Re: [SECURITY] [DSA 2110-1] New Linux 2.6.26 packages fix several issues

To: debian-security@lists.debian.org
Subject: Re: [SECURITY] [DSA 2110-1] New Linux 2.6.26 packages fix several issues
From: Michael Gilbert <michael.s.gilbert@gmail.com>
Date: Fri, 17 Sep 2010 14:19:14 -0400
Message-id: <[🔎] 20100917141914.186b31c6.michael.s.gilbert@gmail.com>
In-reply-to: <[🔎] AANLkTi=Fjc+EQGXKADEHp36y2R3uuDR6fzN7iqYjrjgm@mail.gmail.com>
References: <20100917154503.GA23599@ldl.fc.hp.com> <[🔎] AANLkTi=Fjc+EQGXKADEHp36y2R3uuDR6fzN7iqYjrjgm@mail.gmail.com>

On Fri, 17 Sep 2010 11:02:13 -0700, Kyle Bader wrote:
> > Package        : linux-2.6
> > Vulnerability  : privilege escalation/denial of service/information leak
> > Problem type   : local
> > Debian-specific: no
> > CVE Id(s)      : CVE-2010-2492 CVE-2010-2954 CVE-2010-3078 CVE-2010-3080
> >                 CVE-2010-3081
> 
> What about CVE-2010-3301?
> 
> http://seclists.org/oss-sec/2010/q3/369

>From the second line of Eugene's announcement:

    "Introduced in v2.6.27-rc1 via commit d4d67150."

Lenny has a 2.6.26 kernel, so it isn't affected.

> Coming soon to a repo near you? :D

Not needed.

Best wishes,
Mike

Reply to:

References:
- Re: [SECURITY] [DSA 2110-1] New Linux 2.6.26 packages fix several issues
  - From: Kyle Bader <kyle.bader@gmail.com>

Prev by Date: Re: [SECURITY] [DSA 2110-1] New Linux 2.6.26 packages fix several issues
Next by Date: Re: Re: CVE-2009-3555 not addressed in OpenSSL
Previous by thread: Re: [SECURITY] [DSA 2110-1] New Linux 2.6.26 packages fix several issues
Index(es):
- Date
- Thread