Author: joeyh
Date: 2004-12-30 12:03:13 -0700 (Thu, 30 Dec 2004)
New Revision: 218
Modified:
sarge-checks/CAN/list
Log:
kernel security updates
Modified: sarge-checks/CAN/list
==================================================================---
sarge-checks/CAN/list 2004-12-30 17:57:42 UTC (rev 217)
+++ sarge-checks/CAN/list 2004-12-30 19:03:13 UTC (rev 218)
@@ -371,8 +371,7 @@
CAN-2004-1138 (Unknown vulnerability in Vim modeline options, such as (1)
termcap, ...)
- vim 1:6.3-046+0sarge1
CAN-2004-1137 (Multiple vulnerabilities in the IGMP functionality for Linux
kernel ...)
- NOTE: Fixed in kernel team svn
- TODO: track fix
+ - kernel-image-2.4.27-i386 2.4.27-7
CAN-2004-1136 (Buffer overflow in CuteFTP Professional 6.0, and possibly other
...)
NOTE: not-for-us (CuteFTP)
CAN-2004-1135 (Multiple buffer overflows in WS_FTP Server 5.03 2004.10.14 allow
...)
@@ -502,6 +501,7 @@
- zope-zwiki (unfixed; bug #282944)
CAN-2004-1074 (The binfmt functionality in the Linux kernel, when
"memory overcommit" ...)
- kernel-source-2.6.8 2.6.8-9
+ - kernel-source-2.4.27 2.4.27-7
CAN-2004-1073 (The open_exec function in the execve functionality (exec.c) in
Linux ...)
NOTE: fixed in 2.6.8 and 2.4.27
CAN-2004-1072 (The binfmt_elf loader (binfmt_elf.c) in Linux kernel 2.4.x up to
...)
@@ -514,8 +514,8 @@
NOTE: fixed in kernel team svn, 2.6 only issue
TODO: make sure it gets to testing, add release version
CAN-2004-1068 (A "missing serialization" error in the
unix_dgram_recvmsg function in ...)
- NOTE: fixed in kernel team svn, 2.6 only issue
- TODO: make sure it gets to testing, add release version
+ TODO: make sure it gets to testing, and the kernel-images built from it
+ - kernel-source-2.4.27 2.4.27-7
CAN-2004-1067 (Off-by-one error in the mysasl_canon_user function in Cyrus IMAP
...)
NOTE: verified cyrus21-imapd 2.1.17-3 is not vulnerable, seems
NOTE: to only affect 2.2 series.
@@ -532,6 +532,7 @@
- php4 4:4.3.10-1
CAN-2004-1062
NOTE: reserved
+ - viewcvs (unfixed; bug #287771)
CAN-2004-1061
NOTE: reserved
CAN-2004-1060
@@ -629,8 +630,7 @@
CAN-2004-1017
NOTE: reserved
CAN-2004-1016 (The scm_send function in the scm layer for Linux kernel 2.4.x up
to ...)
- NOTE: fixed in kernel team svn
- TODO: track fix
+ - kernel-image-2.4.27-i386 2.4.27-7
CAN-2004-1015 (Buffer overflow in proxyd for Cyrus IMAP Server 2.2.9 and
earlier, ...)
NOTE: cyrus-imapd not vulnerable
NOTE: cyrus21-imapd not vulnerable
@@ -1106,12 +1106,8 @@
{DSA-600-1}
CAN-2004-0814 (Multiple race conditions in the terminal layer in Linux 2.4.x,
and ...)
- kernel-source-2.6.8 2.6.8-8
- - kernel-source-2.4.27 2.4.27-6
- NOTE: "fix race conditions in linux terminal subsystem"
+ - kernel-source-2.4.27 2.4.27-7
NOTE: and all kernels build from it:
- - kernel-image-2.6.8-1-386 2.6.8-5
- - kernel-image-2.4.27-i386 2.4.27-6
- TODO: other arches?
CAN-2004-0813 (Unknown vulnerability in the SG_IO functionality in ide-cd
allows ...)
NOTE: ide-cd SG_IO vulnerability
NOTE: fixed in recent 2.6 and 2.4 kernels