[kernel-sec-discuss] r3328 - active retired
Moritz Muehlenhoff
jmm at moszumanska.debian.org
Mon Apr 28 06:21:32 UTC 2014
Author: jmm
Date: 2014-04-28 06:21:32 +0000 (Mon, 28 Apr 2014)
New Revision: 3328
Added:
retired/CVE-2013-2147
retired/CVE-2013-2889
retired/CVE-2013-2893
retired/CVE-2013-6380
Removed:
active/CVE-2013-2147
active/CVE-2013-2889
active/CVE-2013-2893
active/CVE-2013-6380
Log:
retire four issues
Deleted: active/CVE-2013-2147
===================================================================
--- active/CVE-2013-2147 2014-04-28 06:19:05 UTC (rev 3327)
+++ active/CVE-2013-2147 2014-04-28 06:21:32 UTC (rev 3328)
@@ -1,12 +0,0 @@
-Description: info leaks in cpqarray and cciss
-References:
- https://lkml.org/lkml/2013/6/3/131
- https://lkml.org/lkml/2013/6/3/127
-Notes:
-Bugs:
-upstream: released (3.12-rc3)[627aad1c01da6f881e7f98d71fd928ca0c316b1a, 58f09e00ae095e46ef9edfcf3a5fd9ccdfad065e]
-2.6.32-upstream-stable: pending (2.6.32.62)
-sid: released (3.11.5-1)
-3.2-wheezy-security: released (3.2.53-1)
-2.6.32-squeeze-security: released (2.6.32-48squeeze5) [bugfix/all/cciss-fix-info-leak.patch, bugfix/all/cpqarray-fix-info-leak.patch]
-3.2-upstream-stable: released (3.2.52)
Deleted: active/CVE-2013-2889
===================================================================
--- active/CVE-2013-2889 2014-04-28 06:19:05 UTC (rev 3327)
+++ active/CVE-2013-2889 2014-04-28 06:21:32 UTC (rev 3328)
@@ -1,12 +0,0 @@
-Description: zeroplus local DoS through zeroing out too much
-References:
- http://marc.info/?l=linux-input&m=137772182014614&w=1
-Notes:
- also needs http://marc.info/?l=linux-input&m=137772181214612&w=1
-Bugs:
-upstream: released (3.12-rc2) [78214e81a1bf43740ce89bb5efda78eac2f8ef83, 331415ff16a12147d57d5c953f3a961b7ede348b]
-2.6.32-upstream-stable: pending (2.6.32.62)
-sid: released (3.11.5-1)
-3.2-wheezy-security: released (3.2.53-1)
-2.6.32-squeeze-security: released (2.6.32-48squeeze5) [bugfix/all/hid-zeroplus-validate-output.patch]
-3.2-upstream-stable: released (3.2.52)
Deleted: active/CVE-2013-2893
===================================================================
--- active/CVE-2013-2893 2014-04-28 06:19:05 UTC (rev 3327)
+++ active/CVE-2013-2893 2014-04-28 06:21:32 UTC (rev 3328)
@@ -1,12 +0,0 @@
-Description: Logitech local DoS through zeroing out too much
-References:
- http://marc.info/?l=linux-input&m=137772186714627&w=1
-Notes:
- also needs http://marc.info/?l=linux-input&m=137772181214612&w=1
-Bugs:
-upstream: released (3.12-rc2) [0fb6bd06e06792469acc15bbe427361b56ada528, 331415ff16a12147d57d5c953f3a961b7ede348b]
-2.6.32-upstream-stable: pending (2.6.32.62)
-sid: released (3.11.5-1)
-3.2-wheezy-security: released (3.2.53-1)
-2.6.32-squeeze-security: released (2.6.32-48squeeze5) [bugfix/all/hid-helper-to-validate-hid-reports.patch, bugfix/all/hid-lg-validate-hid-output-report-details.patch]
-3.2-upstream-stable: released (3.2.52)
Deleted: active/CVE-2013-6380
===================================================================
--- active/CVE-2013-6380 2014-04-28 06:19:05 UTC (rev 3327)
+++ active/CVE-2013-6380 2014-04-28 06:21:32 UTC (rev 3328)
@@ -1,10 +0,0 @@
-Description: aacraid: prevent invalid pointer dereference
-References:
-Notes:
-Bugs:
-upstream: released (3.13-rc1) [b4789b8e6be3151a955ade74872822f30e8cd914]
-2.6.32-upstream-stable: pending (2.6.32.62)
-sid: released (3.11.10-1)
-3.2-wheezy-security: released (3.2.53-1) [bugfix/all/aacraid-prevent-invalid-pointer-dereference.patch]
-2.6.32-squeeze-security: released (2.6.32-48squeeze5) [bugfix/all/CVE-2013-6380.patch]
-3.2-upstream-stable: released (3.2.54)
Copied: retired/CVE-2013-2147 (from rev 3327, active/CVE-2013-2147)
===================================================================
