Author: gilbert-guest Date: 2009-12-15 03:11:56 +0000 (Tue, 15 Dec 2009) New Revision: 13551 Modified: data/CVE/list Log: new kernel issues Modified: data/CVE/list ==================================================================--- data/CVE/list 2009-12-14 23:43:10 UTC (rev 13550) +++ data/CVE/list 2009-12-15 03:11:56 UTC (rev 13551) @@ -9,11 +9,17 @@ CVE-2009-4309 (Heap-based buffer overflow in the Intel Indeo41 codec for Windows ...) TODO: check CVE-2009-4308 (The ext4_decode_error function in fs/ext4/super.c in the ext4 ...) - TODO: check + - linux-2.6 2.6.32-1 (medium) + [etch] - linux-2.6 <not-affected> (ext4 introduced in 2.6.19) + - linux-2.6.24 <removed> (medium) CVE-2009-4307 (The ext4_fill_flex_info function in fs/ext4/super.c in the Linux ...) - TODO: check + - linux-2.6 <unfixed> (low) + [etch] - linux-2.6 <not-affected> (vulnerable code introduced in 2.6.27) + [lenny] - linux-2.6 <not-affected> (vulnerable code introduced in 2.6.27) + - linux-2.6.24 <not-affected> (vulnerabile code introduced in 2.6.27) CVE-2009-4306 (Unspecified vulnerability in the EXT4_IOC_MOVE_EXT (aka move extents) ...) - TODO: check + - linux-2.6 <unfixed> (medium) + - linux-2.6.24 <removed> (medium) CVE-2009-4291 RESERVED CVE-2009-4290 @@ -423,8 +429,11 @@ RESERVED CVE-2009-4139 RESERVED -CVE-2009-4138 +CVE-2009-4138 [linux-2.6: firewire ohci issue] RESERVED + - linux-2.6 <unfixed> (medium) + [etch] - linux-2.6 <not-affected> (ohci introduced in 2.6.22) + - linux-2.6.24 <removed> (medium) CVE-2009-4137 RESERVED CVE-2009-4136