Author: gilbert-guest
Date: 2010-05-06 03:24:51 +0000 (Thu, 06 May 2010)
New Revision: 14612
Modified:
data/CVE/list
Log:
kernel updates
Modified: data/CVE/list
==================================================================---
data/CVE/list 2010-05-06 01:12:31 UTC (rev 14611)
+++ data/CVE/list 2010-05-06 03:24:51 UTC (rev 14612)
@@ -631,7 +631,7 @@
CVE-2010-1489 (The XSS Filter in Microsoft Internet Explorer 8 does not
properly ...)
NOT-FOR-US: Microsoft Internet Explorer
CVE-2010-1488 (The proc_oom_score function in fs/proc/base.c in the Linux
kernel ...)
- - linux-2.6 <unfixed>
+ - linux-2.6 2.6.32-12
[lenny] - linux-2.6 <not-affected> (vulnerable code introduced in
2.6.32)
CVE-2010-1487 (IBM Lotus Notes 7.0, 8.0, and 8.5 stores administrative
credentials in ...)
NOT-FOR-US: IBM Lotus Notes
@@ -1198,9 +1198,8 @@
TODO: check
NOTE: http://www.dovecot.org/list/dovecot-news/2010-March/000152.html
CVE-2010-XXXX [Linux ThinkPad video output status local DoS]
- - linux-2.6 <unfixed> (bug #565790)
+ - linux-2.6 2.6.32-12 (bug #565790)
NOTE: http://git.kernel.org/linus/b525c06cdbd8a3963f0173ccd23f9147d4c384b5
- TODO: check affected/fixed versions, Moritz?
CVE-2010-1159 [aircrack-ng EAPOL buffer overflow]
RESERVED
- aircrack-ng <unfixed> (low; bug #577758)
@@ -1993,9 +1992,7 @@
CVE-2010-0747 [linux-2.6 drbd connector issue]
RESERVED
{DSA-2015-1}
- - linux-2.6 <not-affected> (drbd introduced in 2.6.33, which is not yet
in unstable)
- NOTE: checked 2.6.33-1~experimental.3, and the fix is already applied
- TODO: fix tracking once kernel >= 2.6.33 enters unstable
+ - linux-2.6 <not-affected> (drbd introduced for the first time in
2.6.32-12, which included the fix for this issue, so no supported debian kernel
was ever affected)
- drbd8 2:8.3.7-1
[lenny] - drbd8 2:8.0.14-2+lenny1
NOTE: CVE requested at http://www.openwall.com/lists/oss-security/2010/03/11/9