[kernel-sec-discuss] r3308 - active

Moritz Muehlenhoff jmm at moszumanska.debian.org
Tue Apr 15 05:09:23 UTC 2014 

Author: jmm
Date: 2014-04-15 05:09:23 +0000 (Tue, 15 Apr 2014)
New Revision: 3308

Modified:
   active/CVE-2013-4483
   active/CVE-2013-7339
   active/CVE-2014-0055
   active/CVE-2014-0069
   active/CVE-2014-0077
   active/CVE-2014-0101
   active/CVE-2014-0131
   active/CVE-2014-1874
   active/CVE-2014-2039
   active/CVE-2014-2309
   active/CVE-2014-2523
   active/CVE-2014-2672
   active/CVE-2014-2678
   active/CVE-2014-2706
Log:
mark wheezy as released now it's in s-p-u


Modified: active/CVE-2013-4483
===================================================================
--- active/CVE-2013-4483	2014-04-14 21:21:27 UTC (rev 3307)
+++ active/CVE-2013-4483	2014-04-15 05:09:23 UTC (rev 3308)
@@ -7,6 +7,6 @@
 upstream: released (3.10) [6062a8dc0517bce23e3c2f7d2fea5e22411269a3]
 2.6.32-upstream-stable: ignored "too intrusive to backport"
 sid: released (3.10-1)
-3.2-wheezy-security: pending (3.2.57-1) [bugfix/all/ipc-msg-fix-race-around-refcount.patch]
+3.2-wheezy-security: released (3.2.57-1) [bugfix/all/ipc-msg-fix-race-around-refcount.patch]
 2.6.32-squeeze-security: ignored "too intrusive to backport"
 3.2-upstream-stable: released (3.2.57) [ipc-msg-fix-race-around-refcount.patch]

Modified: active/CVE-2013-7339
===================================================================
--- active/CVE-2013-7339	2014-04-14 21:21:27 UTC (rev 3307)
+++ active/CVE-2013-7339	2014-04-15 05:09:23 UTC (rev 3308)
@@ -5,6 +5,6 @@
 upstream: released (3.13-rc4)
 2.6.32-upstream-stable:
 sid: released (3.13-1~exp1)
-3.2-wheezy-security: pending (3.2.56-1)
+3.2-wheezy-security: released (3.2.56-1)
 2.6.32-squeeze-security: pending (2.6.32-48squeeze5) [bugfix/all/rds-prevent-dereference-of-a-NULL-device.patch]
 3.2-upstream-stable: released (3.2.55)

Modified: active/CVE-2014-0055
===================================================================
--- active/CVE-2014-0055	2014-04-14 21:21:27 UTC (rev 3307)
+++ active/CVE-2014-0055	2014-04-15 05:09:23 UTC (rev 3308)
@@ -7,6 +7,6 @@
 upstream: released (3.14) [a39ee449f96a2cd44ce056d8a0a112211a9b1a1f]
 2.6.32-upstream-stable: N/A "vhost_net introduced in 2.6.33"
 sid: pending (3.13.8-1) [bugfix/all/vhost-validate-vhost_get_vq_desc-return-value.patch]
-3.2-wheezy-security: pending (3.2.57-1) [bugfix/all/vhost-validate-vhost_get_vq_desc-return-value.patch]
+3.2-wheezy-security: released (3.2.57-1) [bugfix/all/vhost-validate-vhost_get_vq_desc-return-value.patch]
 2.6.32-squeeze-security: N/A "vhost_net introduced in 2.6.33"
 3.2-upstream-stable: pending (3.2.58) [vhost-validate-vhost_get_vq_desc-return-value.patch]

Modified: active/CVE-2014-0069
===================================================================
--- active/CVE-2014-0069	2014-04-14 21:21:27 UTC (rev 3307)
+++ active/CVE-2014-0069	2014-04-15 05:09:23 UTC (rev 3308)
@@ -6,6 +6,6 @@
 upstream: released (3.14-rc4) [5d81de8e8667da7135d3a32a964087c0faf5483f]
 2.6.32-upstream-stable: N/A "Only affects 2.6.38 and later"
 sid: released (3.13.6-1)
-3.2-wheezy-security: pending (3.2.57-1)
+3.2-wheezy-security: released (3.2.57-1)
 2.6.32-squeeze-security: N/A "Only affects 2.6.38 and later"
 3.2-upstream-stable: released (3.2.57) [cifs-ensure-that-uncached-writes-handle-unmapped-areas-correctly.patch]

