[kernel-sec-discuss] r3433 - active

Ben Hutchings benh at moszumanska.debian.org
Tue Jul 8 19:09:10 UTC 2014 

Author: benh
Date: 2014-07-08 19:09:10 +0000 (Tue, 08 Jul 2014)
New Revision: 3433

Modified:
   active/CVE-2014-0131
   active/CVE-2014-3917
   active/CVE-2014-3940
   active/CVE-2014-4027
   active/CVE-2014-4157
   active/CVE-2014-4508
   active/CVE-2014-4608
   active/CVE-2014-4652
   active/CVE-2014-4653
   active/CVE-2014-4654
   active/CVE-2014-4655
   active/CVE-2014-4656
   active/CVE-2014-4667
   active/CVE-2014-4699
Log:
Update for 3.2.61-rc1

Modified: active/CVE-2014-0131
===================================================================
--- active/CVE-2014-0131	2014-07-08 17:37:29 UTC (rev 3432)
+++ active/CVE-2014-0131	2014-07-08 19:09:10 UTC (rev 3433)
@@ -8,4 +8,4 @@
 sid: released (3.13.6-1) [bugfix/all/net-use-kfree_skb_list-helper.patch, bugfix/all/0001-skbuff-skb_segment-s-frag-nskb_frag.patch, bugfix/all/0002-skbuff-skb_segment-s-skb_frag-frag.patch, bugfix/all/0003-skbuff-skb_segment-s-skb-head_skb.patch, bugfix/all/0004-skbuff-skb_segment-s-fskb-list_skb.patch, bugfix/all/0005-skbuff-skb_segment-orphan-frags-before-copying.patch]
 3.2-wheezy-security: released (3.2.57-1) [bugfix/all/skbuff-skb_segment-orphan-frags-before-copying.patch]
 2.6.32-squeeze-security: N/A "zerocopy introduced in 3.1"
-3.2-upstream-stable: needed
+3.2-upstream-stable: pending (3.2.61) [skbuff-add-an-api-to-orphan-frags.patch, skbuff-export-skb_copy_ubufs.patch, skbuff-skb_segment-orphan-frags-before-copying.patch]

Modified: active/CVE-2014-3917
===================================================================
--- active/CVE-2014-3917	2014-07-08 17:37:29 UTC (rev 3432)
+++ active/CVE-2014-3917	2014-07-08 19:09:10 UTC (rev 3433)
@@ -8,4 +8,4 @@
 sid: released (3.14.7-1) [bugfix/all/auditsc-audit_krule-mask-accesses-need-bounds-checki.patch]
 3.2-wheezy-security: released (3.2.60-1) [bugfix/all/auditsc-audit_krule-mask-accesses-need-bounds-checki.patch]
 2.6.32-squeeze-security: pending (2.6.32-48squeeze8)
-3.2-upstream-stable:
+3.2-upstream-stable: pending (3.2.61) [auditsc-audit_krule-mask-accesses-need-bounds-checking.patch]

Modified: active/CVE-2014-3940
===================================================================
--- active/CVE-2014-3940	2014-07-08 17:37:29 UTC (rev 3432)
+++ active/CVE-2014-3940	2014-07-08 19:09:10 UTC (rev 3433)
@@ -12,4 +12,4 @@
 sid: released (3.14.7-1)
 3.2-wheezy-security: released (3.2.60-1) [bugfix/all/mm-add-pte_present-check-on-existing-hugetlb_entry-c.patch]
 2.6.32-squeeze-security: N/A "Only needed for 3.12 and later"
-3.2-upstream-stable: needed
+3.2-upstream-stable: N/A "Only needed for 3.12 and later"

