[Secure-testing-commits] r9806 - data/CVE
dannf at alioth.debian.org
dannf at alioth.debian.org
Fri Sep 12 16:45:36 UTC 2008
Author: dannf
Date: 2008-09-12 16:45:34 +0000 (Fri, 12 Sep 2008)
New Revision: 9806
Modified:
data/CVE/list
Log:
kernel updates
Modified: data/CVE/list
===================================================================
--- data/CVE/list 2008-09-12 16:25:55 UTC (rev 9805)
+++ data/CVE/list 2008-09-12 16:45:34 UTC (rev 9806)
@@ -192,10 +192,12 @@
TODO: check
CVE-2008-3915 (Buffer overflow in nfsd in the Linux kernel before 2.6.26.4, when ...)
{DSA-1636-1}
- TODO: check
+ - linux-2.6 2.6.26-5
[etch] - linux-2.6 <not-affected> (Vulnerable code was introduced in 2.6.19)
CVE-2008-3911 (The proc_do_xprt function in net/sunrpc/sysctl.c in the Linux kernel ...)
- TODO: check
+ - linux-2.6 2.6.26-5
+ [etch] - linux-2.6 <not-affected> (Vulnerable code not present)
+ [etch] - linux-2.6.24 <not-affected> (Vulnerable code not present)
CVE-2008-3906 (CRLF injection vulnerability in Sys.Web in Mono 2.0 and earlier allows ...)
TODO: check
CVE-2008-3905 (resolv.rb in Ruby 1.8.5 and earlier, 1.8.6 before 1.8.6-p287, 1.8.7 ...)
@@ -499,7 +501,8 @@
RESERVED
CVE-2008-3792 (net/sctp/socket.c in the Stream Control Transmission Protocol (sctp) ...)
{DSA-1636-1}
- TODO: check
+ - linux-2.6 2.6.26-4
+ [etch] - linux-2.6 <not-affected>
CVE-2008-3788 (Multiple SQL injection vulnerabilities in PICTURESPRO Photo Cart 3.9, ...)
NOT-FOR-US: PICTURESPRO Photo Cart 3.9
CVE-2008-3787 (SQL injection vulnerability in listing_view.php in Web Directory ...)
@@ -815,7 +818,7 @@
- xen-3 <not-affected> (Not compiled with XSM:FLASK)
CVE-2008-3686 (The rt6_fill_node function in net/ipv6/route.c in Linux kernel ...)
- linux-2.6.24 <not-affected> (Vulnerable code was introduced in 2.6.26)
- - linux-2.6 <unfixed>
+ - linux-2.6 2.6.26-5
[etch] - linux-2.6 <not-affected> (Vulnerable code was introduced in 2.6.26)
CVE-2008-3685
RESERVED
@@ -1198,7 +1201,8 @@
RESERVED
CVE-2008-3526 (Integer overflow in the sctp_setsockopt_auth_key function in ...)
{DSA-1636-1}
- TODO: check
+ - linux-2.6 2.6.26-4
+ [etch] - linux-2.6 <not-affected>
CVE-2008-3525 (The sbni_ioctl function in drivers/net/wan/sbni.c in the wan subsystem ...)
TODO: check
CVE-2008-3524
@@ -1734,7 +1738,8 @@
RESERVED
CVE-2008-3276 (Integer overflow in the dccp_setsockopt_change function in ...)
{DSA-1636-1}
- TODO: check
+ - linux-2.6 2.6.26-4
+ [etch] - linux-2.6 <unfixed>
CVE-2008-3275 (The (1) real_lookup and (2) __lookup_hash functions in fs/namei.c in ...)
{DSA-1636-1 DSA-1630-1}
- linux-2.6.24 <unfixed>
More information about the Secure-testing-commits
mailing list