[Secure-testing-commits] r13552 - data/CVE

Michael Gilbert gilbert-guest at alioth.debian.org
Tue Dec 15 03:58:14 UTC 2009 

Author: gilbert-guest
Date: 2009-12-15 03:58:14 +0000 (Tue, 15 Dec 2009)
New Revision: 13552

Modified:
   data/CVE/list
Log:
issues fixed in 2.6.32

Modified: data/CVE/list
===================================================================
--- data/CVE/list	2009-12-15 03:11:56 UTC (rev 13551)
+++ data/CVE/list	2009-12-15 03:58:14 UTC (rev 13552)
@@ -775,7 +775,7 @@
 CVE-2009-4006 (Stack-based buffer overflow in the TEA decoding algorithm in RhinoSoft ...)
 	NOT-FOR-US: Serv-U FTP server
 CVE-2009-4005 (The collect_rx_frame function in drivers/isdn/hisax/hfc_usb.c in the ...)
-	- linux-2.6 <unfixed> (low)
+	- linux-2.6 2.6.32-1 (low)
 	- linux-2.6.24 <removed> (low)
 CVE-2009-4003
 	RESERVED
@@ -873,11 +873,11 @@
 	NOTE: workarounds include using 5.3.1 or php5-suhosin
 	NOTE: 4B068517.802 at acunetix.com on bugtraq explains it
 CVE-2009-3080 (Array index error in the gdth_read_event function in ...)
-	- linux-2.6 <unfixed> (medium)
+	- linux-2.6 2.6.32-1 (medium)
 	- linux-2.6.24 <removed> (medium)
 	NOTE: http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git;a=commitdiff;h=690e744869f3262855b83b4fb59199cf142765b0
 CVE-2009-4021 (The fuse_direct_io function in fs/fuse/file.c in the fuse subsystem in ...)
-	- linux-2.6 <unfixed> (low)
+	- linux-2.6 2.6.32-1 (low)
 	- linux-2.6.24 <removed> (low)
 	NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=538734
 CVE-2009-3963 (Multiple unspecified vulnerabilities in XOOPS before 2.4.0 Final have ...)
@@ -933,7 +933,7 @@
 	[etch] - linux-2.6 <not-affected> (Vulnerable code not present)
 	- linux-2.6.24 <removed> (low)
 CVE-2009-4004 (Buffer overflow in the kvm_vcpu_ioctl_x86_setup_mce function in ...)
-	- linux-2.6 <unfixed> (medium)
+	- linux-2.6 2.6.32-1 (medium)
 	[etch] - linux-2.6 <not-affected> (kvm introduced in 2.6.25)
 	- linux-2.6.24 <not-affected> (kvm introduced in 2.6.25)
 	- kvm 88+dfsg-2 (medium; bug #557736)
@@ -1895,7 +1895,7 @@
 	- linux-2.6.24 <removed> (low)
 CVE-2009-3620 (The ATI Rage 128 (aka r128) driver in the Linux kernel before ...)
 	{DSA-1928-1 DSA-1927-1}
-	- linux-2.6 <unfixed> (medium)
+	- linux-2.6 2.6.32-1 (medium)
 	- linux-2.6.24 <removed> (medium)
 CVE-2009-3619 (Unspecified vulnerability in ViewVC 1.0 before 1.0.9 and 1.1 before ...)
 	- viewvc <unfixed> (low; bug #560903)

More information about the Secure-testing-commits mailing list