[Secure-testing-commits] r10403 - data/CVE

jmm-guest at alioth.debian.org jmm-guest at alioth.debian.org
Mon Nov 17 18:43:38 UTC 2008 

Author: jmm-guest
Date: 2008-11-17 18:43:38 +0000 (Mon, 17 Nov 2008)
New Revision: 10403

Modified:
   data/CVE/list
Log:
one kernel issue unimportant
record upcoming kernel fixes


Modified: data/CVE/list
===================================================================
--- data/CVE/list	2008-11-17 18:18:17 UTC (rev 10402)
+++ data/CVE/list	2008-11-17 18:43:38 UTC (rev 10403)
@@ -125,10 +125,10 @@
 	NOT-FOR-US: Sun Solstice X.25
 CVE-2008-5025 [kernel: one more hfsplus issue]
 	RESERVED
-	- linux-2.6 <unfixed>
+	- linux-2.6 2.6.26-11
 	- linux-2.6.24 <unfixed>
 CVE-2008-5029 (The __scm_destroy function in net/core/scm.c in the Linux kernel ...)
-	- linux-2.6 <unfixed>
+	- linux-2.6 2.6.26-11
 	- linux-2.6.24 <unfixed>
 CVE-2008-XXXX [Trac Multiple Vulnerabilities]
 	- trac <unfixed> (bug #505197)
@@ -188,10 +188,10 @@
 	- aegis 4.24-3.1 (low; bug #496400)
 	[etch] - aegis <no-dsa> (Minor issue)
 CVE-2008-4934 (The hfsplus_block_allocate function in fs/hfsplus/bitmap.c in the ...)
-	- linux-2.6 <unfixed>
+	- linux-2.6 2.6.26-11
 	- linux-2.6.24 <unfixed>
 CVE-2008-4933 (Buffer overflow in the hfsplus_find_cat function in ...)
-	- linux-2.6 <unfixed>
+	- linux-2.6 2.6.26-11
 	- linux-2.6.24 <unfixed>
 CVE-2008-4932 (webmail/modules/filesystem/edit.php in U-Mail Webmail server 4.91 ...)
 	NOT-FOR-US: U-Mail Webmail server
@@ -20084,7 +20084,9 @@
 CVE-2007-3720 (The process scheduler in the Linux kernel 2.4 performs scheduling ...)
 	- linux-2.6 <not-affected> (There's a separate ID for 2.6, see CVE-2007-3719)
 CVE-2007-3719 (The process scheduler in the Linux kernel 2.6.16 gives preference to ...)
-	- linux-2.6 <unfixed> (low)
+	- linux-2.6 <unfixed> (unimportant)
+        NOTE: This is the existing default behaviour of the scheduler, can be tuned
+        NOTE: to suit individual needs
 CVE-2007-3718 (Multiple unspecified vulnerabilities in the SVG parsing engine in ...)
 	NOT-FOR-US: Apple Safari
 CVE-2007-3717 (rcp on Sun Solaris 8, 9, and 10 before 20070710 does not properly call ...)

More information about the Secure-testing-commits mailing list