Author: nion Date: 2009-04-24 10:15:19 +0000 (Fri, 24 Apr 2009) New Revision: 11710 Modified: data/CVE/list Log: adjust /dev/mem rootkit impact again, we don''t track things that are no vulnerability by itself Modified: data/CVE/list ==================================================================--- data/CVE/list 2009-04-24 09:52:42 UTC (rev 11709) +++ data/CVE/list 2009-04-24 10:15:19 UTC (rev 11710) @@ -100,7 +100,7 @@ CVE-2009-1331 (Integer overflow in Microsoft Windows Media Player (WMP) ...) NOT-FOR-US: Windows Media Player CVE-2009-XXXX [linux-2.6: /dev/mem rootkit vulnerability] - - linux-2.6 2.6.29-1 (low; bug #524373) + - linux-2.6 2.6.29-1 (unimportant; bug #524373) [etch] - linux-2.6 <no-dsa> (the solution, STRICT_DEVMEM=Y, could potentially lead to unanticipated compatibility problems in the stable releases) [lenny] - linux-2.6 <no-dsa> (the solution, STRICT_DEVMEM=Y, could potentially lead to unanticipated compatiblity problems in the stable releases) NOTE: This is about an additional hardening feature, not a security issue