[Secure-testing-commits] r16160 - in data: CVE DSA

Moritz Muehlenhoff jmm at alioth.debian.org
Wed Feb 16 09:13:29 UTC 2011 

Author: jmm
Date: 2011-02-16 09:13:12 +0000 (Wed, 16 Feb 2011)
New Revision: 16160

Modified:
   data/CVE/list
   data/DSA/list
Log:
update 2.6.26 status from kernel-sec tracker




Modified: data/CVE/list
===================================================================
--- data/CVE/list	2011-02-16 09:01:39 UTC (rev 16159)
+++ data/CVE/list	2011-02-16 09:13:12 UTC (rev 16160)
@@ -3563,6 +3563,7 @@
 	RESERVED
 CVE-2010-4263 (The igb_receive_skb function in drivers/net/igb/igb_main.c in the ...)
 	- linux-2.6 2.6.32-30
+	[lenny] - linux-2.6 <not-affected> (Vulnerable code not present)
 CVE-2010-4262 (Stack-based buffer overflow in Xfig 3.2.4 and 3.2.5 allows remote ...)
 	- xfig 3.2.5.b-1.1 (bug #606257)
 	NOTE: details and patch at https://bugzilla.redhat.com/659676
@@ -3801,6 +3802,7 @@
 	- udev <not-affected> (vulnerable script not shipped; fedora-specific issue)
 CVE-2010-4175 (Integer overflow in the rds_cmsg_rdma_args function (net/rds/rdma.c) ...)
 	- linux-2.6 2.6.32-28 
+	[lenny] - linux-2.6 <not-affected> (RDS introduced in 2.6.30)
 CVE-2010-4174
 	RESERVED
 CVE-2010-4173 (The default configuration of libsdp.conf in libsdp 1.1.104 and earlier ...)
@@ -3814,6 +3816,7 @@
 	- systemtap 1.2-3 (bug #603946)
 CVE-2010-4169 (Use-after-free vulnerability in mm/mprotect.c in the Linux kernel ...)
 	- linux-2.6 2.6.32-29
+	[lenny] - linux-2.6 <not-affected> (perf counters not yet present)
 CVE-2010-4168 (Multiple use-after-free vulnerabilities in OpenTTD 1.0.x before 1.0.5 ...)
 	- openttd 1.0.4-3 (bug #603752)
 	[lenny] - openttd <not-affected> (Introduced in 1.0)
@@ -3824,6 +3827,7 @@
 	NOT-FOR-US: Joomla
 CVE-2010-4165 (The do_tcp_setsockopt function in net/ipv4/tcp.c in the Linux kernel ...)
 	- linux-2.6 2.6.32-28
+	[lenny] - linux-2.6 <not-affected> (Introduced in 2.6.28)
 CVE-2010-4164 (Multiple integer underflows in the x25_parse_facilities function in ...)
 	{DSA-2126-1}
 	- linux-2.6 2.6.32-28
@@ -3835,6 +3839,7 @@
 	- linux-2.6 2.6.32-29
 CVE-2010-4161 (The udp_queue_rcv_skb function in net/ipv4/udp.c in a certain Red Hat ...)
 	- linux-2.6 2.6.28-1 
+	[lenny] - linux-2.6 <not-affected> (Vulnerable code not present)
 	NOTE: https://bugzilla.redhat.com/CVE-2010-4161
 CVE-2010-4159 (Untrusted search path vulnerability in metadata/loader.c in Mono 2.8 ...)
 	- mono 2.6.7-4 (bug #605097)
@@ -4503,6 +4508,7 @@
 	NOT-FOR-US: CMS Made Simple
 CVE-2010-3881 (arch/x86/kvm/x86.c in the Linux kernel before 2.6.36.2 does not ...)
 	- linux-2.6 2.6.32-29 (low)
+	[lenny] - linux-2.6 <not-affected> (Vulnerable code not present)
 CVE-2010-3880 (net/ipv4/inet_diag.c in the Linux kernel before 2.6.37-rc2 does not ...)
 	{DSA-2126-1}
 	- linux-2.6 2.6.32-30 (low)
@@ -5073,6 +5079,7 @@
 	- linux-2.6 2.6.32-31
 CVE-2010-3698 (The KVM implementation in the Linux kernel before 2.6.36 does not ...)
 	- linux-2.6 2.6.32-28
+	[lenny] - linux-2.6 <not-affected> (Vulnerable code not present)
 CVE-2010-3697 (The wait_for_child_to_die function in main/event.c in FreeRADIUS 2.1.x ...)
 	- freeradius 2.1.10+dfsg-1 (bug #600176; unimportant)
 	NOTE: requires server to be down already
@@ -7072,6 +7079,7 @@
 	- linux-2.6 2.6.32-26
 CVE-2010-2962 (drivers/gpu/drm/i915/i915_gem.c in the Graphics Execution Manager ...)
 	- linux-2.6 2.6.32-25
+	[lenny] - linux-2.6 <not-affected> (Vulnerable code not present)
 CVE-2010-2961 (mountall.c in mountall before 2.15.2 uses 0666 permissions for the ...)
 	NOT-FOR-US: mountall
 CVE-2010-2960 (The keyctl_session_to_parent function in security/keys/keyctl.c in the ...)
@@ -11348,6 +11356,7 @@
 	- linux-2.6 2.6.32-13
 CVE-2010-1436 (gfs2 in the Linux kernel 2.6.18, and possibly other versions, does not ...)
 	- linux-2.6 2.6.32-25
+	[lenny] - linux-2.6 2.6.26-23
 CVE-2010-1435
 	RESERVED
 CVE-2010-1434

