6, when threads are sharing memory mapping ...)
 	- kernel-source-2.6.8 2.6.8-16sarge1
-	NOTE: Reported directly to Horms
 CAN-2005-3105 (The mrpotect code (mprotect.c) in Linux 2.6 on Itanium IA64 Montecito ...)
 	- kernel-source-2.6.8 2.6.8-16sarge1
 	- kernel-source-2.4.27 <unfixed> (bug #332569; medium)
-	NOTE: Reported directly to Horms
 CAN-2005-XXXX [horde3 maintainer scripts don't set sufficiently strict permissions on config files]
 	- horde3 <unfixed> (bug #332289)
 CAN-2005-XXXX [horde3 permits arbitrary command execution before being finally configured]


