[kernel-sec-discuss] r2924 - active

Dann Frazier dannf at alioth.debian.org
Wed May 1 06:14:13 UTC 2013


Author: dannf
Date: 2013-05-01 06:13:51 +0000 (Wed, 01 May 2013)
New Revision: 2924

Modified:
   active/CVE-2012-2121
   active/CVE-2012-3552
   active/CVE-2012-4461
   active/CVE-2012-6537
   active/CVE-2012-6539
   active/CVE-2012-6540
   active/CVE-2012-6542
   active/CVE-2012-6544
   active/CVE-2012-6545
   active/CVE-2012-6546
   active/CVE-2012-6548
   active/CVE-2012-6549
   active/CVE-2013-0349
   active/CVE-2013-0871
   active/CVE-2013-0914
   active/CVE-2013-1767
   active/CVE-2013-1773
   active/CVE-2013-1796
   active/CVE-2013-1798
   active/CVE-2013-1826
   active/CVE-2013-1860
   active/CVE-2013-2634
Log:
update squeeze status

Modified: active/CVE-2012-2121
===================================================================
--- active/CVE-2012-2121	2013-05-01 04:55:14 UTC (rev 2923)
+++ active/CVE-2012-2121	2013-05-01 06:13:51 UTC (rev 2924)
@@ -5,5 +5,5 @@
 upstream: released (3.4-rc4) [32f6daad4651a748a58a3ab6da0611862175722f, 21a1416a1c945c5aeaeaf791b63c64926018eb77]
 2.6.32-upstream-stable:
 sid: released (3.2.17-1) [bugfix/all/kvm-lock-slots_lock-around-device-assignment.patch]
-2.6.32-squeeze-security: ignored (2.6.32-44) "needs port"
+2.6.32-squeeze-security: pending (2.6.32-48squeeze2) [bugfix/x86/KVM-unmap-pages-from-the-iommu-when-slots-are-remove.patch, bugfix/x86/KVM-lock-slots_lock-around-device-assignment.patch]
 3.2-upstream-stable: released (3.2.19) [1e57aab4e6c549804298f07fac0b6fc77f10fab2, 50fcec93e8c917b4f6e1a3219207d351e6eae1b2]

Modified: active/CVE-2012-3552
===================================================================
--- active/CVE-2012-3552	2013-05-01 04:55:14 UTC (rev 2923)
+++ active/CVE-2012-3552	2013-05-01 06:13:51 UTC (rev 2924)
@@ -5,5 +5,5 @@
 upstream: released (3.0) [f6d8bd051c391c1c0458a30b2a7abcd939329259]
 2.6.32-upstream-stable: 
 sid: released (3.0-1)
-2.6.32-squeeze-security: needed "attempted fix reverted in r19806; needs review"
+2.6.32-squeeze-security: pending (2.6.32-48squeeze2) [bugfix/all/inet-add-RCU-protection-to-inet-opt.patch]
 3.2-upstream-stable: N/A

Modified: active/CVE-2012-4461
===================================================================
--- active/CVE-2012-4461	2013-05-01 04:55:14 UTC (rev 2923)
+++ active/CVE-2012-4461	2013-05-01 06:13:51 UTC (rev 2924)
@@ -7,5 +7,5 @@
 upstream: released (3.7-rc6) [6d1068b3a98519247d8ba4ec85cd40ac136dbdf9]
 2.6.32-upstream-stable:
 sid: released (3.2.35-1)
-2.6.32-squeeze-security:
+2.6.32-squeeze-security: pending (2.6.32-48squeeze2) [bugfix/x86/KVM-x86-invalid-opcode-oops-on-SET_SREGS-with-OSXSAV.patch]
 3.2-upstream-stable: released (3.2.36)

Modified: active/CVE-2012-6537
===================================================================
--- active/CVE-2012-6537	2013-05-01 04:55:14 UTC (rev 2923)
+++ active/CVE-2012-6537	2013-05-01 06:13:51 UTC (rev 2924)
@@ -6,5 +6,5 @@
 upstream: released (3.6) [1f86840f897717f86d523a13e99a447e6a5d2fa5, 7b789836f434c87168eab067cfbed1ec4783dffd, f778a636713a435d3a922c60b1622a91136560c1]
 2.6.32-upstream-stable:
 sid: released (3.2.32-1)
-2.6.32-squeeze-security:
+2.6.32-squeeze-security: pending (2.6.32-48squeeze2) [bugfix/all/xfrm_user-fix-info-leak-in-copy_to_user_state.patch, bugfix/all/xfrm_user-fix-info-leak-in-copy_to_user_policy.patch, bugfix/all/xfrm_user-fix-info-leak-in-copy_to_user_tmpl.patch]
 3.2-upstream-stable: released (3.2.31)
\ No newline at end of file

