Author: gilbert-guest Date: 2009-10-19 22:12:31 +0000 (Mon, 19 Oct 2009) New Revision: 13049 Modified: data/CVE/list Log: another potentially unadressed old kernel issue (handed over to kernel-sec) Modified: data/CVE/list ==================================================================--- data/CVE/list 2009-10-19 21:53:02 UTC (rev 13048) +++ data/CVE/list 2009-10-19 22:12:31 UTC (rev 13049) @@ -76632,9 +76632,10 @@ NOT-FOR-US: Citadel/UX CVE-2004-1191 (Race condition in SuSE Linux 8.1 through 9.2, when run on SMP systems ...) NOTE: turned out that kernel-source-2.6.8 2.6.8-14 was incompletly fixed - TODO: Check linux-2.6 [sarge] - kernel-source-2.6.8 2.6.8-16 - kernel-source-2.4.27 2.4.27-6 + - linux-2.6 <unfixed> (low) + - linux-2.6.24 <removed> (low) CVE-2004-1190 (SUSE Linux before 9.1 and SUSE Linux Enterprise Server before 9 do not ...) NOTE: Response from Suse people reveals that http://linux.bkbits.net:8080/linux-2.6/hist/drivers/block/scsi_ioctl.c NOTE: has a misleading entry titled "Fix exploitable hole"