[kernel-sec-discuss] r3309 - active retired

Moritz Muehlenhoff jmm at moszumanska.debian.org
Tue Apr 15 05:10:28 UTC 2014 

Author: jmm
Date: 2014-04-15 05:10:28 +0000 (Tue, 15 Apr 2014)
New Revision: 3309

Added:
   retired/CVE-2013-4483
   retired/CVE-2014-0069
   retired/CVE-2014-2672
Removed:
   active/CVE-2013-4483
   active/CVE-2014-0069
   active/CVE-2014-2672
Log:
retire


Deleted: active/CVE-2013-4483
===================================================================
--- active/CVE-2013-4483	2014-04-15 05:09:23 UTC (rev 3308)
+++ active/CVE-2013-4483	2014-04-15 05:10:28 UTC (rev 3309)
@@ -1,12 +0,0 @@
-Description: ipc: ipc_rcu_putref refcount races
-References:
-Notes:
- jmm> https://bugzilla.redhat.com/show_bug.cgi?id=1024854 claims RHEL kernels are
- jmm> not affected, but the code seems to be present in all older kernels?
-Bugs:
-upstream: released (3.10) [6062a8dc0517bce23e3c2f7d2fea5e22411269a3]
-2.6.32-upstream-stable: ignored "too intrusive to backport"
-sid: released (3.10-1)
-3.2-wheezy-security: released (3.2.57-1) [bugfix/all/ipc-msg-fix-race-around-refcount.patch]
-2.6.32-squeeze-security: ignored "too intrusive to backport"
-3.2-upstream-stable: released (3.2.57) [ipc-msg-fix-race-around-refcount.patch]

Deleted: active/CVE-2014-0069
===================================================================
--- active/CVE-2014-0069	2014-04-15 05:09:23 UTC (rev 3308)
+++ active/CVE-2014-0069	2014-04-15 05:10:28 UTC (rev 3309)
@@ -1,11 +0,0 @@
-Description: cifs: incorrect handling of bogus user pointers during uncached writes
-References:
- http://article.gmane.org/gmane.linux.kernel.cifs/9401
-Notes:
-Bugs:
-upstream: released (3.14-rc4) [5d81de8e8667da7135d3a32a964087c0faf5483f]
-2.6.32-upstream-stable: N/A "Only affects 2.6.38 and later"
-sid: released (3.13.6-1)
-3.2-wheezy-security: released (3.2.57-1)
-2.6.32-squeeze-security: N/A "Only affects 2.6.38 and later"
-3.2-upstream-stable: released (3.2.57) [cifs-ensure-that-uncached-writes-handle-unmapped-areas-correctly.patch]

Deleted: active/CVE-2014-2672
===================================================================
--- active/CVE-2014-2672	2014-04-15 05:09:23 UTC (rev 3308)
+++ active/CVE-2014-2672	2014-04-15 05:10:28 UTC (rev 3309)
@@ -1,10 +0,0 @@
-Description: race condition in atk9k
-References:
-Notes:
-Bugs:
-upstream: released (3.14-rc1) [21f8aaee0c62708654988ce092838aa7df4d25d8]
-2.6.32-upstream-stable: N/A "introduced in 3.0 by commit 5519541d5a5f"
-sid: released (3.13.17-1)
-3.2-wheezy-security: released (3.2.56-1)
-2.6.32-squeeze-security: N/A "introduced in 3.0 by commit 5519541d5a5f"
-3.2-upstream-stable: released (3.2.56)

Copied: retired/CVE-2013-4483 (from rev 3308, active/CVE-2013-4483)
===================================================================
--- retired/CVE-2013-4483	                        (rev 0)
+++ retired/CVE-2013-4483	2014-04-15 05:10:28 UTC (rev 3309)
@@ -0,0 +1,12 @@
+Description: ipc: ipc_rcu_putref refcount races
+References:
+Notes:
+ jmm> https://bugzilla.redhat.com/show_bug.cgi?id=1024854 claims RHEL kernels are
+ jmm> not affected, but the code seems to be present in all older kernels?
+Bugs:
+upstream: released (3.10) [6062a8dc0517bce23e3c2f7d2fea5e22411269a3]
+2.6.32-upstream-stable: ignored "too intrusive to backport"
+sid: released (3.10-1)
+3.2-wheezy-security: released (3.2.57-1) [bugfix/all/ipc-msg-fix-race-around-refcount.patch]
+2.6.32-squeeze-security: ignored "too intrusive to backport"
+3.2-upstream-stable: released (3.2.57) [ipc-msg-fix-race-around-refcount.patch]


Property changes on: retired/CVE-2013-4483
___________________________________________________________________
Added: svn:mergeinfo
   + 

Copied: retired/CVE-2014-0069 (from rev 3308, active/CVE-2014-0069)
===================================================================
--- retired/CVE-2014-0069	                        (rev 0)
+++ retired/CVE-2014-0069	2014-04-15 05:10:28 UTC (rev 3309)
@@ -0,0 +1,11 @@
+Description: cifs: incorrect handling of bogus user pointers during uncached writes
+References:
+ http://article.gmane.org/gmane.linux.kernel.cifs/9401
+Notes:
+Bugs:
+upstream: released (3.14-rc4) [5d81de8e8667da7135d3a32a964087c0faf5483f]
+2.6.32-upstream-stable: N/A "Only affects 2.6.38 and later"
+sid: released (3.13.6-1)
+3.2-wheezy-security: released (3.2.57-1)
+2.6.32-squeeze-security: N/A "Only affects 2.6.38 and later"
+3.2-upstream-stable: released (3.2.57) [cifs-ensure-that-uncached-writes-handle-unmapped-areas-correctly.patch]


Property changes on: retired/CVE-2014-0069
___________________________________________________________________
Added: svn:mergeinfo
   + 

Copied: retired/CVE-2014-2672 (from rev 3308, active/CVE-2014-2672)
===================================================================
--- retired/CVE-2014-2672	                        (rev 0)
+++ retired/CVE-2014-2672	2014-04-15 05:10:28 UTC (rev 3309)
@@ -0,0 +1,10 @@
+Description: race condition in atk9k
+References:
+Notes:
+Bugs:
+upstream: released (3.14-rc1) [21f8aaee0c62708654988ce092838aa7df4d25d8]
+2.6.32-upstream-stable: N/A "introduced in 3.0 by commit 5519541d5a5f"
+sid: released (3.13.17-1)
+3.2-wheezy-security: released (3.2.56-1)
+2.6.32-squeeze-security: N/A "introduced in 3.0 by commit 5519541d5a5f"
+3.2-upstream-stable: released (3.2.56)


Property changes on: retired/CVE-2014-2672
___________________________________________________________________
Added: svn:mergeinfo
   +

More information about the kernel-sec-discuss mailing list