thr3ads.net - Secure testing commits - [Secure-testing-commits] r9157

If this information is useful, please help other people find it:
Share via:

jmm-guest at alioth.debian.org

2008-Jun-25 22:04 UTC

[Secure-testing-commits] r9157 - data/CVE

Author: jmm-guest
Date: 2008-06-25 22:04:47 +0000 (Wed, 25 Jun 2008)
New Revision: 9157

Modified:
   data/CVE/list
Log:
more 2.6.24 status updates


Modified: data/CVE/list
==================================================================---
data/CVE/list	2008-06-25 21:47:27 UTC (rev 9156)
+++ data/CVE/list	2008-06-25 22:04:47 UTC (rev 9157)
@@ -7462,6 +7462,7 @@
 CVE-2007-6282 (The IPsec implementation in Linux kernel before 2.6.25 allows
remote ...)
 	- linux-2.6 2.6.25-1
 	- linux-2.6.24 <unfixed>
+        NOTE: Upstream commit 920fc941a9617f95ccb283037fe6f8a38d95bb69 
 CVE-2007-6281 (Heap-based buffer overflow in Open File Manager service
(ofmnt.exe) in ...)
 	NOT-FOR-US: St. Bernard Open File Manager
 CVE-2007-6304 (The federated engine in MySQL 5.0.x before 5.0.51a, 5.1.x before
...)
@@ -7636,18 +7637,18 @@
 	NOT-FOR-US: KML share
 CVE-2008-0010 (The copy_from_user_mmap_sem function in fs/splice.c in the Linux
...)
 	- linux-2.6 2.6.24-4
-	- linux-2.6.24 <unfixed>
+	- linux-2.6.24 <not-affected> (Fixed before initial upload, in 2.6.24-4
of linux-2.6)
 	[etch] - linux-2.6 <not-affected> (vulnerable code not present)
 CVE-2008-0009 (The vmsplice_to_user function in fs/splice.c in the Linux kernel
...)
 	- linux-2.6 2.6.24-4
-	- linux-2.6.24 <unfixed>
+	- linux-2.6.24 <not-affected> (Fixed before initial upload, in 2.6.24-4
of linux-2.6)
 	[etch] - linux-2.6 <not-affected> (vulnerable code not present)
 CVE-2008-0008 (The pa_drop_root function in PulseAudio 0.9.8, and a certain
0.9.9 ...)
 	{DSA-1476-1}
 	- pulseaudio 0.9.9-1
 CVE-2008-0007 (Linux kernel before 2.6.22.17, when using certain drivers that
...)
 	{DSA-1565-1 DSA-1503-2 DSA-1504-1 DSA-1503-1}
-	- linux-2.6.24 <unfixed>
+	- linux-2.6.24 <not-affected> (Fixed before initial upload, in 2.6.24-4
of linux-2.6)
 	- linux-2.6 2.6.24-4
 CVE-2008-0006 (Buffer overflow in (1) X.Org Xserver before 1.4.1, and (2) the
libfont ...)
 	{DSA-1466-2 DTSA-110-1}
@@ -7669,13 +7670,13 @@
 CVE-2008-0001 (VFS in the Linux kernel before 2.6.22.16, and 2.6.23.x before
...)
 	{DSA-1479-1}
 	- linux-2.6 2.6.24-1
-	- linux-2.6.24 <unfixed>
+	- linux-2.6.24 <not-affected> (Fixed before initial upload, upstream in
2.6.24)
 CVE-2007-6207 (Xen 3.x, possibly before 3.1.2, when running on IA64 systems,
does not ...)
 	- xen-3 3.1.2-1
 CVE-2007-6206 (The do_coredump function in fs/exec.c in Linux kernel 2.4.x and
2.6.x ...)
 	{DSA-1503-2 DSA-1504-1 DSA-1503-1 DSA-1436-1}
 	- linux-2.6 2.6.24-1
-	- linux-2.6.24 <unfixed>
+	- linux-2.6.24 <not-affected> (Fixed before initial upload, upstream in
2.6.24)
 CVE-2007-6205 (Cross-site scripting (XSS) vulnerability in the remote RSS
sidebar ...)
 	{DSA-1528-1}
 	- serendipity 1.2.1-1 (low)

Secure testing commits - Jun 2008 - r9157 - data/CVE

[Secure-testing-commits] r9157 - data/CVE