[kernel-sec-discuss] r2879 - active

Moritz Muehlenhoff jmm at alioth.debian.org
Thu Mar 21 08:39:57 UTC 2013 

Author: jmm
Date: 2013-03-21 08:39:35 +0000 (Thu, 21 Mar 2013)
New Revision: 2879

Modified:
   active/CVE-2011-2695
   active/CVE-2012-3430
   active/CVE-2012-4398
   active/CVE-2012-4444
   active/CVE-2012-4530
   active/CVE-2012-4565
   active/CVE-2013-0228
   active/CVE-2013-0268
   active/CVE-2013-0349
   active/CVE-2013-0871
Log:
fixes submitted for 2.6.32.x LTS


Modified: active/CVE-2011-2695
===================================================================
--- active/CVE-2011-2695	2013-03-21 08:27:24 UTC (rev 2878)
+++ active/CVE-2011-2695	2013-03-21 08:39:35 UTC (rev 2879)
@@ -4,7 +4,7 @@
  dannf> Reproduced and verified fix using case described in git commit log
 Bugs:
 upstream: released (3.0) [f17722f917b2f21497deb6edc62fb1683daa08e6]
-2.6.32-upstream-stable: needed
+2.6.32-upstream-stable: pending
 sid: released (3.0.0-1)
 2.6.32-squeeze-security: released (2.6.32-48) [bugfix/all/ext4-Fix-max-file-size-and-logical-block-counting-of-extent-format-file.patch]
 3.2-upstream-stable: N/A

Modified: active/CVE-2012-3430
===================================================================
--- active/CVE-2012-3430	2013-03-21 08:27:24 UTC (rev 2878)
+++ active/CVE-2012-3430	2013-03-21 08:39:35 UTC (rev 2879)
@@ -3,7 +3,7 @@
 Notes:
 Bugs:
 upstream: released (3.6-rc1) [06b6a1cf6e776426766298d055bb3991957d90a7]
-2.6.32-upstream-stable: needed
+2.6.32-upstream-stable: pending
 sid: released (3.2.29-1) [bugfix/all/rds-set-correct-msg_namelen.patch]
 2.6.32-squeeze-security: released (2.6.32-46) [bugfix/all/rds-set-correct-msg_namelen.patch]
 3.2-upstream-stable: released (3.2.31)

Modified: active/CVE-2012-4398
===================================================================
--- active/CVE-2012-4398	2013-03-21 08:27:24 UTC (rev 2878)
+++ active/CVE-2012-4398	2013-03-21 08:39:35 UTC (rev 2879)
@@ -4,7 +4,7 @@
 Notes:
 Bugs:
 upstream: released (3.4) [b3449922, d0bd587a, 5b9bd473, 3e63a93b, 1cc684ab]
-2.6.32-upstream-stable: 
+2.6.32-upstream-stable: pending
 sid: released (3.2.35-1)
 2.6.32-squeeze-security: released (2.6.32-48) [bugfix/all/usermodehelper-introduce-umh_complete.patch, bugfix/all/usermodehelper-implement-UMH_KILLABLE.patch, bugfix/all/usermodehelper-____call_usermodehelper-doesnt-need-do_exit.patch, bugfix/all/kmod-introduce-call_modprobe-helper.patch, bugfix/all/kmod-make-__request_module-killable.patch]
 3.2-upstream-stable: released (3.2.40)

Modified: active/CVE-2012-4444
===================================================================
--- active/CVE-2012-4444	2013-03-21 08:27:24 UTC (rev 2878)
+++ active/CVE-2012-4444	2013-03-21 08:39:35 UTC (rev 2879)
@@ -3,7 +3,7 @@
 Notes:
 Bugs:
 upstream: released (2.6.36) [70789d7052239992824628db8133de08dc78e593]
-2.6.32-upstream-stable: needed
+2.6.32-upstream-stable: pending
 sid: released (2.6.36-1~experimental.1)
 2.6.32-squeeze-security: released (2.6.32-48) [bugfix/all/ipv6-discard-overlapping-fragment.patch]
 3.2-upstream-stable: N/A

Modified: active/CVE-2012-4530
===================================================================
--- active/CVE-2012-4530	2013-03-21 08:27:24 UTC (rev 2878)
+++ active/CVE-2012-4530	2013-03-21 08:39:35 UTC (rev 2879)
@@ -6,7 +6,7 @@
  jmm> Likely also bf2a9a39639b8b51377905397a5005f444e9a892
 Bugs:
 upstream: released (v3.8-rc1) [d740269867021faf4ce38a449353d2b986c34a67, b66c5984017533316fd1951770302649baf1aa33]
-2.6.32-upstream-stable: needed
+2.6.32-upstream-stable: pending
 sid: released (3.2.35-1)
 2.6.32-squeeze-security: released (2.6.32-48) [bugfix/all/exec-do-not-leave-bprm-interp-on-stack.patch, bugfix/all/exec-use-ELOOP-for-max-recursion-depth.patch]
 3.2-upstream-stable: released (3.2.36)

