Author: jmm-guest Date: 2005-12-06 13:34:57 +0000 (Tue, 06 Dec 2005) New Revision: 2951 Modified: data/CVE/list Log: kernel updates Modified: data/CVE/list ==================================================================--- data/CVE/list 2005-12-06 13:29:57 UTC (rev 2950) +++ data/CVE/list 2005-12-06 13:34:57 UTC (rev 2951) @@ -528,11 +528,9 @@ CVE-2005-3806 (The IPv6 flowlabel handling code (ip6_flowlabel.c) in Linux kernels ...) - linux-2.6 2.6.14-1 (medium) - kernel-source-2.4.27 <unfixed> (medium) - NOTE: Added to the kernel patch tracker CVE-2005-3805 (A locking problem in POSIX timer cleanup handling on exit in Linux ...) - linux-2.6 <unfixed> (medium) - kernel-source-2.4.27 <unfixed> (medium) - NOTE: Added to the kernel patch tracker CVE-2005-3804 (Cisco IP Phone (VoIP) 7920 1.0(8) listens to UDP port 17185 to support ...) NOT-FOR-US: Cisco hardware CVE-2005-3803 (Cisco IP Phone (VoIP) 7920 1.0(8) contains certain hard-coded ...) @@ -579,11 +577,9 @@ CVE-2005-3784 (The auto-reap of child processes in Linux kernel 2.6 before 2.6.15 ...) - linux-2.6 <unfixed> (medium) - kernel-source-2.4.27 <unfixed> (medium) - NOTE: Added to the kernel patch tracker CVE-2005-3783 (The ptrace functionality (ptrace.c) in Linux kernel 2.6 before ...) - linux-2.6 2.6.14-3 (medium) - kernel-source-2.4.27 <unfixed> (medium) - NOTE: Added to the kernel patch tracker CVE-2005-3782 RESERVED CVE-2004-2606 (The Web interface in Linksys WRT54G 2.02.7 and BEFSR41 version 3, with ...) @@ -1307,8 +1303,8 @@ NOT-FOR-US: TikiWiki CVE-2005-3527 (Race condition in do_coredump in signal.c in Linux kernel 2.6 allows ...) - linux-2.6 2.6.14-1 (low) + - kernel-source-2.4.27 <not-affected> (Vulnerable code was introduced later) [sarge] - kernel-source-2.6.8 <not-affected> (Vulnerable code was introduced later) - [sarge] - kernel-source-2.4.27 <not-affected> (Vulnerable code was introduced later) NOTE: http://svn.debian.org/wsvn/kernel/patch-tracking/CVE-2005-3527?op=file&rev=0&sc=0 CVE-2005-3526 RESERVED @@ -2324,13 +2320,16 @@ [sarge] - kernel-source-2.4.27 2.4.27-10sarge1 (low) CVE-2005-3273 (The rose_rt_ioctl function in rose_route.c for ROSE in Linux 2.6 ...) - linux-2.6 2.6.12-1 + - kernel-source-2.4.27 <not-affected> [sarge] - kernel-source-2.6.8 2.6.8-16sarge1 CVE-2005-3272 (Linux kernel before 2.6.12 allows remote attackers to poison the ...) - linux-2.6 2.6.12-1 - - kernel-source-2.6.8 2.6.8-16sarge1 + - kernel-source-2.4.27 <not-affected> + [sarge] - kernel-source-2.6.8 2.6.8-16sarge1 CVE-2005-3271 (Exec in Linux kernel 2.6 does not properly clear posix-timers in ...) - linux-2.6 <not-affected> (Fixed before linux-2.6 was introduced) - - kernel-source-2.6.8 2.6.8-16sarge1 + - kernel-source-2.4.27 <not-affected> + [sarge] - kernel-source-2.6.8 2.6.8-16sarge1 CVE-2005-3270 (Untrusted search path vulnerability in DiskMountNotify for Symantec ...) NOT-FOR-US: Symantec Antivirus CVE-2005-3269 (Unspecified "security exposure" in the HTTP Admin interface for Sun ...)