Modified: active/CVE-2014-0077
===================================================================
--- active/CVE-2014-0077	2014-04-14 21:21:27 UTC (rev 3307)
+++ active/CVE-2014-0077	2014-04-15 05:09:23 UTC (rev 3308)
@@ -6,6 +6,6 @@
 upstream: released (3.14) [d8316f3991d207fe32881a9ac20241be8fa2bad0]
 2.6.32-upstream-stable: N/A "vhost_net introduced in 2.6.33"
 sid: pending (3.13.8-1) [bugfix/all/vhost-fix-total-length-when-packets-are-too-short.patch]
-3.2-wheezy-security: pending (3.2.57-1) [bugfix/all/vhost-fix-total-length-when-packets-are-too-short.patch]
+3.2-wheezy-security: released (3.2.57-1) [bugfix/all/vhost-fix-total-length-when-packets-are-too-short.patch]
 2.6.32-squeeze-security: N/A "vhost_net introduced in 2.6.33"
 3.2-upstream-stable: pending (3.2.58) [vhost-fix-total-length-when-packets-are-too-short.patch]

Modified: active/CVE-2014-0101
===================================================================
--- active/CVE-2014-0101	2014-04-14 21:21:27 UTC (rev 3307)
+++ active/CVE-2014-0101	2014-04-15 05:09:23 UTC (rev 3308)
@@ -6,6 +6,6 @@
 upstream: released (3.14-rc3) [ec0223ec48a90cb605244b45f7c62de856403729]
 2.6.32-upstream-stable: needed
 sid: released (3.13.6-1) [bugfix/all/net-sctp-fix-sctp_sf_do_5_1D_ce-to-verify-if-we-peer.patch]
-3.2-wheezy-security: pending (3.2.56-1)
+3.2-wheezy-security: released (3.2.56-1)
 2.6.32-squeeze-security: pending (2.6.32-48squeeze5) [bugfix/all/net-sctp-fix-sctp_sf_do_5_1D_ce-to-verify-if-we-peer.patch]
 3.2-upstream-stable: released (3.2.56)

Modified: active/CVE-2014-0131
===================================================================
--- active/CVE-2014-0131	2014-04-14 21:21:27 UTC (rev 3307)
+++ active/CVE-2014-0131	2014-04-15 05:09:23 UTC (rev 3308)
@@ -6,6 +6,6 @@
 upstream: released (3.14-rc7) [8cb19905e9287a93ce7c2cbbdf742a060b00e219, 4e1beba12d094c6c761ba5c49032b9b9e46380e8, df5771ffefb13f8af5392bd54fd7e2b596a3a357, 1a4cedaf65491e66e1e55b8428c89209da729209, 1fd819ecb90cc9b822cd84d3056ddba315d3340f]
 2.6.32-upstream-stable: N/A "zerocopy introduced in 3.1"
 sid: released (3.13.6-1) [bugfix/all/net-use-kfree_skb_list-helper.patch, bugfix/all/0001-skbuff-skb_segment-s-frag-nskb_frag.patch, bugfix/all/0002-skbuff-skb_segment-s-skb_frag-frag.patch, bugfix/all/0003-skbuff-skb_segment-s-skb-head_skb.patch, bugfix/all/0004-skbuff-skb_segment-s-fskb-list_skb.patch, bugfix/all/0005-skbuff-skb_segment-orphan-frags-before-copying.patch]
-3.2-wheezy-security: pending (3.2.57-1) [bugfix/all/skbuff-skb_segment-orphan-frags-before-copying.patch]
+3.2-wheezy-security: released (3.2.57-1) [bugfix/all/skbuff-skb_segment-orphan-frags-before-copying.patch]
 2.6.32-squeeze-security: N/A "zerocopy introduced in 3.1"
 3.2-upstream-stable:

Modified: active/CVE-2014-1874
===================================================================
--- active/CVE-2014-1874	2014-04-14 21:21:27 UTC (rev 3307)
+++ active/CVE-2014-1874	2014-04-15 05:09:23 UTC (rev 3308)
@@ -7,6 +7,6 @@
 upstream: released (3.14-rc2) [2172fa709ab32ca60e86179dc67d0857be8e2c98]
 2.6.32-upstream-stable: needed
 sid: released (3.13.4-1)
-3.2-wheezy-security: pending (3.2.56-1)
+3.2-wheezy-security: released (3.2.56-1)
 2.6.32-squeeze-security: pending (2.6.32-48squeeze5) [bugfix/all/SELinux-Fix-kernel-BUG-on-empty-security-contexts.patch]
 3.2-upstream-stable: released (3.2.56)

Modified: active/CVE-2014-2039
===================================================================
--- active/CVE-2014-2039	2014-04-14 21:21:27 UTC (rev 3307)
+++ active/CVE-2014-2039	2014-04-15 05:09:23 UTC (rev 3308)
@@ -5,6 +5,6 @@
 upstream: released (3.14-rc2) [8d7f6690cedb83456edd41c9bd583783f0703bf0]
 2.6.32-upstream-stable:
 sid: released (3.13.5-1)
-3.2-wheezy-security: pending (3.2.57-1)
+3.2-wheezy-security: released (3.2.57-1)
 2.6.32-squeeze-security: pending (2.6.32-48squeeze5) [bugfix/s390/fix-kernel-crash-due-to-linkage-stack-instructi.patch]
 3.2-upstream-stable: released (3.2.57) [s390-fix-kernel-crash-due-to-linkage-stack-instructions.patch]