Modified: active/CVE-2014-4027
===================================================================
--- active/CVE-2014-4027	2014-07-08 17:37:29 UTC (rev 3432)
+++ active/CVE-2014-4027	2014-07-08 19:09:10 UTC (rev 3433)
@@ -8,4 +8,5 @@
 sid: released (3.14.2-1)
 3.2-wheezy-security: released (3.2.60-1) [bugfix/all/target-explicitly-clear-ramdisk_mcp-backend-pages.patch]
 2.6.32-squeeze-security: N/A "Introduced in 2.6.38"
-3.2-upstream-stable: needed
+3.2-upstream-stable: pending (3.2.61) [target-explicitly-clear-ramdisk_mcp-backend-pages.patch]
+

Modified: active/CVE-2014-4157
===================================================================
--- active/CVE-2014-4157	2014-07-08 17:37:29 UTC (rev 3432)
+++ active/CVE-2014-4157	2014-07-08 19:09:10 UTC (rev 3433)
@@ -8,4 +8,4 @@
 sid: released (3.14.7-1) [bugfix/mips/MIPS-asm-thread_info-Add-_TIF_SECCOMP-flag.patch]
 3.2-wheezy-security: released (3.2.60-1) [bugfix/mips/MIPS-Cleanup-flags-in-syscall-flags-handlers.patch, bugfix/mips/MIPS-asm-thread_info-Add-_TIF_SECCOMP-flag.patch]
 2.6.32-squeeze-security: N/A "LTS only covers x86"
-3.2-upstream-stable: needed
+3.2-upstream-stable: pending (3.2.61) [mips-cleanup-flags-in-syscall-flags-handlers.patch, mips-asm-thread_info-add-_tif_seccomp-flag.patch]

Modified: active/CVE-2014-4508
===================================================================
--- active/CVE-2014-4508	2014-07-08 17:37:29 UTC (rev 3432)
+++ active/CVE-2014-4508	2014-07-08 19:09:10 UTC (rev 3433)
@@ -8,4 +8,4 @@
 sid: released (3.14.9-1) [bugfix/x86/x86_32-entry-Do-syscall-exit-work-on-badsys-CVE-2014.patch]
 3.2-wheezy-security: released (3.2.60-1) [bugfix/x86/x86_32-entry-Do-syscall-exit-work-on-badsys-CVE-2014.patch]
 2.6.32-squeeze-security:
-3.2-upstream-stable:
+3.2-upstream-stable: pending (3.2.61) [x86_32-entry-do-syscall-exit-work-on-badsys-cve-2014-4508.patch]

Modified: active/CVE-2014-4608
===================================================================
--- active/CVE-2014-4608	2014-07-08 17:37:29 UTC (rev 3432)
+++ active/CVE-2014-4608	2014-07-08 19:09:10 UTC (rev 3433)
@@ -8,4 +8,4 @@
 sid: released (3.14.9-1)
 3.2-wheezy-security:
 2.6.32-squeeze-security:
-3.2-upstream-stable:
+3.2-upstream-stable: pending (3.2.61) [lib-lzo-rename-lzo1x_decompress.c-to-lzo1x_decompress_safe.c.patch, lib-lzo-update-lzo-compression-to-current-upstream-version.patch, lzo-properly-check-for-overruns.patch]

Modified: active/CVE-2014-4652
===================================================================
--- active/CVE-2014-4652	2014-07-08 17:37:29 UTC (rev 3432)
+++ active/CVE-2014-4652	2014-07-08 19:09:10 UTC (rev 3433)
@@ -7,4 +7,4 @@
 sid: released (3.14.9-1)
 3.2-wheezy-security: released (3.2.60-1) [bugfix/all/ALSA-control-Protect-user-controls-against-concurren.patch]
 2.6.32-squeeze-security: pending (2.6.32-48squeeze8)
-3.2-upstream-stable: needed
+3.2-upstream-stable: pending (3.2.61) [alsa-control-protect-user-controls-against-concurrent-access.patch]

