[kernel-sec-discuss] r2819 - active
Ben Hutchings
benh at alioth.debian.org
Mon Feb 25 05:15:04 UTC 2013
Author: benh
Date: 2013-02-25 05:14:41 +0000 (Mon, 25 Feb 2013)
New Revision: 2819
Modified:
active/CVE-2010-4805
active/CVE-2011-2695
active/CVE-2012-4398
active/CVE-2012-4444
active/CVE-2012-4530
active/CVE-2012-4565
active/CVE-2013-0190
active/CVE-2013-0216
active/CVE-2013-0217
active/CVE-2013-0228
active/CVE-2013-0268
active/CVE-2013-0290
active/CVE-2013-0871
Log:
Update for releases of 2.6.32-48, 3.2.39, 3.2.39-1, 3.8
Modified: active/CVE-2010-4805
===================================================================
--- active/CVE-2010-4805 2013-02-24 22:44:21 UTC (rev 2818)
+++ active/CVE-2010-4805 2013-02-25 05:14:41 UTC (rev 2819)
@@ -8,6 +8,6 @@
upstream: released (2.6.35)
2.6.32-upstream-stable: needed
sid: released (2.6.35-1)
-2.6.32-squeeze-security: pending (2.6.32-46squeeze1) [bugfix/all/net-sk_add_backlog-take-remem_alloc-into-account.patch]
+2.6.32-squeeze-security: released (2.6.32-48) [bugfix/all/net-sk_add_backlog-take-remem_alloc-into-account.patch]
3.2-upstream-stable: N/A
Modified: active/CVE-2011-2695
===================================================================
--- active/CVE-2011-2695 2013-02-24 22:44:21 UTC (rev 2818)
+++ active/CVE-2011-2695 2013-02-25 05:14:41 UTC (rev 2819)
@@ -6,5 +6,5 @@
upstream: released (3.0) [f17722f917b2f21497deb6edc62fb1683daa08e6]
2.6.32-upstream-stable: needed
sid: released (3.0.0-1)
-2.6.32-squeeze-security: pending (2.6.32-46squeeze1) [bugfix/all/ext4-Fix-max-file-size-and-logical-block-counting-of-extent-format-file.patch]
+2.6.32-squeeze-security: released (2.6.32-48) [bugfix/all/ext4-Fix-max-file-size-and-logical-block-counting-of-extent-format-file.patch]
3.2-upstream-stable: N/A
Modified: active/CVE-2012-4398
===================================================================
--- active/CVE-2012-4398 2013-02-24 22:44:21 UTC (rev 2818)
+++ active/CVE-2012-4398 2013-02-25 05:14:41 UTC (rev 2819)
@@ -6,5 +6,5 @@
upstream: released (3.4) [b3449922, d0bd587a, 5b9bd473, 3e63a93b, 1cc684ab]
2.6.32-upstream-stable:
sid: released (3.2.35-1)
-2.6.32-squeeze-security: pending (2.6.32-46squeeze1) [bugfix/all/usermodehelper-introduce-umh_complete.patch, bugfix/all/usermodehelper-implement-UMH_KILLABLE.patch, bugfix/all/usermodehelper-____call_usermodehelper-doesnt-need-do_exit.patch, bugfix/all/kmod-introduce-call_modprobe-helper.patch, bugfix/all/kmod-make-__request_module-killable.patch]
+2.6.32-squeeze-security: released (2.6.32-48) [bugfix/all/usermodehelper-introduce-umh_complete.patch, bugfix/all/usermodehelper-implement-UMH_KILLABLE.patch, bugfix/all/usermodehelper-____call_usermodehelper-doesnt-need-do_exit.patch, bugfix/all/kmod-introduce-call_modprobe-helper.patch, bugfix/all/kmod-make-__request_module-killable.patch]
3.2-upstream-stable: needed
Modified: active/CVE-2012-4444
===================================================================
--- active/CVE-2012-4444 2013-02-24 22:44:21 UTC (rev 2818)
+++ active/CVE-2012-4444 2013-02-25 05:14:41 UTC (rev 2819)
@@ -5,5 +5,5 @@
upstream: released (2.6.36) [70789d7052239992824628db8133de08dc78e593]
2.6.32-upstream-stable: needed
sid: released (2.6.36-1~experimental.1)
-2.6.32-squeeze-security: pending (2.6.32-46squeeze1) [bugfix/all/ipv6-discard-overlapping-fragment.patch]
+2.6.32-squeeze-security: released (2.6.32-48) [bugfix/all/ipv6-discard-overlapping-fragment.patch]
3.2-upstream-stable: N/A
Modified: active/CVE-2012-4530
===================================================================