Modified: active/CVE-2012-6539
===================================================================
--- active/CVE-2012-6539	2013-05-01 04:55:14 UTC (rev 2923)
+++ active/CVE-2012-6539	2013-05-01 06:13:51 UTC (rev 2924)
@@ -6,5 +6,5 @@
 upstream: released (3.6) [43da5f2e0d0c69ded3d51907d9552310a6b545e8]
 2.6.32-upstream-stable:
 sid: released (3.2.30-1)
-2.6.32-squeeze-security:
+2.6.32-squeeze-security: pending (2.6.32-48squeeze2) [bugfix/all/net-fix-info-leak-in-compat-dev_ifconf.patch]
 3.2-upstream-stable: released (3.2.30)

Modified: active/CVE-2012-6540
===================================================================
--- active/CVE-2012-6540	2013-05-01 04:55:14 UTC (rev 2923)
+++ active/CVE-2012-6540	2013-05-01 06:13:51 UTC (rev 2924)
@@ -6,5 +6,5 @@
 upstream: released (3.6) [2d8a041b7bfe1097af21441cb77d6af95f4f4680]
 2.6.32-upstream-stable:
 sid: released (3.2.30-1)
-2.6.32-squeeze-security:
+2.6.32-squeeze-security: pending (2.6.32-48squeeze2) [bugfix/all/ipvs-fix-info-leak-in-getsockopt-IP_VS_SO_GET_TIMEOU.patch]
 3.2-upstream-stable: released (3.2.30)

Modified: active/CVE-2012-6542
===================================================================
--- active/CVE-2012-6542	2013-05-01 04:55:14 UTC (rev 2923)
+++ active/CVE-2012-6542	2013-05-01 06:13:51 UTC (rev 2924)
@@ -6,5 +6,5 @@
 upstream: released (3.6) [3592aaeb80290bda0f2cf0b5456c97bfc638b192]
 2.6.32-upstream-stable: 
 sid: released (3.2.30-1)
-2.6.32-squeeze-security:
+2.6.32-squeeze-security: pending (2.6.32-48squeeze2) [bugfix/all/llc-fix-info-leak-via-getsockname.patch]
 3.2-upstream-stable: released (3.2.30)

Modified: active/CVE-2012-6544
===================================================================
--- active/CVE-2012-6544	2013-05-01 04:55:14 UTC (rev 2923)
+++ active/CVE-2012-6544	2013-05-01 06:13:51 UTC (rev 2924)
@@ -6,5 +6,5 @@
 upstream: released (3.6) [792039c73cf176c8e39a6e8beef2c94ff46522ed, 3f68ba07b1da811bf383b4b701b129bfcb2e4988, e15ca9a0ef9a86f0477530b0f44a725d67f889ee]
 2.6.32-upstream-stable:
 sid: released (3.2.30-1)
-2.6.32-squeeze-security:
+2.6.32-squeeze-security: pending (2.6.32-48squeeze2) [bugfix/all/Bluetooth-L2CAP-Fix-info-leak-via-getsockname.patch, bugfix/all/Bluetooth-HCI-Fix-info-leak-in-getsockopt-HCI_FILTER.patch]
 3.2-upstream-stable: released (3.2.30)

Modified: active/CVE-2012-6545
===================================================================
--- active/CVE-2012-6545	2013-05-01 04:55:14 UTC (rev 2923)
+++ active/CVE-2012-6545	2013-05-01 06:13:51 UTC (rev 2924)
@@ -6,5 +6,5 @@
 upstream: released (3.6) [9344a972961d1a6d2c04d9008b13617bcb6ec2ef, f9432c5ec8b1e9a09b9b0e5569e3c73db8de432a, 9ad2de43f1aee7e7274a4e0d41465489299e344b]
 2.6.32-upstream-stable:
 sid: released (3.2.30-1)
-2.6.32-squeeze-security:
+2.6.32-squeeze-security: pending (2.6.32-48squeeze2) [bugfix/all/Bluetooth-RFCOMM-Fix-info-leak-via-getsockname.patch, bugfix/all/Bluetooth-RFCOMM-Fix-info-leak-in-ioctl-RFCOMMGETDEV.patch]
 3.2-upstream-stable: released (3.2.30)

