[kernel-sec-discuss] r3169 - active

Ben Hutchings benh at moszumanska.debian.org
Fri Dec 6 04:01:56 UTC 2013 

Author: benh
Date: 2013-12-06 04:00:52 +0000 (Fri, 06 Dec 2013)
New Revision: 3169

Modified:
   active/CVE-2013-2147
   active/CVE-2013-2889
   active/CVE-2013-2893
   active/CVE-2013-2895
   active/CVE-2013-2897
   active/CVE-2013-4299
   active/CVE-2013-4350
   active/CVE-2013-4387
   active/CVE-2013-4470
   active/CVE-2013-4511
   active/CVE-2013-4512
   active/CVE-2013-6383
Log:
Mark issues pending in 3.2.53-1

Modified: active/CVE-2013-2147
===================================================================
--- active/CVE-2013-2147	2013-12-05 07:52:38 UTC (rev 3168)
+++ active/CVE-2013-2147	2013-12-06 04:00:52 UTC (rev 3169)
@@ -7,6 +7,6 @@
 upstream: released (3.12-rc3)[627aad1c01da6f881e7f98d71fd928ca0c316b1a, 58f09e00ae095e46ef9edfcf3a5fd9ccdfad065e]
 2.6.32-upstream-stable: pending (2.6.32.62)
 sid: released (3.11.5-1)
-3.2-wheezy-security: needed
+3.2-wheezy-security: pending (3.2.53-1)
 2.6.32-squeeze-security: pending (2.6.32-48squeeze5)
 3.2-upstream-stable: released (3.2.52)

Modified: active/CVE-2013-2889
===================================================================
--- active/CVE-2013-2889	2013-12-05 07:52:38 UTC (rev 3168)
+++ active/CVE-2013-2889	2013-12-06 04:00:52 UTC (rev 3169)
@@ -7,6 +7,6 @@
 upstream: released (3.12-rc2) [78214e81a1bf43740ce89bb5efda78eac2f8ef83, 331415ff16a12147d57d5c953f3a961b7ede348b]
 2.6.32-upstream-stable: pending (2.6.32.62)
 sid: released (3.11.5-1)
-3.2-wheezy-security: needed
+3.2-wheezy-security: pending (3.2.53-1)
 2.6.32-squeeze-security: pending (2.6.32-48squeeze5)
 3.2-upstream-stable: released (3.2.52)

Modified: active/CVE-2013-2893
===================================================================
--- active/CVE-2013-2893	2013-12-05 07:52:38 UTC (rev 3168)
+++ active/CVE-2013-2893	2013-12-06 04:00:52 UTC (rev 3169)
@@ -7,6 +7,6 @@
 upstream: released (3.12-rc2) [0fb6bd06e06792469acc15bbe427361b56ada528, 331415ff16a12147d57d5c953f3a961b7ede348b]
 2.6.32-upstream-stable: pending (2.6.32.62)
 sid: released (3.11.5-1)
-3.2-wheezy-security: needed
+3.2-wheezy-security: pending (3.2.53-1)
 2.6.32-squeeze-security: pending (2.6.32-48squeeze5)
 3.2-upstream-stable: released (3.2.52)

Modified: active/CVE-2013-2895
===================================================================
--- active/CVE-2013-2895	2013-12-05 07:52:38 UTC (rev 3168)
+++ active/CVE-2013-2895	2013-12-06 04:00:52 UTC (rev 3169)
@@ -7,6 +7,6 @@
 upstream: released (3.12-rc2) [297502abb32e225fb23801fcdb0e4f6f8e17099a, 331415ff16a12147d57d5c953f3a961b7ede348b]
 2.6.32-upstream-stable: N/A "Introduced in 3.2 with 534a7b8e10ec55d9f521e68c20dbb3634c25b98a"
 sid: released (3.11.5-1)
-3.2-wheezy-security: needed
+3.2-wheezy-security: pending (3.2.53-1)
 2.6.32-squeeze-security: N/A "Introduced in 3.2 with 534a7b8e10ec55d9f521e68c20dbb3634c25b98a"
 3.2-upstream-stable: released (3.2.52)

Modified: active/CVE-2013-2897
===================================================================
--- active/CVE-2013-2897	2013-12-05 07:52:38 UTC (rev 3168)
+++ active/CVE-2013-2897	2013-12-06 04:00:52 UTC (rev 3169)
@@ -1,9 +1,10 @@
-Description: HID multitouch heap overwrite / NULL dereg
+Description: HID multitouch heap overwrite / NULL deref
 References:
  http://marc.info/?l=linux-input&m=137772190214635&w=1
 Notes:
+ bwh> First patch is in 3.2.52, second is not in 3.2.y yet
 Bugs:
-upstream: released (3.12-rc2) [8821f5dc187bdf16cfb32ef5aa8c3035273fa79a]
+upstream: released (3.12-rc2) [cc6b54aa54bf40b762cab45a9fc8aa81653146eb, 8821f5dc187bdf16cfb32ef5aa8c3035273fa79a]
 2.6.32-upstream-stable: N/A "Introduced in 2.6.38 with 5519cab477b61326963c8d523520db0342862b63"
 sid: released (3.11.5-1)
 3.2-wheezy-security: needed

