On Tue, 10 Nov 2009 09:49:00 +0100, Laurent Bonnaud wrote: > On Sun, 2009-11-08 at 11:08 +0100, Moritz Muehlenhoff wrote: > > > Thanks, fixed in SVN. > > Thanks ! However version 2.6.31-1 in sid is still marked as vulnerable. > The comment at the end of the page says: > > two issues fixed in 2.6.31-1 and two issues still yet to be resolved > > However, when I look at: > > http://www.kernel.org/pub/linux/kernel/v2.6/ChangeLog-2.6.31.5 > > it seems that the 4 issues are fixed: > > uvesafb/connector: Disallow unpliviged users to send netlink packets > pohmelfs/connector: Disallow unpliviged users to configure pohmelfs > dst/connector: Disallow unpliviged users to configure dst > dm/connector: Only process connector packages from privileged processes
you are correct (those commit messages have the wrong upstream commit numbers, which is why i didn't see them). i've updated the tracker. thanks for spotting this. mike -- To UNSUBSCRIBE, email to [email protected] with a subject of "unsubscribe". Trouble? Contact [email protected]
