| |||||||||||||
2.6.32.9 Release notes2.6.32.9 Release notesPosted Feb 22, 2010 0:39 UTC (Mon) by eteo (guest, #36711)Parent article: 2.6.32.9 Release notes Jonathan, thanks for writing this article. I'm glad I'm not the only one doing these now ;) You might want to subscribe to http://seclists.org/oss- sec/ where we keep track of both kernel (and non-kernel) security issues in upstream open source projects. Of course, that includes the regular stable kernel updates too. -Eugene
(Log in to post comments)
2.6.32.9 Release notes Posted Feb 22, 2010 0:53 UTC (Mon) by eteo (guest, #36711) [Link]
CVE-2010-0415 #1: Fix potential crash with sys_move_pages
CVE-2010-0622 #2: futex_lock_pi() key refcnt fix CVE-2010-0623 #3: futex: Handle user space corruption gracefully CVE-2010-0309 #43: KVM: PIT: control word is write-only infoleak #79: USB: usbfs: only copy the actual data received memleak #80: USB: usbfs: properly clean up the as structure on error paths
I might have missed a couple more, please check the oss-sec mailing list.
2.6.32.9 Release notes Posted Feb 22, 2010 11:12 UTC (Mon) by error27 (subscriber, #8346) [Link]
Hi Eugene. Is there a web page or something that has a list of CVEs for each stable release? Seems like kernelnewbies could put this on a wiki or something.
2.6.32.9 Release notes Posted Feb 22, 2010 11:29 UTC (Mon) by PaXTeam (subscriber, #24616) [Link]
i already posted these to the 32.8 stable thread: http://cve.mitre.org/cve/cve.html and http://web.nvd.nist.gov/view/vuln/search . these are US government sponsored efforts to collect and catalog vulnerability information, for over a decade now. there're also other collections like bugtraq/vupen/secunia/etc but CVE is considered the etalon these days i think.
2.6.32.9 Release notes Posted Feb 22, 2010 12:39 UTC (Mon) by eteo (guest, #36711) [Link] There isn't one yet. It requires some effort but it shouldn't be difficult to do this. Just monitor the oss-security mailing list, and the two other links that PaXTeam posted in his reply.
|
|||||||||||||