Re: CVEs for linux-2.6

To: Debian-security-tracker <debian-security-tracker@lists.debian.org>
Subject: Re: CVEs for linux-2.6
From: Michael Gilbert <michael.s.gilbert@gmail.com>
Date: Mon, 16 Nov 2009 16:10:12 -0500
Message-id: <[🔎] 20091116161012.5fda9bd2.michael.s.gilbert@gmail.com>
In-reply-to: <[🔎] 20091116210753.c404d413.frx@firenze.linux.it>
References: <[🔎] 20091116210753.c404d413.frx@firenze.linux.it>

On Mon, 16 Nov 2009 21:07:53 +0100, Francesco Poli wrote:
> Hi everyone!
> 
> According to changelogs,
> squeeze linux-2.6/2.6.30-8 is based on upstream stable release 2.6.30.8
> and sid linux-2.6/2.6.31-2 is based on upstream stable release 2.6.31.6
> 
> Taking these assumptions into account, if we look at CVE descriptions,
> it may be *suspected* that
> 
> http://security-tracker.debian.org/tracker/CVE-2009-2584
> http://security-tracker.debian.org/tracker/CVE-2009-2691
> http://security-tracker.debian.org/tracker/CVE-2009-2848
> should be fixed in both squeeze and sid
> 
> while
> 
> http://security-tracker.debian.org/tracker/CVE-2009-3621
> should be fixed in sid

often, the cve texts are not trustworthy.  however, in these case, i've
checked the patches, and the texts are correct.  i have thus updated
the tracker.  thanks for catching these inconsistencies.

mike

Reply to:

Follow-Ups:
- Re: CVEs for linux-2.6
  - From: Francesco Poli <frx@firenze.linux.it>

References:
- CVEs for linux-2.6
  - From: Francesco Poli <frx@firenze.linux.it>

Prev by Date: CVEs for linux-2.6
Next by Date: Re: CVEs for linux-2.6
Previous by thread: CVEs for linux-2.6
Next by thread: Re: CVEs for linux-2.6
Index(es):
- Date
- Thread