Author: gilbert-guest
Date: 2011-03-17 04:45:53 +0000 (Thu, 17 Mar 2011)
New Revision: 16395
Modified:
data/CVE/list
Log:
kernel-sec sync
Modified: data/CVE/list
==================================================================---
data/CVE/list 2011-03-17 04:16:20 UTC (rev 16394)
+++ data/CVE/list 2011-03-17 04:45:53 UTC (rev 16395)
@@ -831,7 +831,7 @@
RESERVED
CVE-2011-1090
RESERVED
- - linux-2.6 <unfixed> (low)
+ - linux-2.6 2.6.38-1 (low)
CVE-2011-1089 [Suid mount helpers fail to anticipate RLIMIT_FSIZE]
RESERVED
- glibc <removed>
@@ -853,7 +853,7 @@
- linux-2.6 <unfixed> (low)
CVE-2011-1082
RESERVED
- - linux-2.6 <unfixed> (low)
+ - linux-2.6 2.6.38-1 (low)
CVE-2011-1081
RESERVED
CVE-2011-1080
@@ -1045,14 +1045,14 @@
CVE-2011-1019
RESERVED
[lenny] - linux-2.6 <not-affected> (Introduced in 2.6.32)
- - linux-2.6 <unfixed>
+ - linux-2.6 2.6.38-1
CVE-2011-1018 (logwatch.pl in Logwatch 7.3.6 allows remote attackers to execute
...)
{DSA-2182-1}
- logwatch 7.3.6.cvs20090906-2 (bug #615995)
CVE-2011-1017 (Heap-based buffer overflow in the ldm_frag_add function in ...)
- linux-2.6 <unfixed>
CVE-2011-1016 (The Radeon GPU drivers in the Linux kernel before 2.6.38-rc5 do
not ...)
- - linux-2.6 <unfixed>
+ - linux-2.6 2.6.38-1
CVE-2011-1015 [path traversal in CGIHTTPServer]
RESERVED
- python2.6 <unfixed> (low; bug #614860)
@@ -1068,10 +1068,10 @@
RESERVED
CVE-2011-1013 [drm_modeset_ctl signedness issue]
RESERVED
- - linux-2.6 <unfixed>
+ - linux-2.6 2.6.38-1
[lenny] - linux-2.6 <not-affected> (Vulnerable code not present)
CVE-2011-1012 (The ldm_parse_vmdb function in fs/partitions/ldm.c in the Linux
kernel ...)
- - linux-2.6 <unfixed>
+ - linux-2.6 2.6.38-1
CVE-2011-1011 (The seunshare_mount function in sandbox/seunshare.c in seunshare
in ...)
NOT-FOR-US: seunshare
CVE-2011-1010 (Buffer overflow in the mac_partition function in
fs/partitions/mac.c ...)
@@ -1862,7 +1862,7 @@
NOT-FOR-US: Red Hat Network Satellite/Spacewalk
CVE-2011-0716
RESERVED
- - linux-2.6 <unfixed> (low)
+ - linux-2.6 2.6.38-1 (low)
[lenny] - linux-2.6 <not-affected> (Vulnerable code not present,
introduced in 2.6.34)
[squeeze] - linux-2.6 <not-affected> (Vulnerable code not present,
introduced in 2.6.34)
CVE-2011-0715
@@ -3084,10 +3084,10 @@
CVE-2010-4656 [iowarrior usb device heap overflow]
RESERVED
{DSA-2153-1}
- - linux-2.6 <unfixed>
+ - linux-2.6 2.6.37-1
CVE-2010-4655 [heap contents leak for CAP_NET_ADMIN via ethtool ioctl]
RESERVED
- - linux-2.6 <unfixed>
+ - linux-2.6 2.6.37-1
CVE-2010-4654 [Malformed commands may cause corruption of the internal stack]
RESERVED
- kdegraphics <not-affected> (no stackheight)
@@ -3878,7 +3878,7 @@
NOT-FOR-US: Citrix Acces Gateway
CVE-2010-4565 (The bcm_connect function in net/can/bcm.c (aka the Broadcast
Manager) ...)
{DSA-2153-1}
- - linux-2.6 <unfixed>
+ - linux-2.6 2.6.37-1
CVE-2010-4564
RESERVED
CVE-2010-4563
@@ -4935,7 +4935,7 @@
- linux-2.6 <not-affected> (introduced after 2.6.32; fixed in 2.6.37)
CVE-2010-4250 [linux inotify memory leak]
RESERVED
- - linux-2.6 <unfixed>
+ - linux-2.6 2.6.37-1
[squeeze] - linux-2.6 <not-affected> (Introduced after 2.6.32)
[lenny] - linux-2.6 <not-affected> (Introduced after 2.6.32)
CVE-2010-4249 (The wait_for_unix_gc function in net/unix/garbage.c in the Linux
...)
@@ -5367,11 +5367,11 @@
{DSA-2126-1}
- linux-2.6 2.6.32-24 (low)
CVE-2010-4077 (The ntty_ioctl_tiocgicount function in drivers/char/nozomi.c in
the ...)
- - linux-2.6 <unfixed> (low)
+ - linux-2.6 2.6.37-1 (low)
CVE-2010-4076 (The rs_ioctl function in drivers/char/amiserial.c in the Linux
kernel ...)
- - linux-2.6 <unfixed> (low)
+ - linux-2.6 2.6.37-1 (low)
CVE-2010-4075 (The uart_get_count function in drivers/serial/serial_core.c in
the ...)
- - linux-2.6 <unfixed> (low)
+ - linux-2.6 2.6.37-1 (low)
CVE-2010-4074 (The USB subsystem in the Linux kernel before 2.6.36-rc5 does not
...)
{DSA-2126-1}
- linux-2.6 2.6.32-24 (low)
@@ -5888,7 +5888,7 @@
CVE-2010-3866
REJECTED
CVE-2010-3865 (Integer overflow in the rds_rdma_pages function in
net/rds/rdma.c in ...)
- - linux-2.6 <unfixed>
+ - linux-2.6 2.6.37-1
[lenny] - linux-2.6 <not-affected> (Introduced in 2.6.30)
CVE-2010-3864 (Multiple race conditions in ssl/t1_lib.c in OpenSSL 0.9.8f
through ...)
{DSA-2125-1}
@@ -8494,7 +8494,7 @@
{DSA-2096-1}
- zope-ldapuserfolder <removed> (high; bug #593466)
CVE-2010-2943 (The xfs implementation in the Linux kernel before 2.6.35 does
not look ...)
- - linux-2.6 <unfixed>
+ - linux-2.6 2.6.37-1
CVE-2010-2942 (The actions implementation in the network queueing functionality
in ...)
- linux-2.6 2.6.32-25
[lenny] - linux-2.6 2.6.26-25