--- retired/CVE-2013-2147 (rev 0)
+++ retired/CVE-2013-2147 2014-04-28 06:21:32 UTC (rev 3328)
@@ -0,0 +1,12 @@
+Description: info leaks in cpqarray and cciss
+References:
+ https://lkml.org/lkml/2013/6/3/131
+ https://lkml.org/lkml/2013/6/3/127
+Notes:
+Bugs:
+upstream: released (3.12-rc3)[627aad1c01da6f881e7f98d71fd928ca0c316b1a, 58f09e00ae095e46ef9edfcf3a5fd9ccdfad065e]
+2.6.32-upstream-stable: pending (2.6.32.62)
+sid: released (3.11.5-1)
+3.2-wheezy-security: released (3.2.53-1)
+2.6.32-squeeze-security: released (2.6.32-48squeeze5) [bugfix/all/cciss-fix-info-leak.patch, bugfix/all/cpqarray-fix-info-leak.patch]
+3.2-upstream-stable: released (3.2.52)
Property changes on: retired/CVE-2013-2147
___________________________________________________________________
Added: svn:mergeinfo
+
Copied: retired/CVE-2013-2889 (from rev 3327, active/CVE-2013-2889)
===================================================================
--- retired/CVE-2013-2889 (rev 0)
+++ retired/CVE-2013-2889 2014-04-28 06:21:32 UTC (rev 3328)
@@ -0,0 +1,12 @@
+Description: zeroplus local DoS through zeroing out too much
+References:
+ http://marc.info/?l=linux-input&m=137772182014614&w=1
+Notes:
+ also needs http://marc.info/?l=linux-input&m=137772181214612&w=1
+Bugs:
+upstream: released (3.12-rc2) [78214e81a1bf43740ce89bb5efda78eac2f8ef83, 331415ff16a12147d57d5c953f3a961b7ede348b]
+2.6.32-upstream-stable: pending (2.6.32.62)
+sid: released (3.11.5-1)
+3.2-wheezy-security: released (3.2.53-1)
+2.6.32-squeeze-security: released (2.6.32-48squeeze5) [bugfix/all/hid-zeroplus-validate-output.patch]
+3.2-upstream-stable: released (3.2.52)
Property changes on: retired/CVE-2013-2889
___________________________________________________________________
Added: svn:mergeinfo
+
Copied: retired/CVE-2013-2893 (from rev 3327, active/CVE-2013-2893)
===================================================================
--- retired/CVE-2013-2893 (rev 0)
+++ retired/CVE-2013-2893 2014-04-28 06:21:32 UTC (rev 3328)
@@ -0,0 +1,12 @@
+Description: Logitech local DoS through zeroing out too much
+References:
+ http://marc.info/?l=linux-input&m=137772186714627&w=1
+Notes:
+ also needs http://marc.info/?l=linux-input&m=137772181214612&w=1
+Bugs:
+upstream: released (3.12-rc2) [0fb6bd06e06792469acc15bbe427361b56ada528, 331415ff16a12147d57d5c953f3a961b7ede348b]
+2.6.32-upstream-stable: pending (2.6.32.62)
+sid: released (3.11.5-1)
+3.2-wheezy-security: released (3.2.53-1)
+2.6.32-squeeze-security: released (2.6.32-48squeeze5) [bugfix/all/hid-helper-to-validate-hid-reports.patch, bugfix/all/hid-lg-validate-hid-output-report-details.patch]
+3.2-upstream-stable: released (3.2.52)
Property changes on: retired/CVE-2013-2893
___________________________________________________________________
Added: svn:mergeinfo
+
Copied: retired/CVE-2013-6380 (from rev 3327, active/CVE-2013-6380)
===================================================================
--- retired/CVE-2013-6380 (rev 0)
+++ retired/CVE-2013-6380 2014-04-28 06:21:32 UTC (rev 3328)
@@ -0,0 +1,10 @@
+Description: aacraid: prevent invalid pointer dereference
+References:
+Notes:
+Bugs:
+upstream: released (3.13-rc1) [b4789b8e6be3151a955ade74872822f30e8cd914]
+2.6.32-upstream-stable: pending (2.6.32.62)
+sid: released (3.11.10-1)
+3.2-wheezy-security: released (3.2.53-1) [bugfix/all/aacraid-prevent-invalid-pointer-dereference.patch]
+2.6.32-squeeze-security: released (2.6.32-48squeeze5) [bugfix/all/CVE-2013-6380.patch]
+3.2-upstream-stable: released (3.2.54)
Property changes on: retired/CVE-2013-6380
___________________________________________________________________
Added: svn:mergeinfo
+
More information about the kernel-sec-discuss
mailing list