[Secure-testing-commits] r2558 - data/CVE

Micah Anderson Mon, 24 Oct 2005 10:09:51 -0700

Author: micah
Date: 2005-10-24 17:09:18 +0000 (Mon, 24 Oct 2005)
New Revision: 2558


Modified:
   data/CVE/list
Log:
Updated kernel CVEs


Modified: data/CVE/list
===================================================================
--- data/CVE/list       2005-10-24 15:34:14 UTC (rev 2557)
+++ data/CVE/list       2005-10-24 17:09:18 UTC (rev 2558)
@@ -59,16 +59,24 @@
        NOTE: see 
http://www.apsis.ch/pound/pound_list/archive/2005/2005-10/1129827166000/index_html?fullMode=1#1129827166000
 CVE-2005-3276 (The sys_get_thread_area function in process.c in Linux 2.6 
before ...)
        - linux-2.6 2.6.12-2
+       - kernel-source-2.6.8 2.6.8-16sarge1
 CVE-2005-3275 (The NAT code (1) ip_nat_proto_tcp.c and (2) ip_nat_proto_udp.c 
in ...)
        - linux-2.6 2.6.13-1
+       - kernel-source-2.6.8 2.6.8-16sarge1
+       - kernel-source-2.4.27 2.4.27-10sarge1
 CVE-2005-3274 (Race condition in ip_vs_conn_flush in Linux 2.6 before 2.6.13 
and 2.4 ...)
        - linux-2.6 2.6.13-1
+       - kernel-source-2.6.8 2.6.8-16sarge1
+       - kernel-source-2.4.27 2.4.27-10sarge1
 CVE-2005-3273 (The rose_rt_ioctl function in rose_route.c for ROSE in Linux 
2.6 ...)
        - linux-2.6 2.6.12-1
+       - kernel-source-2.6.8 2.6.8-16sarge1
 CVE-2005-3272 (Linux kernel before 2.6.12 allows remote attackers to poison 
the ...)
        - linux-2.6 2.6.12-1
+       - kernel-source-2.6.8 2.6.8-16sarge1
 CVE-2005-3271 (Exec in Linux kernel 2.6 does not properly clear posix-timers 
in ...)
        - linux-2.6 <not-affected> (Fixed before linux-2.6 was introduced)
+       - kernel-source-2.6.8 2.6.8-16sarge1
 CVE-2005-3270 (Untrusted search path vulnerability in DiskMountNotify for 
Symantec ...)
        NOT-FOR-US: Symantec Antivirus
 CVE-2005-3269 (Unspecified &quot;security exposure&quot; in the HTTP Admin 
interface for Sun ...)
@@ -1506,8 +1514,9 @@
        {DSA-793-1}
        - courier 0.47-8 (medium; bug #325631)
 CVE-2005-2801 (xattr.c in the ext2 and ext3 file system code for Linux kernel 
2.6 ...)
-       - kernel-source-2.4.27 2.4.27-11 (medium)
-       TODO: check what version of linux-2.6 fixed this. (See bug #328395)
+       - kernel-source-2.6.8 2.6.8-16sarge1 (medium)
+       - kernel-source-2.4.27 2.4.27-10sarge1
+       NOTE: this was fixed upstream in 2.6.11 (See bug #328395)
        NOTE: http://lists.debian.org/debian-kernel/2005/08/msg00238.html
 CVE-2005-2873 (The ipt_recent kernel module (ipt_recent.c) in Linux kernel 
2.6.12 and ...)
        - kernel-source-2.4.27 <unfixed> (bug #332228; low)
@@ -2242,7 +2251,7 @@
 CVE-2005-2554 (The web server for Network Associates ePolicy Orchestrator 
Agent 3.5.0 ...)
        NOT-FOR-US: Network Associated ePolicy Orchestrator Agent
 CVE-2005-2553 (The find_target function in ptrace32.c in the Linux kernel 
2.4.x ...)
-       - kernel-source-2.4.27 2.4.27-10sarge2 (bug #323363; medium)
+       - kernel-source-2.4.27 2.4.27-10sarge1 (bug #323363; medium)
        - kernel-source-2.4.27 2.4.27-12 (medium)
 CVE-2005-2552 (Unknown vulnerability in HP ProLiant DL585 servers running 
Integrated ...)
        NOT-FOR-US: Integrated Light Out in HP servers


_______________________________________________
Secure-testing-commits mailing list
Secure-testing-commits@lists.alioth.debian.org
http://lists.alioth.debian.org/mailman/listinfo/secure-testing-commits

[Secure-testing-commits] r2558 - data/CVE

Reply via email to