Modified: active/CVE-2014-2309
===================================================================
--- active/CVE-2014-2309	2014-04-14 21:21:27 UTC (rev 3307)
+++ active/CVE-2014-2309	2014-04-15 05:09:23 UTC (rev 3308)
@@ -6,6 +6,6 @@
 upstream: released (3.14-rc4) [c88507fbad8055297c1d1e21e599f46960cbee39]
 2.6.32-upstream-stable: N/A "Introduced in 3.0 with 957c665f37007de93ccbe45902a23143724170d0"
 sid: released (3.13.6-1) [bugfix/all/ipv6-don-t-set-DST_NOCOUNT-for-remotely-added-routes.patch]
-3.2-wheezy-security: pending (3.2.57-1) [bugfix/all/ipv6-don-t-set-dst_nocount-for-remotely-added-routes.patch]
+3.2-wheezy-security: released (3.2.57-1) [bugfix/all/ipv6-don-t-set-dst_nocount-for-remotely-added-routes.patch]
 2.6.32-squeeze-security: N/A "Introduced in 3.0 with 957c665f37007de93ccbe45902a23143724170d0"
 3.2-upstream-stable: pending (3.2.58) [ipv6-don-t-set-dst_nocount-for-remotely-added-routes.patch]

Modified: active/CVE-2014-2523
===================================================================
--- active/CVE-2014-2523	2014-04-14 21:21:27 UTC (rev 3307)
+++ active/CVE-2014-2523	2014-04-15 05:09:23 UTC (rev 3308)
@@ -5,6 +5,6 @@
 upstream: released (3.13-rc4) [b22f5126a24b3b2f15448c3f2a254fc10cbc2b92]
 2.6.32-upstream-stable: needed
 sid: released (3.13-1~exp1)
-3.2-wheezy-security: pending (3.2.57-1)
+3.2-wheezy-security: released (3.2.57-1)
 2.6.32-squeeze-security: pending (2.6.32-48squeeze5) [bugfix/all/netfilter-nf_conntrack_dccp-fix-skb_header_pointer-A.patch]
 3.2-upstream-stable: released (3.2.57) [netfilter-nf_conntrack_dccp-fix-skb_header_pointer-api-usages.patch]

Modified: active/CVE-2014-2672
===================================================================
--- active/CVE-2014-2672	2014-04-14 21:21:27 UTC (rev 3307)
+++ active/CVE-2014-2672	2014-04-15 05:09:23 UTC (rev 3308)
@@ -5,6 +5,6 @@
 upstream: released (3.14-rc1) [21f8aaee0c62708654988ce092838aa7df4d25d8]
 2.6.32-upstream-stable: N/A "introduced in 3.0 by commit 5519541d5a5f"
 sid: released (3.13.17-1)
-3.2-wheezy-security: pending (3.2.56-1)
+3.2-wheezy-security: released (3.2.56-1)
 2.6.32-squeeze-security: N/A "introduced in 3.0 by commit 5519541d5a5f"
 3.2-upstream-stable: released (3.2.56)

Modified: active/CVE-2014-2678
===================================================================
--- active/CVE-2014-2678	2014-04-14 21:21:27 UTC (rev 3307)
+++ active/CVE-2014-2678	2014-04-15 05:09:23 UTC (rev 3308)
@@ -6,6 +6,6 @@
 upstream: pending (3.15-rc1) [bf39b4247b8799935ea91d90db250ab608a58e50]
 2.6.32-upstream-stable:
 sid:
-3.2-wheezy-security: pending (3.2.57-1) [bugfix/all/rds-prevent-dereference-of-a-null-device-in-rds_iw_laddr_check.patch]
+3.2-wheezy-security: released (3.2.57-1) [bugfix/all/rds-prevent-dereference-of-a-null-device-in-rds_iw_laddr_check.patch]
 2.6.32-squeeze-security:
 3.2-upstream-stable: pending (3.2.58) [rds-prevent-dereference-of-a-null-device-in-rds_iw_laddr_check.patch]

Modified: active/CVE-2014-2706
===================================================================
--- active/CVE-2014-2706	2014-04-14 21:21:27 UTC (rev 3307)
+++ active/CVE-2014-2706	2014-04-15 05:09:23 UTC (rev 3308)
@@ -6,6 +6,6 @@
 upstream: released (3.14-rc6) [1d147bfa64293b2723c4fec50922168658e613ba]
 2.6.32-upstream-stable:
 sid: released (3.13.7-1)
-3.2-wheezy-security: pending (3.2.56-1)
+3.2-wheezy-security: released (3.2.56-1)
 2.6.32-squeeze-security:
 3.2-upstream-stable: released (3.2.56)

More information about the kernel-sec-discuss mailing list