[Secure-testing-commits] r11703 - data/CVE
Joey Hess
joeyh at alioth.debian.org
Thu Apr 23 21:14:16 UTC 2009
Author: joeyh
Date: 2009-04-23 21:14:16 +0000 (Thu, 23 Apr 2009)
New Revision: 11703
Modified:
data/CVE/list
Log:
automatic update
Modified: data/CVE/list
===================================================================
--- data/CVE/list 2009-04-23 19:48:33 UTC (rev 11702)
+++ data/CVE/list 2009-04-23 21:14:16 UTC (rev 11703)
@@ -101,12 +101,12 @@
NOT-FOR-US: Windows Media Player
CVE-2009-XXXX [linux-2.6: /dev/mem rootkit vulnerability]
- linux-2.6 2.6.29-1 (low; bug #524373)
- [etch] - linux-2.6 <no-dsa> (the solution, STRICT_DEVMEM=Y, could potentially lead to unanticipated compatibility problems in the stable releases)
- [lenny] - linux-2.6 <no-dsa> (the solution, STRICT_DEVMEM=Y, could potentially lead to unanticipated compatiblity problems in the stable releases)
+ [etch] - linux-2.6 <no-dsa> (the solution, STRICT_DEVMEM=Y, could potentially lead to unanticipated compatibility problems in the stable releases)
+ [lenny] - linux-2.6 <no-dsa> (the solution, STRICT_DEVMEM=Y, could potentially lead to unanticipated compatiblity problems in the stable releases)
NOTE: This is about an additional hardening feature, not a security issue
- NOTE: - isn't hardening an aspect of security?
- NOTE: - if you can make it "harder" for an attacker to hide himself, shouldn't you do so?
- NOTE: - this problem has been fixed in unstable, so it should be tracked with a non-unimportant urgency
+ NOTE: - isn't hardening an aspect of security?
+ NOTE: - if you can make it "harder" for an attacker to hide himself, shouldn't you do so?
+ NOTE: - this problem has been fixed in unstable, so it should be tracked with a non-unimportant urgency
CVE-2009-XXXX [pptp-linux: unrestrictive pptpsetup permissions]
- pptp-linux <unfixed> (low; bug #523476)
CVE-2009-XXXX [slurm-llnl doesn't drop supplementary groups]
More information about the Secure-testing-commits
mailing list