[Secure-testing-commits] r17373 - data/CVE

Wed, 05 Oct 2011 09:11:12 -0700 

Author: jmm
Date: 2011-10-05 16:11:02 +0000 (Wed, 05 Oct 2011)
New Revision: 17373

Modified:
   data/CVE/list
Log:
local mtab DoS in smbfs:
* all three affect samba in oldstable
* two of these affect cifs-utils in stable


Modified: data/CVE/list
===================================================================
--- data/CVE/list       2011-10-05 15:25:44 UTC (rev 17372)
+++ data/CVE/list       2011-10-05 16:11:02 UTC (rev 17373)
@@ -865,6 +865,10 @@
        NOTE: Dupe of CVE-2011-3504, to be rejected
 CVE-2011-3585
        RESERVED
+       - samba 2:3.4.7~dfsg-2 (low)
+       - cifs-utils 2:4.5-1 (low)
+       NOTE: cifs-utils was split off from the samba source package with 
2:3.4.7~dfsg-2, so marking it as fixed
+       NOTE: 
http://git.samba.org/?p=cifs-utils.git;a=commitdiff;h=810f7e4e0f2dbcbee0294d9b371071cb08268200
 CVE-2011-3584 [TYPO3-SA-2011-003]
        RESERVED
        - typo3-src 4.5.6+dfsg1-1 (low; bug #641683)
@@ -3195,7 +3199,10 @@
 CVE-2011-2725
        RESERVED
 CVE-2011-2724 (The check_mtab function in client/mount.cifs.c in mount.cifs in 
smbfs ...)
-       TODO: check
+       - samba 2:3.4.7~dfsg-2 (low)
+       - cifs-utils 2:5.1-1 (low)
+       NOTE: cifs-utils was split off from the samba source package with 
2:3.4.7~dfsg-2, so marking it as fixed
+       NOTE: 
http://git.samba.org/?p=cifs-utils.git;a=commit;h=1e7a32924b22d1f786b6f490ce8590656f578f91
 CVE-2011-2723 (The skb_gro_header_slow function in include/linux/netdevice.h 
in the ...)
        {DSA-2303-1}
        - linux-2.6 3.0.0-2
@@ -6038,7 +6045,10 @@
 CVE-2011-1679 (ncpfs 2.2.6 and earlier attempts to use (1) ncpmount to append 
to the ...)
        TODO: check
 CVE-2011-1678 (smbfs in Samba 3.5.8 and earlier attempts to use (1) mount.cifs 
to ...)
-       TODO: check
+       - samba 2:3.4.7~dfsg-2 (low)
+       - cifs-utils 2:5.1-1 (low)
+       NOTE: cifs-utils was split off from the samba source package with 
2:3.4.7~dfsg-2, so marking it as fixed
+       NOTE: 
http://git.samba.org/?p=cifs-utils.git;a=commitdiff;h=f6eae44a3d05b6515a59651e6bed8b6dde689aec
 CVE-2011-1677 (mount in util-linux 2.19 and earlier does not remove the 
/etc/mtab~ ...)
        TODO: check
 CVE-2011-1676 (mount in util-linux 2.19 and earlier does not remove the 
/etc/mtab.tmp ...)


_______________________________________________
Secure-testing-commits mailing list
Secure-testing-commits@lists.alioth.debian.org
http://lists.alioth.debian.org/cgi-bin/mailman/listinfo/secure-testing-commits

Reply via email to