[Secure-testing-commits] r7358 - data/CVE
jmm-guest at alioth.debian.org
jmm-guest at alioth.debian.org
Mon Nov 19 18:38:58 UTC 2007
Author: jmm-guest
Date: 2007-11-19 18:38:57 +0000 (Mon, 19 Nov 2007)
New Revision: 7358
Modified:
data/CVE/list
Log:
one kernel not-affected for etch
one kernel issue needs further investigation
Modified: data/CVE/list
===================================================================
--- data/CVE/list 2007-11-19 17:12:07 UTC (rev 7357)
+++ data/CVE/list 2007-11-19 18:38:57 UTC (rev 7358)
@@ -120,6 +120,7 @@
RESERVED
CVE-2006-7229 (The skge driver 1.5 in Linux kernel 2.6.15 on Ubuntu does not properly ...)
- linux-2.6 2.6.20-1
+ [etch] - linux-2.6 <not-affected> (Ubuntu-specific regression)
CVE-2006-7228 (Integer overflow in Perl-Compatible Regular Expression (PCRE) library ...)
- pcre3 6.2-1
NOTE: http://www.pcre.org/changelog.txt states fixed in 6.2
@@ -251,7 +252,7 @@
CVE-2007-5909 (Multiple stack-based buffer overflows in Autonomy (formerly Verity) ...)
NOT-FOR-US: IBM Lotus Notes, Symantec Mail Security, and others
CVE-2007-5908 (Buffer overflow in the (1) sysfs_show_available_clocksources and (2) ...)
- - linux-2.6 <unfixed> (unimportant)
+ - linux-2.6 <unfixed>
NOTE: there is a list of possible clocksource names which consits of short enough names
NOTE: this is a bug in the kernel but not a security issue, there is no way for a user to
NOTE: exploit this, they can only chose an item from the list
More information about the Secure-testing-commits
mailing list