Author: gilbert-guest
Date: 2009-10-20 22:03:52 +0000 (Tue, 20 Oct 2009)
New Revision: 13056
Modified:
data/CVE/list
Log:
new kernel issues
Modified: data/CVE/list
==================================================================---
data/CVE/list 2009-10-20 21:14:19 UTC (rev 13055)
+++ data/CVE/list 2009-10-20 22:03:52 UTC (rev 13056)
@@ -252,7 +252,9 @@
- linux-2.6.24 <removed>
NOTE: http://www.openwall.com/lists/oss-security/2009/10/15/4
CVE-2009-3612 (The tcf_fill_node function in net/sched/cls_api.c in the netlink
...)
- TODO: check
+ - linux-2.6 <unfixed> (low)
+ - linux-2.6.24 <removed> (low)
+ NOTE: fixed in 2.6.32-rc5
CVE-2009-3611 [backintime information disclosure]
RESERVED
- backintime 0.9.26-3 (bug #543785)
@@ -1135,9 +1137,11 @@
- dovecot 1:1.2.1-1 (medium; bug #546656)
NOTE: This is a different vulnerability than CVE-2009-2632, it covers a few
additional buffer overflows
CVE-2009-3228 (The tc_fill_tclass function in net/sched/sch_api.c in the tc
subsystem ...)
- TODO: check
+ - linux-2.6 2.6.31-1 (low)
+ - linux-2.6.24 <removed> (low)
CVE-2005-4881 (The netlink subsystem in the Linux kernel 2.4.x before 2.4.37.6
and ...)
- TODO: check
+ - linux-2.6 2.6.13-1 (low)
+ - linux-2.6.24 <not-affected> (fixed prior to first upload of 2.6.24)
CVE-2009-3236 (The form library in Horde Application Framework 3.2 before 3.2.5
and ...)
{DSA-1897-1}
- horde3 3.3.5+debian0-1 (medium; bug #547318)