Modified: active/CVE-2012-6546
===================================================================
--- active/CVE-2012-6546	2013-05-01 04:55:14 UTC (rev 2923)
+++ active/CVE-2012-6546	2013-05-01 06:13:51 UTC (rev 2924)
@@ -6,5 +6,5 @@
 upstream: released (3.6) [3c0c5cfdcd4d69ffc4b9c0907cec99039f30a50a, e862f1a9b7df4e8196ebec45ac62295138aa3fc2]
 2.6.32-upstream-stable:
 sid: released (3.2.30-1)
-2.6.32-squeeze-security:
+2.6.32-squeeze-security: pending (2.6.32-48squeeze2) [bugfix/all/atm-fix-info-leak-via-getsockname.patch, bugfix/all/atm-fix-info-leak-in-getsockopt-SO_ATMPVC.patch]
 3.2-upstream-stable: released (3.2.30)

Modified: active/CVE-2012-6548
===================================================================
--- active/CVE-2012-6548	2013-05-01 04:55:14 UTC (rev 2923)
+++ active/CVE-2012-6548	2013-05-01 06:13:51 UTC (rev 2924)
@@ -6,5 +6,5 @@
 upstream: released (3.6) [0143fc5e9f6f5aad4764801015bc8d4b4a278200]
 2.6.32-upstream-stable:
 sid: released (3.2.41-1)
-2.6.32-squeeze-security:
+2.6.32-squeeze-security: pending (2.6.32-48squeeze2) [bugfix/all/udf-avoid-info-leak-on-export.patch]
 3.2-upstream-stable: released (3.2.42)

Modified: active/CVE-2012-6549
===================================================================
--- active/CVE-2012-6549	2013-05-01 04:55:14 UTC (rev 2923)
+++ active/CVE-2012-6549	2013-05-01 06:13:51 UTC (rev 2924)
@@ -6,5 +6,5 @@
 upstream: released (3.6) [fe685aabf7c8c9f138e5ea900954d295bf229175]
 2.6.32-upstream-stable:
 sid: released (3.2.41-1)
-2.6.32-squeeze-security:
+2.6.32-squeeze-security: pending (2.6.32-48squeeze2) [bugfix/all/isofs-avoid-info-leak-on-export.patch]
 3.2-upstream-stable: released (3.2.42)

Modified: active/CVE-2013-0349
===================================================================
--- active/CVE-2013-0349	2013-05-01 04:55:14 UTC (rev 2923)
+++ active/CVE-2013-0349	2013-05-01 06:13:51 UTC (rev 2924)
@@ -6,5 +6,5 @@
 upstream: released (3.8) [0a9ab9bdb3e891762553f667066190c1d22ad62b]
 2.6.32-upstream-stable: pending
 sid: released (3.2.39-1)
-2.6.32-squeeze-security: needed
+2.6.32-squeeze-security: pending (2.6.32-48squeeze2) [bugfix/all/Bluetooth-Fix-incorrect-strncpy-in-hidp_setup_hid.patch]
 3.2-upstream-stable: released (3.2.38)

