[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Bug#564114: [Secure-testing-team] e1000: Potential packet filtering bypass

On Fri, 08 Jan 2010 13:38:37 +0000, Ben Hutchings wrote:
> On Thu, 2010-01-07 at 22:11 -0500, Michael Gilbert wrote:
> > On Thu, 07 Jan 2010 19:27:02 +0000 Ben Hutchings wrote:
> > 
> > > Julien Cristau pointed out the thread
> > > <http://thread.gmane.org/gmane.comp.security.oss.general/2457>.  It
> > > appears that Red Hat allocated CVE-2009-4536 for this and CVE-2009-4538
> > > for a similar bug in e1000e.
> > 
> > do you follow kernel-sec [0]?  i entered these CVEs when they were
> > first disclosed over a week ago.
> 
> I wasn't aware of it!
> 
> > mike
> > 
> > [0] http://svn.debian.org/wsvn/kernel-sec
> 
> I will check this out and make sure to refer to it in future.
> 
> But why don't you (or others in that group) file bug reports?

Dann Frazier usually handles kernel-sec issues in a reasonably quick
fashion, so filing bugs seems like additional unnecessary work;
especially since kernel-sec, with it being limited to only security
issues, is a much better arrangement than the cluttered kernel bts
pages.

mike
Reply to: