[Secure-testing-commits] r14109 - data/CVE

Michael Gilbert gilbert-guest at alioth.debian.org
Tue Feb 16 17:46:26 UTC 2010


Author: gilbert-guest
Date: 2010-02-16 17:46:25 +0000 (Tue, 16 Feb 2010)
New Revision: 14109

Modified:
   data/CVE/list
Log:
kernel updates

Modified: data/CVE/list
===================================================================
--- data/CVE/list	2010-02-16 09:15:19 UTC (rev 14108)
+++ data/CVE/list	2010-02-16 17:46:25 UTC (rev 14109)
@@ -990,8 +990,10 @@
 	- ircd-ratbox 3.0.6.dfsg-1 (low; bug #567191)
 CVE-2010-0299 [unrestrictive permissions for devtmpfs root directory could lead to privilege escalation]
 	RESERVED
-	- linux-2.6 <unfixed>
-	- linux-2.6.24 <removed>
+	- linux-2.6 2.6.32-6 
+	[etch] - linux-2.6 <not-affected> (vulnerable code introduced in 2.6.31)
+	[lenny] - linux-2.6 <not-affected> (vulnerable code introduced in 2.6.31)
+	- linux-2.6.24 <not-affected> (vulnerable code introduced in 2.6.31)
 CVE-2010-0298 (The x86 emulator in KVM 83 does not use the Current Privilege Level ...)
 	{DSA-1996-1}
 	- linux-2.6 2.6.32-8
@@ -1593,6 +1595,7 @@
 CVE-2009-4538 (drivers/net/e1000e/netdev.c in the e1000e driver in the Linux kernel ...)
 	{DSA-1996-1}
 	- linux-2.6 2.6.32-6 (low; bug #564114)
+	[etch] - linux-2.6 <not-affected> (does not have e1000e driver)
 	- linux-2.6.24 <removed> (low)
 	NOTE: just like CVE-2009-4536 but was reported later
 CVE-2009-4537 (drivers/net/r8169.c in the r8169 driver in the Linux kernel 2.6.32.3 ...)
@@ -2327,6 +2330,7 @@
 CVE-2010-0003 (The print_fatal_signal function in kernel/signal.c in the Linux kernel ...)
 	{DSA-1996-1}
 	- linux-2.6 2.6.32-6
+	[etch] - linux-2.6 <not-affected> (does not have print-fatal-signals)
 	- linux-2.6.24 <removed>
 CVE-2010-0002 (The /etc/profile.d/60alias.sh script in the Mandriva bash package for ...)
 	- bash <not-affected> (mandriva-specific packaging issue)




More information about the Secure-testing-commits mailing list