--- active/CVE-2012-4530 2013-02-24 22:44:21 UTC (rev 2818)
+++ active/CVE-2012-4530 2013-02-25 05:14:41 UTC (rev 2819)
@@ -8,5 +8,5 @@
upstream: released (v3.8-rc1) [d740269867021faf4ce38a449353d2b986c34a67, b66c5984017533316fd1951770302649baf1aa33]
2.6.32-upstream-stable: needed
sid: released (3.2.35-1)
-2.6.32-squeeze-security: pending (2.6.32-46squeeze1) [bugfix/all/exec-do-not-leave-bprm-interp-on-stack.patch, bugfix/all/exec-use-ELOOP-for-max-recursion-depth.patch]
+2.6.32-squeeze-security: released (2.6.32-48) [bugfix/all/exec-do-not-leave-bprm-interp-on-stack.patch, bugfix/all/exec-use-ELOOP-for-max-recursion-depth.patch]
3.2-upstream-stable: released (3.2.36)
Modified: active/CVE-2012-4565
===================================================================
--- active/CVE-2012-4565 2013-02-24 22:44:21 UTC (rev 2818)
+++ active/CVE-2012-4565 2013-02-25 05:14:41 UTC (rev 2819)
@@ -6,5 +6,5 @@
upstream: released (3.7-rc4) [8f363b77ee4fbf7c3bbcf5ec2c5ca482d396d664]
2.6.32-upstream-stable: needed
sid: released (3.2.35-1)
-2.6.32-squeeze-security: pending (2.6.32-46squeeze1) [bugfix/all/net-fix-divide-by-zero-in-tcp-algorithm-illinois.patch]
+2.6.32-squeeze-security: released (2.6.32-48) [bugfix/all/net-fix-divide-by-zero-in-tcp-algorithm-illinois.patch]
3.2-upstream-stable: released (3.2.34) [df769f065d7bebf0ddc5f61605dbb1d8ea5ee2d8]
Modified: active/CVE-2013-0190
===================================================================
--- active/CVE-2013-0190 2013-02-24 22:44:21 UTC (rev 2818)
+++ active/CVE-2013-0190 2013-02-25 05:14:41 UTC (rev 2819)
@@ -5,6 +5,6 @@
Bugs:
upstream: released (3.8-rc7) [9174adbee4a9a49d0139f5d71969852b36720809]
2.6.32-upstream-stable: needed
-sid: pending (3.2.38-1)
+sid: released (3.2.39-1)
2.6.32-squeeze-security: released (2.6.32-47) [bugfix/x86/xen-Fix-stack-corruption-in-xen_failsafe_callback-fo.patch]
3.2-upstream-stable: released (3.2.38) [5c0ce9fed10a58f65fe2784b664e03bdeaaac650]
Modified: active/CVE-2013-0216
===================================================================
--- active/CVE-2013-0216 2013-02-24 22:44:21 UTC (rev 2818)
+++ active/CVE-2013-0216 2013-02-25 05:14:41 UTC (rev 2819)
@@ -5,6 +5,6 @@
Bugs:
upstream: released (3.8-rc7) [48856286b64e4b66ec62b94e504d0b29c1ade664]
2.6.32-upstream-stable:
-sid: needed
-2.6.32-squeeze-security: pending (2.6.32-46squeeze1) [features/all/xen/xsa39-classic-0001-xen-netback-garbage-ring.patch]
-3.2-upstream-stable: pending (3.2.39-rc1) [xen-netback-shutdown-the-ring-if-it-contains-garbage.patch]
+sid: released (3.2.39-1)
+2.6.32-squeeze-security: released (2.6.32-48) [features/all/xen/xsa39-classic-0001-xen-netback-garbage-ring.patch]
+3.2-upstream-stable: released (3.2.39) [xen-netback-shutdown-the-ring-if-it-contains-garbage.patch]
Modified: active/CVE-2013-0217
===================================================================
--- active/CVE-2013-0217 2013-02-24 22:44:21 UTC (rev 2818)
+++ active/CVE-2013-0217 2013-02-25 05:14:41 UTC (rev 2819)
@@ -5,6 +5,6 @@
Bugs:
upstream: released (3.8-rc7) [b9149729ebdcfce63f853aa54a404c6a8f6ebbf3]
2.6.32-upstream-stable:
-sid: needed
-2.6.32-squeeze-security: pending (2.6.32-46squeeze1) [features/all/xen/xsa39-classic-0002-xen-netback-wrap-around.patch]
-3.2-upstream-stable: pending (3.2.39-rc1) [netback-correct-netbk_tx_err-to-handle-wrap-around.patch]
+sid: released (3.2.39-1)
+2.6.32-squeeze-security: released (2.6.32-48) [features/all/xen/xsa39-classic-0002-xen-netback-wrap-around.patch]
+3.2-upstream-stable: released (3.2.39) [netback-correct-netbk_tx_err-to-handle-wrap-around.patch]