Modified: active/CVE-2013-0871
===================================================================
--- active/CVE-2013-0871	2013-05-01 04:55:14 UTC (rev 2923)
+++ active/CVE-2013-0871	2013-05-01 06:13:51 UTC (rev 2924)
@@ -8,5 +8,5 @@
 upstream: released (3.8-rc5) [910ffdb18a6408e14febbb6e4b6840fd2c928c82, 9899d11f654474d2d54ea52ceaa2a1f4db3abd68, 9067ac85d533651b98c2ff903182a20cbb361fcb]
 2.6.32-upstream-stable: pending
 sid: released (3.2.39-1)
-2.6.32-squeeze-security: released (2.6.32-48squeeze1) [bugfix/all/ptrace-ptrace_resume-shouldnt-wake-up-TASK_TRACED-thread.patch, bugfix/all/ptrace-introduce-signal_wake_up_state-and-ptrace_signal_wake_up.patch, bugfix/all/ptrace-ensure-arch_ptrace-ptrace_request-can-never-race-with-SIGKILL.patch, bugfix/all/wake_up_process-should-be-never-used-to-wakeup-a-TASK_STOPPED-TRACED-task.patch]
+2.6.32-squeeze-security: pending (2.6.32-48squeeze2) [bugfix/all/ptrace-ptrace_resume-shouldnt-wake-up-TASK_TRACED-thread.patch, bugfix/all/ptrace-introduce-signal_wake_up_state-and-ptrace_signal_wake_up.patch, bugfix/all/ptrace-ensure-arch_ptrace-ptrace_request-can-never-race-with-SIGKILL.patch, bugfix/all/wake_up_process-should-be-never-used-to-wakeup-a-TASK_STOPPED-TRACED-task.patch, bugfix/all/fix-ptrace-when-task-is-in-task_is_stopped-state.patch]
 3.2-upstream-stable: released (3.2.39) [ptrace-introduce-signal_wake_up_state-and-ptrace_signal_wake_up.patch, ptrace-ensure-arch_ptrace-ptrace_request-can-never-race-with.patch, wake_up_process-should-be-never-used-to-wakeup-a.patch]

Modified: active/CVE-2013-0914
===================================================================
--- active/CVE-2013-0914	2013-05-01 04:55:14 UTC (rev 2923)
+++ active/CVE-2013-0914	2013-05-01 06:13:51 UTC (rev 2924)
@@ -6,5 +6,5 @@
 upstream: released (3.9-rc3) [2ca39528c01a933f6689cd6505ce65bd6d68a530]
 2.6.32-upstream-stable: needed
 sid: released (3.2.41-1)
-2.6.32-squeeze-security: needed
+2.6.32-squeeze-security: pending (2.6.32-48squeeze2) [bugfix/all/signal-always-clear-sa_restorer-on-execve.patch, bugfix/all/signal-Define-__ARCH_HAS_SA_RESTORER-so-we-know-whet.patch, bugfix/all/kernel-signal.c-use-__ARCH_HAS_SA_RESTORER-instead-o.patch]
 3.2-upstream-stable: released (3.2.41) [signal-always-clear-sa_restorer-on-execve.patch]

Modified: active/CVE-2013-1767
===================================================================
--- active/CVE-2013-1767	2013-05-01 04:55:14 UTC (rev 2923)
+++ active/CVE-2013-1767	2013-05-01 06:13:51 UTC (rev 2924)
@@ -6,5 +6,5 @@
 upstream: released (3.9-rc1) [5f00110f7273f9ff04ac69a5f85bb535a4fd0987]
 2.6.32-upstream-stable: needed
 sid: released (3.2.41-1)
-2.6.32-squeeze-security: needed
+2.6.32-squeeze-security: pending (2.6.32-48squeeze2) [bugfix/all/tmpfs-fix-use-after-free-of-mempolicy-object.patch]
 3.2-upstream-stable: released (3.2.40)

Modified: active/CVE-2013-1773
===================================================================
--- active/CVE-2013-1773	2013-05-01 04:55:14 UTC (rev 2923)
+++ active/CVE-2013-1773	2013-05-01 06:13:51 UTC (rev 2924)
@@ -5,5 +5,5 @@
 upstream: released (3.3) [0720a06a7518c9d0c0125bd5d1f3b6264c55c3dd]
 2.6.32-upstream-stable:
 sid: released (3.2.15-1) [features/x86/hyperv/0001-NLS-improve-UTF8-UTF16-string-conversion-routine.patch]
-2.6.32-squeeze-security:
+2.6.32-squeeze-security: pending (2.6.32-48squeeze2) [bugfix/all/fat-Fix-stat-f_namelen.patch, bugfix/all/NLS-improve-UTF8-UTF16-string-conversion-routine.patch, debian/nls-Avoid-ABI-change-for-CVE-2013-1773-fix.patch]
 3.2-upstream-stable: released (3.2.41) [nls-improve-utf8-utf16-string-conversion-routine.patch]

