Bug#594491: marked as done (please note fixed CVEs)

[owner@bugs.debian.org (Debian Bug Tracking System)]

Your message dated Thu, 26 Aug 2010 17:08:45 +0100
with message-id <20100826160845.GN5063@decadent.org.uk>
and subject line Re: Bug#594491: please note fixed CVEs
has caused the Debian Bug report #594491,
regarding please note fixed CVEs
to be marked as done.

This means that you claim that the problem has been dealt with.
If this is not the case it is now your responsibility to reopen the
Bug report if necessary, and/or fix the problem forthwith.

(NB: If you are a system administrator and have no idea what this
message is talking about, this may indicate a serious mail system
misconfiguration somewhere. Please contact owner@bugs.debian.org
immediately.)


-- 
594491: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=594491
Debian Bug Tracking System
Contact owner@bugs.debian.org with problems

--- Begin Message ---

• To: submit@bugs.debian.org
• Subject: please note fixed CVEs
• From: Hideki Yamane <henrich@debian.or.jp>
• Date: Thu, 26 Aug 2010 20:57:59 +0900
• Message-id: <20100826205759.550add00.henrich@debian.or.jp>

package: linux-2.6
version: 2.6.32-19
severity: wishlist

Hi,

 Some CVE issue in linux kernel were already fixed in 2.6.32.17 as
 debian/patches/bugfix/all/stable/2.6.32.17.patch.

 - CVE-2010-2492 ecryptfs: Bugfix for error related to ecryptfs_hash_buckets (*1),
 - CVE-2010-2478 kernel: ethtool: kernel buffer overflow in ETHTOOL_GRXCLSRLALL (*2)
 - CVE-2010-2537 CVE-2010-2538 kernel: btrfs: fix checks in BTRFS_IOC_CLONE_RANGE (*3)

 Please note those in its changelog to make it track easier.
 Thanks.


 *1) http://git.kernel.org/linus/a6f80fb7b5986fda663d94079d3bba0937a6b6ff
 *2) http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git;a=commitdiff_plain;h=db048b69037e7fa6a7d9e95a1271a50dc08ae233
 *3) http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git;a=commitdiff;h=2ebc3464781ad24474abcbd2274e6254689853b5


-- 
Regards,

 Hideki Yamane     henrich @ debian.or.jp/org
 http://wiki.debian.org/HidekiYamane

--- End Message ---

--- Begin Message ---

• To: 594491-done@bugs.debian.org
• Subject: Re: Bug#594491: please note fixed CVEs
• From: Ben Hutchings <ben@decadent.org.uk>
• Date: Thu, 26 Aug 2010 17:08:45 +0100
• Message-id: <20100826160845.GN5063@decadent.org.uk>
• In-reply-to: <20100826205759.550add00.henrich@debian.or.jp>
• References: <20100826205759.550add00.henrich@debian.or.jp>

On Thu, Aug 26, 2010 at 08:57:59PM +0900, Hideki Yamane wrote:
> package: linux-2.6
> version: 2.6.32-19
> severity: wishlist
> 
> Hi,
> 
>  Some CVE issue in linux kernel were already fixed in 2.6.32.17 as
>  debian/patches/bugfix/all/stable/2.6.32.17.patch.
> 
>  - CVE-2010-2492 ecryptfs: Bugfix for error related to ecryptfs_hash_buckets (*1),
>  - CVE-2010-2478 kernel: ethtool: kernel buffer overflow in ETHTOOL_GRXCLSRLALL (*2)
>  - CVE-2010-2537 CVE-2010-2538 kernel: btrfs: fix checks in BTRFS_IOC_CLONE_RANGE (*3)
> 
>  Please note those in its changelog to make it track easier.
>  Thanks.

No, we don't edit changelog entries after the version has been released.
Look at <http://security-tracker.debian.org/tracker/source-package/linux-2.6>
or <svn://svn.debian.org/kernel-sec/> instead.

Ben.

-- 
Ben Hutchings
We get into the habit of living before acquiring the habit of thinking.
                                                              - Albert Camus

--- End Message ---