Author: jmm-guest
Date: 2005-12-06 13:34:57 +0000 (Tue, 06 Dec 2005)
New Revision: 2951
Modified:
data/CVE/list
Log:
kernel updates
Modified: data/CVE/list
===================================================================
--- data/CVE/list 2005-12-06 13:29:57 UTC (rev 2950)
+++ data/CVE/list 2005-12-06 13:34:57 UTC (rev 2951)
@@ -528,11 +528,9 @@
CVE-2005-3806 (The IPv6 flowlabel handling code (ip6_flowlabel.c) in Linux
kernels ...)
- linux-2.6 2.6.14-1 (medium)
- kernel-source-2.4.27 <unfixed> (medium)
- NOTE: Added to the kernel patch tracker
CVE-2005-3805 (A locking problem in POSIX timer cleanup handling on exit in
Linux ...)
- linux-2.6 <unfixed> (medium)
- kernel-source-2.4.27 <unfixed> (medium)
- NOTE: Added to the kernel patch tracker
CVE-2005-3804 (Cisco IP Phone (VoIP) 7920 1.0(8) listens to UDP port 17185 to
support ...)
NOT-FOR-US: Cisco hardware
CVE-2005-3803 (Cisco IP Phone (VoIP) 7920 1.0(8) contains certain hard-coded
...)
@@ -579,11 +577,9 @@
CVE-2005-3784 (The auto-reap of child processes in Linux kernel 2.6 before
2.6.15 ...)
- linux-2.6 <unfixed> (medium)
- kernel-source-2.4.27 <unfixed> (medium)
- NOTE: Added to the kernel patch tracker
CVE-2005-3783 (The ptrace functionality (ptrace.c) in Linux kernel 2.6 before
...)
- linux-2.6 2.6.14-3 (medium)
- kernel-source-2.4.27 <unfixed> (medium)
- NOTE: Added to the kernel patch tracker
CVE-2005-3782
RESERVED
CVE-2004-2606 (The Web interface in Linksys WRT54G 2.02.7 and BEFSR41 version
3, with ...)
@@ -1307,8 +1303,8 @@
NOT-FOR-US: TikiWiki
CVE-2005-3527 (Race condition in do_coredump in signal.c in Linux kernel 2.6
allows ...)
- linux-2.6 2.6.14-1 (low)
+ - kernel-source-2.4.27 <not-affected> (Vulnerable code was introduced
later)
[sarge] - kernel-source-2.6.8 <not-affected> (Vulnerable code was
introduced later)
- [sarge] - kernel-source-2.4.27 <not-affected> (Vulnerable code was
introduced later)
NOTE:
http://svn.debian.org/wsvn/kernel/patch-tracking/CVE-2005-3527?op=file&rev=0&sc=0
CVE-2005-3526
RESERVED
@@ -2324,13 +2320,16 @@
[sarge] - kernel-source-2.4.27 2.4.27-10sarge1 (low)
CVE-2005-3273 (The rose_rt_ioctl function in rose_route.c for ROSE in Linux
2.6 ...)
- linux-2.6 2.6.12-1
+ - kernel-source-2.4.27 <not-affected>
[sarge] - kernel-source-2.6.8 2.6.8-16sarge1
CVE-2005-3272 (Linux kernel before 2.6.12 allows remote attackers to poison
the ...)
- linux-2.6 2.6.12-1
- - kernel-source-2.6.8 2.6.8-16sarge1
+ - kernel-source-2.4.27 <not-affected>
+ [sarge] - kernel-source-2.6.8 2.6.8-16sarge1
CVE-2005-3271 (Exec in Linux kernel 2.6 does not properly clear posix-timers
in ...)
- linux-2.6 <not-affected> (Fixed before linux-2.6 was introduced)
- - kernel-source-2.6.8 2.6.8-16sarge1
+ - kernel-source-2.4.27 <not-affected>
+ [sarge] - kernel-source-2.6.8 2.6.8-16sarge1
CVE-2005-3270 (Untrusted search path vulnerability in DiskMountNotify for
Symantec ...)
NOT-FOR-US: Symantec Antivirus
CVE-2005-3269 (Unspecified "security exposure" in the HTTP Admin
interface for Sun ...)
_______________________________________________
Secure-testing-commits mailing list
Secure-testing-commits@lists.alioth.debian.org
http://lists.alioth.debian.org/mailman/listinfo/secure-testing-commits