Modified: active/CVE-2013-1796
===================================================================
--- active/CVE-2013-1796	2013-05-01 04:55:14 UTC (rev 2923)
+++ active/CVE-2013-1796	2013-05-01 06:13:51 UTC (rev 2924)
@@ -5,5 +5,5 @@
 upstream: released (3.9-rc3) [c300aa64ddf57d9c5d9c898a64b36877345dd4a9]
 2.6.32-upstream-stable:
 sid: released (3.2.41-2) [bugfix/x86/KVM-x86-fix-for-buffer-overflow-in-handling-of-MSR_K.patch]
-2.6.32-squeeze-security:
+2.6.32-squeeze-security: pending (2.6.32-48squeeze2) [bugfix/x86/KVM-x86-fix-for-buffer-overflow-in-handling-of-MSR_K.patch, bugfix/x86/KVM-x86-relax-MSR_KVM_SYSTEM_TIME-alignment-check.patch]
 3.2-upstream-stable: released (3.2.44)

Modified: active/CVE-2013-1798
===================================================================
--- active/CVE-2013-1798	2013-05-01 04:55:14 UTC (rev 2923)
+++ active/CVE-2013-1798	2013-05-01 06:13:51 UTC (rev 2924)
@@ -5,5 +5,5 @@
 upstream: released (3.9-rc3) [a2c118bfab8bc6b8bb213abfc35201e441693d55]
 2.6.32-upstream-stable:
 sid: released (3.2.41-2) [bugfix/all/KVM-Fix-bounds-checking-in-ioapic-indirect-register-.patch]
-2.6.32-squeeze-security:
+2.6.32-squeeze-security: pending (2.6.32-48squeeze2) [bugfix/all/KVM-Fix-bounds-checking-in-ioapic-indirect-register-.patch]
 3.2-upstream-stable: released (3.2.44)

Modified: active/CVE-2013-1826
===================================================================
--- active/CVE-2013-1826	2013-05-01 04:55:14 UTC (rev 2923)
+++ active/CVE-2013-1826	2013-05-01 06:13:51 UTC (rev 2924)
@@ -6,5 +6,5 @@
 upstream: released (3.6) [864745d291b5ba80ea0bd0edcbe67273de368836, c25463722509fef0ed630b271576a8c9a70236f3]
 2.6.32-upstream-stable: needed
 sid: released (3.2.32-1)
-2.6.32-squeeze-security: needed
+2.6.32-squeeze-security: pending (2.6.32-48squeeze2) [bugfix/all/xfrm_user-return-error-pointer-instead-of-NULL.patch, bugfix/all/xfrm_user-return-error-pointer-instead-of-NULL-2.patch]
 3.2-upstream-stable: released (3.2.31)

Modified: active/CVE-2013-1860
===================================================================
--- active/CVE-2013-1860	2013-05-01 04:55:14 UTC (rev 2923)
+++ active/CVE-2013-1860	2013-05-01 06:13:51 UTC (rev 2924)
@@ -5,5 +5,5 @@
 upstream: released (3.9-rc3) [c0f5ecee4e741667b2493c742b60b6218d40b3aa]
 2.6.32-upstream-stable: needed
 sid: released (3.2.41-1)
-2.6.32-squeeze-security: needed
+2.6.32-squeeze-security: pending (2.6.32-48squeeze2) [bugfix/all/USB-cdc-wdm-fix-buffer-overflow.patch]
 3.2-upstream-stable: released (3.2.41) [usb-cdc-wdm-fix-buffer-overflow.patch]

Modified: active/CVE-2013-2634
===================================================================
--- active/CVE-2013-2634	2013-05-01 04:55:14 UTC (rev 2923)
+++ active/CVE-2013-2634	2013-05-01 06:13:51 UTC (rev 2924)
@@ -5,6 +5,6 @@
 upstream: released (3.9-rc3) [29cd8ae0e1a39e239a3a7b67da1986add1199fc0]
 2.6.32-upstream-stable: needed
 sid: released (3.2.41-1) [bugfix/all/dcbnl-fix-various-netlink-info-leaks.patch]
-2.6.32-squeeze-security: needed
+2.6.32-squeeze-security: pending (2.6.32-48squeeze2) [bugfix/all/dcbnl-fix-various-netlink-info-leaks.patch]
 3.2-upstream-stable: released (3.2.42) [dcbnl-fix-various-netlink-info-leaks.patch]
 




More information about the kernel-sec-discuss mailing list