Secure testing commits - Mar 2005 - r666 - sarge-checks/CAN

Author: jmm-guest
Date: 2005-03-26 08:38:40 +0000 (Sat, 26 Mar 2005)
New Revision: 666

Modified:
   sarge-checks/CAN/list
Log:
Mark some bugs fixed in kernel-source-2.4.27 2.4.27-9.

There''s a misnaming in the changelog: CAN-2004-1114 does not relate to
the "int 0x80 hole" on AMD64, but to a Skype buffer overflow. This
should be fixed retroactively in the changelog for the next upload.


Modified: sarge-checks/CAN/list
==================================================================---
sarge-checks/CAN/list	2005-03-26 01:40:01 UTC (rev 665)
+++ sarge-checks/CAN/list	2005-03-26 08:38:40 UTC (rev 666)
@@ -973,8 +973,7 @@
 	NOTE: 2.4.27 seems to be unaffected
 CAN-2005-0531 (The atm_get_addr function in addr.c for Linux kernel 2.6.10 and
2.6.11 ...)
 	- kernel-source-2.6.8 2.6.8-14
-	- kernel-source-2.4.27 (unfixed; bug #296905)
-	NOTE: affects 2.6 and 2.4
+	- kernel-source-2.4.27 2.4.27-9
 CAN-2005-0530 (Signedness error in the copy_from_read_buf function in n_tty.c
for ...)
 	- kernel-source-2.6.8 2.6.8-14
 	NOTE: affects only 2.6 (see #296906)
@@ -1728,7 +1727,7 @@
 	{DSA-693-1}
 CAN-2005-0384 (Unknown vulnerability in the PPP driver for the Linux kernel
2.6.8.1 ...)
 	- kernel-source-2.6.8 2.6.8-15
-	- kernel-source-2.4.27 (pending; fixed in debian-kernel SVN)
+	- kernel-source-2.4.27 2.4.27-9
 CAN-2004-1488 (wget 1.8.x and 1.9.x does not filter or quote control characters
when ...)
 	NOTE: Submitted patch not acceptable according to Andreas Barth
 	- wget (unfixed; bug #261755)
@@ -2380,6 +2379,7 @@
 CAN-2005-0209 (Netfilter in Linux kernel 2.6.8.1 allows remote attackers to
cause a ...)
 	NOTE: <horms> all kernels seem to be clear with regards to 2005-0209
 	NOTE: <dilinger>
http://oss.sgi.com/archives/netdev/2005-01/msg01072.html resolves this and it is
in all our kernels
+	- kernel-source-2.4.27 2.4.27-9
 CAN-2005-0208 (The HTML parsing functions in Gaim before 1.1.4 allow remote
attackers ...)
 	- gaim 1:1.1.4
 CAN-2005-0207 (Unknown vulnerability in Linux kernel 2.4.x, 2.5.x, and 2.6.x
allows ...)
@@ -2976,8 +2976,7 @@
 	- mysql-dfsg-4.1 4.1.8a-6
 	- mysql-dfsg 4.0.23-3
 CAN-2005-0003 (The 64 bit ELF support in Linux kernel 2.6 before 2.6.10, on
64-bit ...)
-	NOTE: 2.4 unaffected; 64 bit arches only
-	NOTE: Fixed upstream in 2.6.10
+	- kernel-source-2.4.27 2.4.27-9
 	- kernel-source-2.6.8 2.6.8-9
 	- kernel-source-2.6.9 2.6.9-3
 CAN-2005-0002 (poppassd_pam 1.0 and earlier, when changing a user password,
does not ...)