Author: gilbert-guest
Date: 2010-02-16 17:46:25 +0000 (Tue, 16 Feb 2010)
New Revision: 14109
Modified:
data/CVE/list
Log:
kernel updates
Modified: data/CVE/list
==================================================================---
data/CVE/list 2010-02-16 09:15:19 UTC (rev 14108)
+++ data/CVE/list 2010-02-16 17:46:25 UTC (rev 14109)
@@ -990,8 +990,10 @@
- ircd-ratbox 3.0.6.dfsg-1 (low; bug #567191)
CVE-2010-0299 [unrestrictive permissions for devtmpfs root directory could lead
to privilege escalation]
RESERVED
- - linux-2.6 <unfixed>
- - linux-2.6.24 <removed>
+ - linux-2.6 2.6.32-6
+ [etch] - linux-2.6 <not-affected> (vulnerable code introduced in 2.6.31)
+ [lenny] - linux-2.6 <not-affected> (vulnerable code introduced in
2.6.31)
+ - linux-2.6.24 <not-affected> (vulnerable code introduced in 2.6.31)
CVE-2010-0298 (The x86 emulator in KVM 83 does not use the Current Privilege
Level ...)
{DSA-1996-1}
- linux-2.6 2.6.32-8
@@ -1593,6 +1595,7 @@
CVE-2009-4538 (drivers/net/e1000e/netdev.c in the e1000e driver in the Linux
kernel ...)
{DSA-1996-1}
- linux-2.6 2.6.32-6 (low; bug #564114)
+ [etch] - linux-2.6 <not-affected> (does not have e1000e driver)
- linux-2.6.24 <removed> (low)
NOTE: just like CVE-2009-4536 but was reported later
CVE-2009-4537 (drivers/net/r8169.c in the r8169 driver in the Linux kernel
2.6.32.3 ...)
@@ -2327,6 +2330,7 @@
CVE-2010-0003 (The print_fatal_signal function in kernel/signal.c in the Linux
kernel ...)
{DSA-1996-1}
- linux-2.6 2.6.32-6
+ [etch] - linux-2.6 <not-affected> (does not have print-fatal-signals)
- linux-2.6.24 <removed>
CVE-2010-0002 (The /etc/profile.d/60alias.sh script in the Mandriva bash
package for ...)
- bash <not-affected> (mandriva-specific packaging issue)