[kernel-sec-discuss] r3620 - active

Ben Hutchings benh at moszumanska.debian.org
Mon Dec 22 02:57:25 UTC 2014 

Author: benh
Date: 2014-12-22 02:57:25 +0000 (Mon, 22 Dec 2014)
New Revision: 3620

Modified:
   active/CVE-2014-6410
   active/CVE-2014-7841
   active/CVE-2014-7842
   active/CVE-2014-8133
   active/CVE-2014-8134
   active/CVE-2014-8559
   active/CVE-2014-8884
Log:
Mark issues pending for 3.2.66

Modified: active/CVE-2014-6410
===================================================================
--- active/CVE-2014-6410	2014-12-21 18:47:37 UTC (rev 3619)
+++ active/CVE-2014-6410	2014-12-22 02:57:25 UTC (rev 3620)
@@ -8,4 +8,4 @@
 3.2-wheezy-security: released (3.2.63-1) [bugfix/all/udf-Avoid-infinite-loop-when-processing-indirect-ICB.patch]
 2.6.32-squeeze-security: released (2.6.32-48squeeze10)
 3.16-upstream-stable: released (3.16.5)
-3.2-upstream-stable: needed
+3.2-upstream-stable: pending (3.2.66) [udf-avoid-infinite-loop-when-processing-indirect-icbs.patch]

Modified: active/CVE-2014-7841
===================================================================
--- active/CVE-2014-7841	2014-12-21 18:47:37 UTC (rev 3619)
+++ active/CVE-2014-7841	2014-12-22 02:57:25 UTC (rev 3620)
@@ -8,4 +8,4 @@
 3.2-wheezy-security: released (3.2.63-2+deb7u2) [bugfix/all/net-sctp-fix-NULL-pointer-dereference-in-af-from_add.patch]
 2.6.32-squeeze-security: released (2.6.32-48squeeze10)
 3.16-upstream-stable: released (3.16.7-ckt2)
-3.2-upstream-stable: needed
+3.2-upstream-stable: pending (3.2.66) [net-sctp-fix-null-pointer-dereference-in-af-from_addr_param-on.patch]

Modified: active/CVE-2014-7842
===================================================================
--- active/CVE-2014-7842	2014-12-21 18:47:37 UTC (rev 3619)
+++ active/CVE-2014-7842	2014-12-22 02:57:25 UTC (rev 3620)
@@ -10,4 +10,4 @@
 3.2-wheezy-security: needed
 2.6.32-squeeze-security: ignored "KVM not supported in squeeze LTS"
 3.16-upstream-stable: released (3.16.7-ckt2)
-3.2-upstream-stable: needed
+3.2-upstream-stable: pending (3.2.66) [kvm-x86-don-t-report-guest-userspace-emulation-error-to-userspace.patch]

Modified: active/CVE-2014-8133
===================================================================
--- active/CVE-2014-8133	2014-12-21 18:47:37 UTC (rev 3619)
+++ active/CVE-2014-8133	2014-12-22 02:57:25 UTC (rev 3620)
@@ -8,4 +8,4 @@
 3.2-wheezy-security: needed
 2.6.32-squeeze-security: needed
 3.16-upstream-stable: needed
-3.2-upstream-stable: needed
+3.2-upstream-stable: pending (3.2.66) [x86-tls-validate-tls-entries-to-protect-espfix.patch]

Modified: active/CVE-2014-8134
===================================================================
--- active/CVE-2014-8134	2014-12-21 18:47:37 UTC (rev 3619)
+++ active/CVE-2014-8134	2014-12-22 02:57:25 UTC (rev 3620)
@@ -5,10 +5,10 @@
 Notes:
  This is for KVM guests, not KVM itself, so it does apply to squeeze-lts.
 Bugs:
-upstream: needed
+upstream: released (3.19-rc1) [29fa6825463c97e5157284db80107d1bfac5d77b]
 2.6.32-upstream-stable: needed
 sid: needed
 3.2-wheezy-security: needed
 2.6.32-squeeze-security: needed
 3.16-upstream-stable: needed
-3.2-upstream-stable: needed
+3.2-upstream-stable: pending (3.2.66) [x86-kvm-clear-paravirt_enabled-on-kvm-guests-for-espfix32-s-benefit.patch]

Modified: active/CVE-2014-8559
===================================================================
--- active/CVE-2014-8559	2014-12-21 18:47:37 UTC (rev 3619)
+++ active/CVE-2014-8559	2014-12-22 02:57:25 UTC (rev 3620)
@@ -11,10 +11,10 @@
  by "fs: dcache avoid starvation in dcache multi-step operations", i.e.
  commit 58db63d08679 in 2.6.38-rc1.
 Bugs:
-upstream: released (3.19-rc1) [ca5358ef75fc69fee5322a38a340f5739d997c10, 946e51f2bf37f1656916eb75bd0742ba33983c28]
+upstream: released (3.19-rc1) [946e51f2bf37f1656916eb75bd0742ba33983c28, ca5358ef75fc69fee5322a38a340f5739d997c10]
 2.6.32-upstream-stable: N/A
 sid: needed
 3.2-wheezy-security: needed
 2.6.32-squeeze-security: N/A
 3.16-upstream-stable: needed
-3.2-upstream-stable: needed
+3.2-upstream-stable: pending (3.2.66) [move-d_rcu-from-overlapping-d_child-to-overlapping-d_alias.patch, deal-with-deadlock-in-d_walk.patch]

Modified: active/CVE-2014-8884
===================================================================
--- active/CVE-2014-8884	2014-12-21 18:47:37 UTC (rev 3619)
+++ active/CVE-2014-8884	2014-12-22 02:57:25 UTC (rev 3620)
@@ -9,4 +9,4 @@
 3.2-wheezy-security: released (3.2.63-2+deb7u2) [bugfix/all/media-ttusb-dec-buffer-overflow-in-ioctl.patch]
 2.6.32-squeeze-security: needed
 3.16-upstream-stable: released (3.16.7-ckt2)
-3.2-upstream-stable: needed
+3.2-upstream-stable: pending (3.2.66) [ttusb-dec-buffer-overflow-in-ioctl.patch]

More information about the kernel-sec-discuss mailing list