Modified: active/CVE-2013-4299
===================================================================
--- active/CVE-2013-4299	2013-12-05 07:52:38 UTC (rev 3168)
+++ active/CVE-2013-4299	2013-12-06 04:00:52 UTC (rev 3169)
@@ -5,6 +5,6 @@
 upstream: released (3.12-rc6) [e9c6a182649f4259db704ae15a91ac820e63b0ca]
 2.6.32-upstream-stable:
 sid: released (3.11.6-2) [bugfix/all/dm-snapshot-fix-data-corruption.patch]
-3.2-wheezy-security:
+3.2-wheezy-security: pending (3.2.53-1)
 2.6.32-squeeze-security:
 3.2-upstream-stable: released (3.2.53)

Modified: active/CVE-2013-4350
===================================================================
--- active/CVE-2013-4350	2013-12-05 07:52:38 UTC (rev 3168)
+++ active/CVE-2013-4350	2013-12-06 04:00:52 UTC (rev 3169)
@@ -5,6 +5,6 @@
 upstream: released (3.12-rc2) [95ee62083cb6453e056562d91f597552021e6ae7]
 2.6.32-upstream-stable: needed
 sid: released (3.11.5-1)
-3.2-wheezy-security: needed
+3.2-wheezy-security: pending (3.2.53-1)
 2.6.32-squeeze-security: needed
 3.2-upstream-stable: released (3.2.52)

Modified: active/CVE-2013-4387
===================================================================
--- active/CVE-2013-4387	2013-12-05 07:52:38 UTC (rev 3168)
+++ active/CVE-2013-4387	2013-12-06 04:00:52 UTC (rev 3169)
@@ -5,6 +5,6 @@
 upstream: released (3.12-rc3) [2811ebac2521ceac84f2bdae402455baa6a7fb47]
 2.6.32-upstream-stable: needed
 sid: released (3.11.5-1)
-3.2-wheezy-security: needed
+3.2-wheezy-security: pending (3.2.53-1)
 2.6.32-squeeze-security: needed
 3.2-upstream-stable: released (3.2.52)

Modified: active/CVE-2013-4470
===================================================================
--- active/CVE-2013-4470	2013-12-05 07:52:38 UTC (rev 3168)
+++ active/CVE-2013-4470	2013-12-06 04:00:52 UTC (rev 3169)
@@ -5,6 +5,6 @@
 upstream: released (3.12) [c547dbf55d5f8cf615ccc0e7265e98db27d3fb8b, e93b7d748be887cd7639b113ba7d7ef792a7efb9]
 2.6.32-upstream-stable:
 sid: released (3.11.7-1)
-3.2-wheezy-security: 
+3.2-wheezy-security: pending (3.2.53-1)
 2.6.32-squeeze-security:
 3.2-upstream-stable: released (3.2.53)

Modified: active/CVE-2013-4511
===================================================================
--- active/CVE-2013-4511	2013-12-05 07:52:38 UTC (rev 3168)
+++ active/CVE-2013-4511	2013-12-06 04:00:52 UTC (rev 3169)
@@ -6,6 +6,6 @@
 upstream: released (3.12) [7314e613d5ff9f0934f7a0f74ed7973b903315d1]
 2.6.32-upstream-stable: needed
 sid: released (3.11.8-1)
-3.2-wheezy-security: needed
+3.2-wheezy-security: pending (3.2.53-1)
 2.6.32-squeeze-security: needed
 3.2-upstream-stable: released (3.2.53)

Modified: active/CVE-2013-4512
===================================================================
--- active/CVE-2013-4512	2013-12-05 07:52:38 UTC (rev 3168)
+++ active/CVE-2013-4512	2013-12-06 04:00:52 UTC (rev 3169)
@@ -5,6 +5,6 @@
 upstream: released (3.12) [201f99f170df14ba52ea4c52847779042b7a623b]
 2.6.32-upstream-stable: needed
 sid: released (3.11.8-1)
-3.2-wheezy-security: needed
+3.2-wheezy-security: pending (3.2.53-1)
 2.6.32-squeeze-security: needed
 3.2-upstream-stable: released (3.2.53)

Modified: active/CVE-2013-6383
===================================================================
--- active/CVE-2013-6383	2013-12-05 07:52:38 UTC (rev 3168)
+++ active/CVE-2013-6383	2013-12-06 04:00:52 UTC (rev 3169)
@@ -5,6 +5,6 @@
 upstream: released (3.13-rc1) [f856567b930dfcdbc3323261bf77240ccdde01f5]
 2.6.32-upstream-stable: needed
 sid: released (3.11.8-1)
-3.2-wheezy-security: needed
+3.2-wheezy-security: pending (3.2.53-1)
 2.6.32-squeeze-security: needed
 3.2-upstream-stable: released (3.2.53)

More information about the kernel-sec-discuss mailing list