User: Password:
|
|
Subscribe / Log in / New account

2.6.32.9 Release notes

2.6.32.9 Release notes

Posted Feb 22, 2010 0:53 UTC (Mon) by eteo (guest, #36711)
In reply to: 2.6.32.9 Release notes by eteo
Parent article: 2.6.32.9 Release notes

CVE-2010-0415 #1: Fix potential crash with sys_move_pages
CVE-2010-0622 #2: futex_lock_pi() key refcnt fix
CVE-2010-0623 #3: futex: Handle user space corruption gracefully
CVE-2010-0309 #43: KVM: PIT: control word is write-only
infoleak #79: USB: usbfs: only copy the actual data received
memleak #80: USB: usbfs: properly clean up the as structure on error paths

I might have missed a couple more, please check the oss-sec mailing list.


(Log in to post comments)

2.6.32.9 Release notes

Posted Feb 22, 2010 11:12 UTC (Mon) by error27 (subscriber, #8346) [Link]

Hi Eugene. Is there a web page or something that has a list of CVEs for each stable release? Seems like kernelnewbies could put this on a wiki or something.

2.6.32.9 Release notes

Posted Feb 22, 2010 11:29 UTC (Mon) by PaXTeam (guest, #24616) [Link]

i already posted these to the 32.8 stable thread: http://cve.mitre.org/cve/cve.html and http://web.nvd.nist.gov/view/vuln/search . these are US government sponsored efforts to collect and catalog vulnerability information, for over a decade now. there're also other collections like bugtraq/vupen/secunia/etc but CVE is considered the etalon these days i think.

2.6.32.9 Release notes

Posted Feb 22, 2010 12:39 UTC (Mon) by eteo (guest, #36711) [Link]

There isn't one yet. It requires some effort but it shouldn't be difficult to do this. Just monitor the oss-security mailing list, and the two other links that PaXTeam posted in his reply.


Copyright © 2017, Eklektix, Inc.
Comments and public postings are copyrighted by their creators.
Linux is a registered trademark of Linus Torvalds