Modified: data/DSA/list
===================================================================
--- data/DSA/list	2011-02-16 09:01:39 UTC (rev 16159)
+++ data/DSA/list	2011-02-16 09:13:12 UTC (rev 16160)
@@ -124,7 +124,7 @@
 	{CVE-2010-3445}
 	[lenny] - wireshark 1.0.2-3+lenny11
 [26 Nov 2010] DSA-2126-1 linux-2.6 - several issues
-	{CVE-2010-2963 CVE-2010-3067 CVE-2010-3296 CVE-2010-3297 CVE-2010-3310 CVE-2010-3432 CVE-2010-3437 CVE-2010-3442 CVE-2010-3448 CVE-2010-3477 CVE-2010-3705 CVE-2010-3848 CVE-2010-3849 CVE-2010-3850 CVE-2010-3858 CVE-2010-3859 CVE-2010-3873 CVE-2010-3874 CVE-2010-3875 CVE-2010-3876 CVE-2010-3877 CVE-2010-3880 CVE-2010-4072 CVE-2010-4073 CVE-2010-4074 CVE-2010-4078 CVE-2010-4079 CVE-2010-4080 CVE-2010-4081 CVE-2010-4083 CVE-2010-4164}
+	{CVE-2010-2963 CVE-2010-3067 CVE-2010-3296 CVE-2010-3297 CVE-2010-3310 CVE-2010-3432 CVE-2010-3437 CVE-2010-3442 CVE-2010-3448 CVE-2010-3477 CVE-2010-3705 CVE-2010-3848 CVE-2010-3849 CVE-2010-3850 CVE-2010-3858 CVE-2010-3859 CVE-2010-3873 CVE-2010-3874 CVE-2010-3875 CVE-2010-3876 CVE-2010-3877 CVE-2010-3880 CVE-2010-4072 CVE-2010-4073 CVE-2010-4074 CVE-2010-4078 CVE-2010-4079 CVE-2010-4080 CVE-2010-4081 CVE-2010-4083 CVE-2010-4157 CVE-2010-4160 CVE-2010-4164}
 	[lenny] - linux-2.6 2.6.26-26lenny1
 [22 Nov 2010] DSA-2125-1 openssl - buffer overflow
 	{CVE-2010-3864}

More information about the Secure-testing-commits mailing list