[Secure-testing-commits] r22070 - data/CVE

Salvatore Bonaccorso carnil at debian.org
Sun Apr 28 22:06:43 UTC 2013


Hi Mike

On Sun, Apr 28, 2013 at 05:50:44PM -0400, Michael Gilbert wrote:
> On Sun, Apr 28, 2013 at 5:45 PM, Salvatore Bonaccorso wrote:
> > Author: carnil
> > Date: 2013-04-28 21:45:14 +0000 (Sun, 28 Apr 2013)
> > New Revision: 22070
> >
> > Modified:
> >    data/CVE/list
> > Log:
> > update entry for CVE-2013-3226, linux
> >
> > Modified: data/CVE/list
> > ===================================================================
> > --- data/CVE/list       2013-04-28 21:39:52 UTC (rev 22069)
> > +++ data/CVE/list       2013-04-28 21:45:14 UTC (rev 22070)
> > @@ -103,6 +103,9 @@
> >         - linux-2.6 <not-affected> (net/caif/caif_socket.c introduced in v2.6.35)
> >         - linux <unfixed>
> >  CVE-2013-3226 (The sco_sock_recvmsg function in net/bluetooth/sco.c in the Linux ...)
> > +       - linux-2.6 <undetermined>
> > +       - linux <undetermined>
> > +       NOTE: sco_sock_recvmsg only introduced with v3.8; please double check
> >         TODO: check
> >  CVE-2013-3225 (The rfcomm_sock_recvmsg function in net/bluetooth/rfcomm/sock.c in the ...)
> >         TODO: check
> Salvatore,
> 
> Are you aware of kernel-sec [0]?  That is where kernel issues are
> primarily tracked, so the info in the previous commits would be
> helpful to them.

No, was not aware that kernel issues are tracked primarly there.  Will
try to have a look there tomorrow.

Thank you for the hint/pointer!

Regards,
Salvatore



More information about the Secure-testing-commits mailing list