Modified: active/CVE-2014-4653
===================================================================
--- active/CVE-2014-4653	2014-07-08 17:37:29 UTC (rev 3432)
+++ active/CVE-2014-4653	2014-07-08 19:09:10 UTC (rev 3433)
@@ -7,4 +7,4 @@
 sid: released (3.14.9-1)
 3.2-wheezy-security: released (3.2.60-1) [bugfix/all/ALSA-control-Don-t-access-controls-outside-of-protec.patch]
 2.6.32-squeeze-security: needed
-3.2-upstream-stable: needed
+3.2-upstream-stable: pending (3.2.61) [alsa-control-don-t-access-controls-outside-of-protected-regions.patch]

Modified: active/CVE-2014-4654
===================================================================
--- active/CVE-2014-4654	2014-07-08 17:37:29 UTC (rev 3432)
+++ active/CVE-2014-4654	2014-07-08 19:09:10 UTC (rev 3433)
@@ -7,4 +7,4 @@
 sid: released (3.14.9-1)
 3.2-wheezy-security: released (3.2.60-1) [bugfix/all/ALSA-control-Fix-replacing-user-controls.patch]
 2.6.32-squeeze-security: needed
-3.2-upstream-stable: needed
+3.2-upstream-stable: pending (3.2.61) [alsa-control-fix-replacing-user-controls.patch]

Modified: active/CVE-2014-4655
===================================================================
--- active/CVE-2014-4655	2014-07-08 17:37:29 UTC (rev 3432)
+++ active/CVE-2014-4655	2014-07-08 19:09:10 UTC (rev 3433)
@@ -7,4 +7,4 @@
 sid: released (3.14.9-1)
 3.2-wheezy-security: released (3.2.60-1) [bugfix/all/ALSA-control-Fix-replacing-user-controls.patch]
 2.6.32-squeeze-security: needed
-3.2-upstream-stable: needed
+3.2-upstream-stable: pending (3.2.61) [alsa-control-fix-replacing-user-controls.patch]

Modified: active/CVE-2014-4656
===================================================================
--- active/CVE-2014-4656	2014-07-08 17:37:29 UTC (rev 3432)
+++ active/CVE-2014-4656	2014-07-08 19:09:10 UTC (rev 3433)
@@ -7,4 +7,4 @@
 sid: released (3.14.9-1)
 3.2-wheezy-security: released (3.2.60-1) [bugfix/all/ALSA-control-Make-sure-that-id-index-does-not-overfl.patch, bugfix/all/ALSA-control-Handle-numid-overflow.patch]
 2.6.32-squeeze-security: pending (2.6.32-48squeeze8)
-3.2-upstream-stable: needed
+3.2-upstream-stable: pending (3.2.61) [alsa-control-make-sure-that-id-index-does-not-overflow.patch, alsa-control-handle-numid-overflow.patch]

Modified: active/CVE-2014-4667
===================================================================
--- active/CVE-2014-4667	2014-07-08 17:37:29 UTC (rev 3432)
+++ active/CVE-2014-4667	2014-07-08 19:09:10 UTC (rev 3433)
@@ -7,4 +7,4 @@
 sid: released (3.14.9-1)
 3.2-wheezy-security:
 2.6.32-squeeze-security: pending (2.6.32-48squeeze8)
-3.2-upstream-stable:
+3.2-upstream-stable: pending (3.2.61) [sctp-fix-sk_ack_backlog-wrap-around-problem.patch]

Modified: active/CVE-2014-4699
===================================================================
--- active/CVE-2014-4699	2014-07-08 17:37:29 UTC (rev 3432)
+++ active/CVE-2014-4699	2014-07-08 19:09:10 UTC (rev 3433)
@@ -7,4 +7,4 @@
 sid: released (3.14.10-1)
 3.2-wheezy-security: released (3.2.60-1+deb7u1)
 2.6.32-squeeze-security: pending (2.6.32-48squeeze8)
-3.2-upstream-stable: needed
+3.2-upstream-stable: pending (3.2.61) [ptrace-x86-force-iret-path-after-a-ptrace_stop.patch]

More information about the kernel-sec-discuss mailing list