Openwall Project   /home  Owl  JtR  Pro  crypt  pam_passwdqc  tcb  phpass  scanlogd  popa3d  msulogin  /  Linux  BIND  /  advisories  presentations  /  services  donations  /  wordlists  passwords  /  news  community  lists  wiki  CVSweb  mirrors  signatures
bringing security into open environments
 
Password Recovery Resources on the Net
[<prev] [next>] [<thread-prev] [thread-next>] [month] [year] [list] 
Date: Tue, 11 Nov 2008 13:32:16 -0800
From: Greg KH <greg@...ah.com>
To: "Steven M. Christey" <coley@...us.mitre.org>
Cc: oss-security@...ts.openwall.com
Subject: Re: CVE requests: kernel: hfsplus-related bugs

On Mon, Nov 10, 2008 at 09:45:54AM -0500, Steven M. Christey wrote:
> 
> > 1) hfsplus: fix Buffer overflow with a corrupted image
> > Upstream commit: efc7ffcb4237f8cb9938909041c4ed38f6e1bf40
> 
> CVE-2008-4933
> 
> > 2) hfsplus: check read_mapping_page() return value
> > Upstream commit: 649f1ee6c705aab644035a7998d7b574193a598a
> 
> CVE-2008-4934

Both of these are now added to the stable queue for the next 2.6.27
kernel release.

thanks,

greg k-h

Please check out the Open Source Software Security Wiki, which is counterpart to this mailing list.

Hosted by DataForce ISP - Powered by Openwall GNU/*/Linux