From mboxrd@z Thu Jan 1 00:00:00 1970 From: Majkls Subject: Unpatched secunia advisories Date: Wed, 17 Jan 2007 18:56:06 +0100 Message-ID: <45AE6336.7010503@tiscali.cz> Mime-Version: 1.0 Content-Type: text/plain; charset=ISO-8859-2 Content-Transfer-Encoding: 7bit Return-path: Received: from prenet.prepere.com ([85.207.10.210]:2747 "EHLO prenet.prepere.com" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S932564AbXAQSRQ (ORCPT ); Wed, 17 Jan 2007 13:17:16 -0500 Received: from localhost (localhost [127.0.0.1]) by prenet.prepere.com (Postfix) with ESMTP id 8CF8E4ADB1 for ; Wed, 17 Jan 2007 18:57:49 +0100 (CET) Received: from prenet.prepere.com ([127.0.0.1]) by localhost (prenet [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 26866-09 for ; Wed, 17 Jan 2007 18:57:26 +0100 (CET) Received: from [192.168.1.20] (unknown [192.168.1.20]) by prenet.prepere.com (Postfix) with ESMTP id 56DD24ADAE for ; Wed, 17 Jan 2007 18:57:25 +0100 (CET) To: linux-fsdevel@vger.kernel.org Sender: linux-fsdevel-owner@vger.kernel.org List-Id: linux-fsdevel.vger.kernel.org Hello, some time ago I sent some open advisory there, but in fact it had been already fixed. So I want to continue in this chase on open advisories and closed bugs. So there is some from FS: CVE-2006-2629 - Race condition in Linux kernel 2.6.15 to 2.6.17, when running on SMP platforms, allows local users to cause a denial of service (crash) by creating and exiting a large number of tasks, then accessing the /proc entry of a task that is exiting, which causes memory corruption that leads to a failure in the prune_dcache function or a BUG_ON error in include/linux/list.h. = What is status of this bug? (in all 2.6 forks) I also suppose this bug has been fixed in all 2.6 branches allready: CVE-2004-1235 (http://secunia.com/advisories/13756/) What is status of this bug: http://secunia.com/cve_reference/CVE-2004-1058/ This has been already fixed, hasn't it? http://secunia.com/advisories/13126/ CVE-2004-1070, CVE-2004-1071, CVE-2004-1072, CVE-2004-1073 http://secunia.com/advisories/12426/ - Has already been this bug fixed? http://secunia.com/advisories/12210/ - Linux Kernel File Offset Pointer Handling Memory Disclosure Vulnerability. On secunia is that is fixed only in 2.4. If you want reply that have been already fixed, please attach link to main git repository on kernel.org. -- Miloslav "Majkls" Semler