[kernel-sec-discuss] r3620 - active
Ben Hutchings
benh at moszumanska.debian.org
Mon Dec 22 02:57:25 UTC 2014
Author: benh
Date: 2014-12-22 02:57:25 +0000 (Mon, 22 Dec 2014)
New Revision: 3620
Modified:
active/CVE-2014-6410
active/CVE-2014-7841
active/CVE-2014-7842
active/CVE-2014-8133
active/CVE-2014-8134
active/CVE-2014-8559
active/CVE-2014-8884
Log:
Mark issues pending for 3.2.66
Modified: active/CVE-2014-6410
===================================================================
--- active/CVE-2014-6410 2014-12-21 18:47:37 UTC (rev 3619)
+++ active/CVE-2014-6410 2014-12-22 02:57:25 UTC (rev 3620)
@@ -8,4 +8,4 @@
3.2-wheezy-security: released (3.2.63-1) [bugfix/all/udf-Avoid-infinite-loop-when-processing-indirect-ICB.patch]
2.6.32-squeeze-security: released (2.6.32-48squeeze10)
3.16-upstream-stable: released (3.16.5)
-3.2-upstream-stable: needed
+3.2-upstream-stable: pending (3.2.66) [udf-avoid-infinite-loop-when-processing-indirect-icbs.patch]
Modified: active/CVE-2014-7841
===================================================================
--- active/CVE-2014-7841 2014-12-21 18:47:37 UTC (rev 3619)
+++ active/CVE-2014-7841 2014-12-22 02:57:25 UTC (rev 3620)
@@ -8,4 +8,4 @@
3.2-wheezy-security: released (3.2.63-2+deb7u2) [bugfix/all/net-sctp-fix-NULL-pointer-dereference-in-af-from_add.patch]
2.6.32-squeeze-security: released (2.6.32-48squeeze10)
3.16-upstream-stable: released (3.16.7-ckt2)
-3.2-upstream-stable: needed
+3.2-upstream-stable: pending (3.2.66) [net-sctp-fix-null-pointer-dereference-in-af-from_addr_param-on.patch]
Modified: active/CVE-2014-7842
===================================================================
--- active/CVE-2014-7842 2014-12-21 18:47:37 UTC (rev 3619)
+++ active/CVE-2014-7842 2014-12-22 02:57:25 UTC (rev 3620)
@@ -10,4 +10,4 @@
3.2-wheezy-security: needed
2.6.32-squeeze-security: ignored "KVM not supported in squeeze LTS"
3.16-upstream-stable: released (3.16.7-ckt2)
-3.2-upstream-stable: needed
+3.2-upstream-stable: pending (3.2.66) [kvm-x86-don-t-report-guest-userspace-emulation-error-to-userspace.patch]
Modified: active/CVE-2014-8133
===================================================================
--- active/CVE-2014-8133 2014-12-21 18:47:37 UTC (rev 3619)
+++ active/CVE-2014-8133 2014-12-22 02:57:25 UTC (rev 3620)
@@ -8,4 +8,4 @@
3.2-wheezy-security: needed
2.6.32-squeeze-security: needed
3.16-upstream-stable: needed
-3.2-upstream-stable: needed
+3.2-upstream-stable: pending (3.2.66) [x86-tls-validate-tls-entries-to-protect-espfix.patch]
Modified: active/CVE-2014-8134
===================================================================
--- active/CVE-2014-8134 2014-12-21 18:47:37 UTC (rev 3619)
+++ active/CVE-2014-8134 2014-12-22 02:57:25 UTC (rev 3620)
@@ -5,10 +5,10 @@
Notes:
This is for KVM guests, not KVM itself, so it does apply to squeeze-lts.
Bugs:
-upstream: needed
+upstream: released (3.19-rc1) [29fa6825463c97e5157284db80107d1bfac5d77b]
2.6.32-upstream-stable: needed
sid: needed
3.2-wheezy-security: needed
2.6.32-squeeze-security: needed
3.16-upstream-stable: needed
-3.2-upstream-stable: needed
+3.2-upstream-stable: pending (3.2.66) [x86-kvm-clear-paravirt_enabled-on-kvm-guests-for-espfix32-s-benefit.patch]
Modified: active/CVE-2014-8559
===================================================================
--- active/CVE-2014-8559 2014-12-21 18:47:37 UTC (rev 3619)
+++ active/CVE-2014-8559 2014-12-22 02:57:25 UTC (rev 3620)
@@ -11,10 +11,10 @@
by "fs: dcache avoid starvation in dcache multi-step operations", i.e.
commit 58db63d08679 in 2.6.38-rc1.
Bugs:
-upstream: released (3.19-rc1) [ca5358ef75fc69fee5322a38a340f5739d997c10, 946e51f2bf37f1656916eb75bd0742ba33983c28]
+upstream: released (3.19-rc1) [946e51f2bf37f1656916eb75bd0742ba33983c28, ca5358ef75fc69fee5322a38a340f5739d997c10]
2.6.32-upstream-stable: N/A
sid: needed
3.2-wheezy-security: needed
2.6.32-squeeze-security: N/A
3.16-upstream-stable: needed
-3.2-upstream-stable: needed
+3.2-upstream-stable: pending (3.2.66) [move-d_rcu-from-overlapping-d_child-to-overlapping-d_alias.patch, deal-with-deadlock-in-d_walk.patch]
Modified: active/CVE-2014-8884
===================================================================
--- active/CVE-2014-8884 2014-12-21 18:47:37 UTC (rev 3619)
+++ active/CVE-2014-8884 2014-12-22 02:57:25 UTC (rev 3620)
@@ -9,4 +9,4 @@
3.2-wheezy-security: released (3.2.63-2+deb7u2) [bugfix/all/media-ttusb-dec-buffer-overflow-in-ioctl.patch]
2.6.32-squeeze-security: needed
3.16-upstream-stable: released (3.16.7-ckt2)
-3.2-upstream-stable: needed
+3.2-upstream-stable: pending (3.2.66) [ttusb-dec-buffer-overflow-in-ioctl.patch]
More information about the kernel-sec-discuss
mailing list