[Secure-testing-commits] r13990 - data/CVE
Moritz Muehlenhoff
jmm-guest at alioth.debian.org
Mon Feb 1 18:20:27 UTC 2010
Author: jmm-guest
Date: 2010-02-01 18:20:14 +0000 (Mon, 01 Feb 2010)
New Revision: 13990
Modified:
data/CVE/list
Log:
kernel fixes
Modified: data/CVE/list
===================================================================
--- data/CVE/list 2010-02-01 13:30:31 UTC (rev 13989)
+++ data/CVE/list 2010-02-01 18:20:14 UTC (rev 13990)
@@ -343,6 +343,7 @@
RESERVED
CVE-2010-0291
RESERVED
+ - linux-2.6 2.6.32-6
CVE-2010-0290 (Unspecified vulnerability in ISC BIND 9.0.x through 9.3.x, 9.4 before ...)
- bind9 <unfixed>
NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=554851#c7
@@ -912,14 +913,14 @@
CVE-2010-0096
RESERVED
CVE-2009-4538 (drivers/net/e1000e/netdev.c in the e1000e driver in the Linux kernel ...)
- - linux-2.6 <unfixed> (low; bug #564114)
+ - linux-2.6 2.6.32-6 (low; bug #564114)
- linux-2.6.24 <removed> (low)
NOTE: just like CVE-2009-4536 but was reported later
CVE-2009-4537 (drivers/net/r8169.c in the r8169 driver in the Linux kernel 2.6.32.3 ...)
- linux-2.6 <unfixed> (medium; bug #564110)
- linux-2.6.24 <removed> (medium)
CVE-2009-4536 (drivers/net/e1000/e1000_main.c in the e1000 driver in the Linux kernel ...)
- - linux-2.6 <unfixed> (low; bug #564114)
+ - linux-2.6 2.6.32-6 (low; bug #564114)
- linux-2.6.24 <removed> (low)
CVE-2009-4535 (Mongoose 2.8.0 and earlier allows remote attackers to obtain the ...)
NOT-FOR-US: Mongoose
@@ -1630,10 +1631,10 @@
CVE-2010-0008
RESERVED
CVE-2010-0007 (net/bridge/netfilter/ebtables.c in the ebtables module in the ...)
- - linux-2.6 <unfixed>
+ - linux-2.6 2.6.32-6
- linux-2.6.24 <removed>
CVE-2010-0006 (The ipv6_hop_jumbo function in net/ipv6/exthdrs.c in the Linux kernel ...)
- - linux-2.6 <unfixed>
+ - linux-2.6 2.6.32-6
[lenny] - linux-2.6 <not-affected> (vulnerable code introduced in 2.6.28)
[etch] - linux-2.6 <not-affected> (vulnerable code introduced in 2.6.28)
- linux-2.6.24 <not-affected> (vulnerable code introduced in 2.6.28)
@@ -1646,7 +1647,7 @@
- viewvc <unfixed>
TODO: check
CVE-2010-0003 (The print_fatal_signal function in kernel/signal.c in the Linux kernel ...)
- - linux-2.6 <unfixed>
+ - linux-2.6 2.6.32-6
- linux-2.6.24 <removed>
CVE-2010-0002 (The /etc/profile.d/60alias.sh script in the Mandriva bash package for ...)
- bash <not-affected> (mandriva-specific packaging issue)
@@ -2105,7 +2106,7 @@
CVE-2009-4142 (The htmlspecialchars function in PHP before 5.2.12 does not properly ...)
- php5 5.2.12.dfsg.1-1 (medium)
CVE-2009-4141 (Use-after-free vulnerability in the fasync_helper function in ...)
- - linux-2.6 <unfixed>
+ - linux-2.6 2.6.32-6
[lenny] - linux-2.6 <not-affected> (vulnerable code introduced in 2.6.28)
[etch] - linux-2.6 <not-affected> (vulnerable code introduced in 2.6.28)
- linux-2.6.24 <not-affected> (vulnerable code introduced in 2.6.28)
@@ -2675,7 +2676,7 @@
CVE-2009-3940 (Unspecified vulnerability in Guest Additions in Sun xVM VirtualBox ...)
- virtualbox-guest-additions 3.0.10-1
CVE-2009-3939 (The poll_mode_io file for the megaraid_sas driver in the Linux kernel ...)
- - linux-2.6 <unfixed> (low)
+ - linux-2.6 2.6.32-6 (low)
[etch] - linux-2.6 <not-affected> (Vulnerable code not present)
- linux-2.6.24 <removed> (low)
CVE-2009-4004 (Buffer overflow in the kvm_vcpu_ioctl_x86_setup_mce function in ...)
More information about the Secure-testing-commits
mailing list