Modified: active/CVE-2013-0228
===================================================================
--- active/CVE-2013-0228 2013-02-24 22:44:21 UTC (rev 2818)
+++ active/CVE-2013-0228 2013-02-25 05:14:41 UTC (rev 2819)
@@ -3,8 +3,8 @@
http://permalink.gmane.org/gmane.comp.security.oss.general/9371
Notes:
Bugs:
-upstream: pending [13d2b4d11d69a92574a55bfd985cfb0ca77aebdc]
+upstream: released (3.8) [13d2b4d11d69a92574a55bfd985cfb0ca77aebdc]
2.6.32-upstream-stable: needed
-sid: needed
-2.6.32-squeeze-security: pending (2.6.32-46squeeze1) [features/all/xen/xsa42-pvops-0001-x86-xen-don-t-assume-ds-is-usable-in-xen_iret-for-32.patch]
-3.2-upstream-stable: pending (3.2.39-rc1) [x86-xen-don-t-assume-ds-is-usable-in-xen_iret-for-32-bit-pvops.patch]
+sid: released (3.2.39-1)
+2.6.32-squeeze-security: released (2.6.32-48) [features/all/xen/xsa42-pvops-0001-x86-xen-don-t-assume-ds-is-usable-in-xen_iret-for-32.patch]
+3.2-upstream-stable: released (3.2.39) [x86-xen-don-t-assume-ds-is-usable-in-xen_iret-for-32-bit-pvops.patch]
Modified: active/CVE-2013-0268
===================================================================
--- active/CVE-2013-0268 2013-02-24 22:44:21 UTC (rev 2818)
+++ active/CVE-2013-0268 2013-02-25 05:14:41 UTC (rev 2819)
@@ -4,6 +4,6 @@
Bugs:
upstream: released (3.8-rc2) [c903f0456bc69176912dee6dd25c6a66ee1aed00]
2.6.32-upstream-stable:
-sid: pending (3.2.38-1)
-2.6.32-squeeze-security: pending (2.6.32-46squeeze1) [bugfix/x86/msr-add-capabilities-check.patch]
+sid: released (3.2.39-1)
+2.6.32-squeeze-security: released (2.6.32-48) [bugfix/x86/msr-add-capabilities-check.patch]
3.2-upstream-stable: released (3.2.38)
Modified: active/CVE-2013-0290
===================================================================
--- active/CVE-2013-0290 2013-02-24 22:44:21 UTC (rev 2818)
+++ active/CVE-2013-0290 2013-02-25 05:14:41 UTC (rev 2819)
@@ -4,7 +4,7 @@
jmm> apparently introduced in 3.4 with 3f518bf745, reproducer should be tested
dannf> tested reproducer on squeeze; no bug observed
Bugs:
-upstream: pending [77c1090f94d1b0b5186fb13a1b71b47b1343f87f]
+upstream: released (3.8) [77c1090f94d1b0b5186fb13a1b71b47b1343f87f]
2.6.32-upstream-stable:
sid:
2.6.32-squeeze-security: N/A
Modified: active/CVE-2013-0871
===================================================================
--- active/CVE-2013-0871 2013-02-24 22:44:21 UTC (rev 2818)
+++ active/CVE-2013-0871 2013-02-25 05:14:41 UTC (rev 2819)
@@ -7,6 +7,6 @@
Bugs:
upstream: released (3.8-rc5) [910ffdb18a6408e14febbb6e4b6840fd2c928c82, 9899d11f654474d2d54ea52ceaa2a1f4db3abd68, 9067ac85d533651b98c2ff903182a20cbb361fcb]
2.6.32-upstream-stable:
-sid:
+sid: released (3.2.39-1)
2.6.32-squeeze-security: pending (2.6.32-48squeeze1) [bugfix/all/ptrace-ptrace_resume-shouldnt-wake-up-TASK_TRACED-thread.patch, bugfix/all/ptrace-introduce-signal_wake_up_state-and-ptrace_signal_wake_up.patch, bugfix/all/ptrace-ensure-arch_ptrace-ptrace_request-can-never-race-with-SIGKILL.patch, bugfix/all/wake_up_process-should-be-never-used-to-wakeup-a-TASK_STOPPED-TRACED-task.patch]
-3.2-upstream-stable: pending (3.2.39-rc1) [ptrace-introduce-signal_wake_up_state-and-ptrace_signal_wake_up.patch, ptrace-ensure-arch_ptrace-ptrace_request-can-never-race-with.patch, wake_up_process-should-be-never-used-to-wakeup-a.patch]
+3.2-upstream-stable: released (3.2.39) [ptrace-introduce-signal_wake_up_state-and-ptrace_signal_wake_up.patch, ptrace-ensure-arch_ptrace-ptrace_request-can-never-race-with.patch, wake_up_process-should-be-never-used-to-wakeup-a.patch]
More information about the kernel-sec-discuss
mailing list