Author: jmm-guest
Date: 2006-03-24 09:08:25 +0000 (Fri, 24 Mar 2006)
New Revision: 3677
Modified:
data/CVE/list
Log:
update information for 2.4.27 from patch tracker
Modified: data/CVE/list
==================================================================---
data/CVE/list 2006-03-24 08:12:39 UTC (rev 3676)
+++ data/CVE/list 2006-03-24 09:08:25 UTC (rev 3677)
@@ -5040,7 +5040,7 @@
NOT-FOR-US: Ebuild IndeX
CVE-2005-3784 (The auto-reap of child processes in Linux kernel 2.6 before
2.6.15 ...)
- linux-2.6 <unfixed> (medium)
- - kernel-source-2.4.27 <unfixed> (medium)
+ - kernel-source-2.4.27 <not-affected>
CVE-2005-3783 (The ptrace functionality (ptrace.c) in Linux kernel 2.6 before
...)
- linux-2.6 2.6.14-3 (medium)
CVE-2005-3782
@@ -7132,7 +7132,6 @@
- php4 4:4.4.0-3 (low)
CVE-2005-3180 (The Orinoco driver (orinoco.c) in Linux kernel 2.6.13 and
earlier does ...)
- linux-2.6 2.6.13+2.6.14-rc4-0experimental.1 (medium)
- - kernel-source-2.4.27 2.4.27-12 (medium)
CVE-2005-3119 (Memory leak in the request_key_auth_destroy function in ...)
- linux-2.6 2.6.13-2 (low)
- kernel-source-2.4.27 <not-affected>
@@ -7301,7 +7300,7 @@
CVE-2005-3109 (The HFS and HFS+ (hfsplus) modules in Linux 2.6 allow attackers
to ...)
{DSA-922-1}
- linux-2.6 <not-affected> (Fixed before upload into archive; 2.6.11.12)
- - kernel-source-2.4.27 <unfixed> (low)
+ - kernel-source-2.4.27 <not-affected>
CVE-2005-3108 (mm/ioremap.c in Linux 2.6 on 64-bit x86 systems allows local
users to ...)
{DSA-922-1}
- linux-2.6 <not-affected> (Fixed before upload into archive; 2.6.11.12)
@@ -7315,7 +7314,8 @@
- linux-2.6 <not-affected> (Fixed before upload into archive; 2.6.11)
CVE-2005-3105 (The mprotect code (mprotect.c) in Linux 2.6 on Itanium IA64
Montecito ...)
{DSA-922-1}
- - kernel-source-2.4.27 <unfixed> (bug #332569; medium)
+ - kernel-source-2.4.27 <unfixed> (bug #332569; unimportant)
+ NOTE: Montecito CPUs are not available on the market yet
- linux-2.6 2.6.12-1
CVE-2005-XXXX [Minor local DoS as libldap]
- openldap <unfixed> (bug #253838; low)
@@ -8396,7 +8396,7 @@
- linux-2.6 <not-affected> (Fixed before upload into archive; 2.6.11)
TODO: When was this fixed in sid for 2.4?
CVE-2005-2873 (The ipt_recent kernel module (ipt_recent.c) in Linux kernel
2.6.12 and ...)
- - kernel-source-2.4.27 <unfixed> (bug #332228; low)
+ [sarge] - kernel-source-2.4.27 <no-dsa> (Unfixable design issues)
- kernel-source-2.6.8 <unfixed> (bug #332231; low)
- linux-2.6 <unfixed> (bug #332381; low)
NOTE: Dave Miller didn''t like the proposed fix and considers a
complete rewrite
@@ -18308,8 +18308,7 @@
- kdenetwork 4:3.1.6
CVE-2005-0204 (Linux kernel before 2.6.9, when running on the AMD64 and Intel
EM64T ...)
- linux-2.6 <not-affected> (Fixed before upload into archive)
- TODO: Check, which version fixed this
- - kernel-source-2.4.27 2.4.27-12 (bug #296700; high)
+ - kernel-source-2.4.27 2.4.27-9 (bug #296700; high)
CVE-2005-0203
REJECTED
CVE-2005-0202 (Directory traversal vulnerability in the true_path function in
...)
@@ -19702,8 +19701,7 @@
- linux-2.6 <not-affected> (2.4 specific vulnerability)
CVE-2004-1016 (The scm_send function in the scm layer for Linux kernel 2.4.x up
to ...)
- linux-2.6 <not-affected> (Fixed before upload into archive)
- TODO: Check which version fixed this
- - kernel-source-2.4.27 <unfixed>
+ - kernel-source-2.4.27 2.4.27-7
CVE-2004-1015 (Buffer overflow in proxyd for Cyrus IMAP Server 2.2.9 and
earlier, ...)
- cyrus-imapd <not-affected> (cyrus-imapd not vulnerable)
- cyrus21-imapd <not-affected> (cyrus21-imapd not vulnerable)