Modified: active/CVE-2012-4565
===================================================================
--- active/CVE-2012-4565	2013-03-21 08:27:24 UTC (rev 2878)
+++ active/CVE-2012-4565	2013-03-21 08:39:35 UTC (rev 2879)
@@ -4,7 +4,7 @@
 Notes:
 Bugs:
 upstream: released (3.7-rc4) [8f363b77ee4fbf7c3bbcf5ec2c5ca482d396d664]
-2.6.32-upstream-stable: needed
+2.6.32-upstream-stable: pending
 sid: released (3.2.35-1)
 2.6.32-squeeze-security: released (2.6.32-48) [bugfix/all/net-fix-divide-by-zero-in-tcp-algorithm-illinois.patch]
 3.2-upstream-stable: released (3.2.34) [df769f065d7bebf0ddc5f61605dbb1d8ea5ee2d8]

Modified: active/CVE-2013-0228
===================================================================
--- active/CVE-2013-0228	2013-03-21 08:27:24 UTC (rev 2878)
+++ active/CVE-2013-0228	2013-03-21 08:39:35 UTC (rev 2879)
@@ -4,7 +4,7 @@
 Notes:
 Bugs:
 upstream: released (3.8) [13d2b4d11d69a92574a55bfd985cfb0ca77aebdc]
-2.6.32-upstream-stable: needed
+2.6.32-upstream-stable: pending
 sid: released (3.2.39-1)
 2.6.32-squeeze-security: released (2.6.32-48) [features/all/xen/xsa42-pvops-0001-x86-xen-don-t-assume-ds-is-usable-in-xen_iret-for-32.patch]
 3.2-upstream-stable: released (3.2.39) [x86-xen-don-t-assume-ds-is-usable-in-xen_iret-for-32-bit-pvops.patch]

Modified: active/CVE-2013-0268
===================================================================
--- active/CVE-2013-0268	2013-03-21 08:27:24 UTC (rev 2878)
+++ active/CVE-2013-0268	2013-03-21 08:39:35 UTC (rev 2879)
@@ -3,7 +3,7 @@
 Notes:
 Bugs:
 upstream: released (3.8-rc2) [c903f0456bc69176912dee6dd25c6a66ee1aed00]
-2.6.32-upstream-stable:
+2.6.32-upstream-stable: pending
 sid: released (3.2.39-1)
 2.6.32-squeeze-security: released (2.6.32-48) [bugfix/x86/msr-add-capabilities-check.patch]
 3.2-upstream-stable: released (3.2.38)

Modified: active/CVE-2013-0349
===================================================================
--- active/CVE-2013-0349	2013-03-21 08:27:24 UTC (rev 2878)
+++ active/CVE-2013-0349	2013-03-21 08:39:35 UTC (rev 2879)
@@ -4,7 +4,7 @@
 Notes:
 Bugs:
 upstream: released (3.8) [0a9ab9bdb3e891762553f667066190c1d22ad62b]
-2.6.32-upstream-stable: needed
+2.6.32-upstream-stable: pending
 sid: released (3.2.39-1)
 2.6.32-squeeze-security: needed
 3.2-upstream-stable: released (3.2.38)

Modified: active/CVE-2013-0871
===================================================================
--- active/CVE-2013-0871	2013-03-21 08:27:24 UTC (rev 2878)
+++ active/CVE-2013-0871	2013-03-21 08:39:35 UTC (rev 2879)
@@ -6,7 +6,7 @@
  The fix for this issue at least textually depends on that.
 Bugs:
 upstream: released (3.8-rc5) [910ffdb18a6408e14febbb6e4b6840fd2c928c82, 9899d11f654474d2d54ea52ceaa2a1f4db3abd68, 9067ac85d533651b98c2ff903182a20cbb361fcb]
-2.6.32-upstream-stable:
+2.6.32-upstream-stable: pending
 sid: released (3.2.39-1)
 2.6.32-squeeze-security: released (2.6.32-48squeeze1) [bugfix/all/ptrace-ptrace_resume-shouldnt-wake-up-TASK_TRACED-thread.patch, bugfix/all/ptrace-introduce-signal_wake_up_state-and-ptrace_signal_wake_up.patch, bugfix/all/ptrace-ensure-arch_ptrace-ptrace_request-can-never-race-with-SIGKILL.patch, bugfix/all/wake_up_process-should-be-never-used-to-wakeup-a-TASK_STOPPED-TRACED-task.patch]
 3.2-upstream-stable: released (3.2.39) [ptrace-introduce-signal_wake_up_state-and-ptrace_signal_wake_up.patch, ptrace-ensure-arch_ptrace-ptrace_request-can-never-race-with.patch, wake_up_process-should-be-never-used-to-wakeup-a.patch]

More information about the kernel-sec-discuss mailing list