[kernel-sec-discuss] r3437 - active retired

Moritz Muehlenhoff jmm at moszumanska.debian.org
Mon Jul 14 05:44:52 UTC 2014 

Author: jmm
Date: 2014-07-14 05:44:52 +0000 (Mon, 14 Jul 2014)
New Revision: 3437

Added:
   retired/CVE-2014-0131
   retired/CVE-2014-4027
Removed:
   active/CVE-2014-0131
   active/CVE-2014-4027
Log:
retire


Deleted: active/CVE-2014-0131
===================================================================
--- active/CVE-2014-0131	2014-07-14 05:43:09 UTC (rev 3436)
+++ active/CVE-2014-0131	2014-07-14 05:44:52 UTC (rev 3437)
@@ -1,11 +0,0 @@
-Description: net: use-after-free during segmentation with zerocopy
-References:
- http://marc.info/?l=linux-netdev&m=139446896921968&w=2
-Notes:
-Bugs:
-upstream: released (3.14-rc7) [8cb19905e9287a93ce7c2cbbdf742a060b00e219, 4e1beba12d094c6c761ba5c49032b9b9e46380e8, df5771ffefb13f8af5392bd54fd7e2b596a3a357, 1a4cedaf65491e66e1e55b8428c89209da729209, 1fd819ecb90cc9b822cd84d3056ddba315d3340f]
-2.6.32-upstream-stable: N/A "zerocopy introduced in 3.1"
-sid: released (3.13.6-1) [bugfix/all/net-use-kfree_skb_list-helper.patch, bugfix/all/0001-skbuff-skb_segment-s-frag-nskb_frag.patch, bugfix/all/0002-skbuff-skb_segment-s-skb_frag-frag.patch, bugfix/all/0003-skbuff-skb_segment-s-skb-head_skb.patch, bugfix/all/0004-skbuff-skb_segment-s-fskb-list_skb.patch, bugfix/all/0005-skbuff-skb_segment-orphan-frags-before-copying.patch]
-3.2-wheezy-security: released (3.2.57-1) [bugfix/all/skbuff-skb_segment-orphan-frags-before-copying.patch]
-2.6.32-squeeze-security: N/A "zerocopy introduced in 3.1"
-3.2-upstream-stable: released (3.2.61) [skbuff-add-an-api-to-orphan-frags.patch, skbuff-export-skb_copy_ubufs.patch, skbuff-skb_segment-orphan-frags-before-copying.patch]

Deleted: active/CVE-2014-4027
===================================================================
--- active/CVE-2014-4027	2014-07-14 05:43:09 UTC (rev 3436)
+++ active/CVE-2014-4027	2014-07-14 05:44:52 UTC (rev 3437)
@@ -1,12 +0,0 @@
-Description: information leak in target/rd
-References:
-Notes:
- jmm> Reduced patch for stable: http://permalink.gmane.org/gmane.linux.scsi.target.devel/6618
-Bugs:
-upstream: released (3.14) [4442dc8a92b8f9ad8ee9e7f8438f4c04c03a22dc]
-2.6.32-upstream-stable: N/A "Introduced in 2.6.38"
-sid: released (3.14.2-1)
-3.2-wheezy-security: released (3.2.60-1) [bugfix/all/target-explicitly-clear-ramdisk_mcp-backend-pages.patch]
-2.6.32-squeeze-security: N/A "Introduced in 2.6.38"
-3.2-upstream-stable: released (3.2.61) [target-explicitly-clear-ramdisk_mcp-backend-pages.patch]
-

Copied: retired/CVE-2014-0131 (from rev 3436, active/CVE-2014-0131)
===================================================================
--- retired/CVE-2014-0131	                        (rev 0)
+++ retired/CVE-2014-0131	2014-07-14 05:44:52 UTC (rev 3437)
@@ -0,0 +1,11 @@
+Description: net: use-after-free during segmentation with zerocopy
+References:
+ http://marc.info/?l=linux-netdev&m=139446896921968&w=2
+Notes:
+Bugs:
+upstream: released (3.14-rc7) [8cb19905e9287a93ce7c2cbbdf742a060b00e219, 4e1beba12d094c6c761ba5c49032b9b9e46380e8, df5771ffefb13f8af5392bd54fd7e2b596a3a357, 1a4cedaf65491e66e1e55b8428c89209da729209, 1fd819ecb90cc9b822cd84d3056ddba315d3340f]
+2.6.32-upstream-stable: N/A "zerocopy introduced in 3.1"
+sid: released (3.13.6-1) [bugfix/all/net-use-kfree_skb_list-helper.patch, bugfix/all/0001-skbuff-skb_segment-s-frag-nskb_frag.patch, bugfix/all/0002-skbuff-skb_segment-s-skb_frag-frag.patch, bugfix/all/0003-skbuff-skb_segment-s-skb-head_skb.patch, bugfix/all/0004-skbuff-skb_segment-s-fskb-list_skb.patch, bugfix/all/0005-skbuff-skb_segment-orphan-frags-before-copying.patch]
+3.2-wheezy-security: released (3.2.57-1) [bugfix/all/skbuff-skb_segment-orphan-frags-before-copying.patch]
+2.6.32-squeeze-security: N/A "zerocopy introduced in 3.1"
+3.2-upstream-stable: released (3.2.61) [skbuff-add-an-api-to-orphan-frags.patch, skbuff-export-skb_copy_ubufs.patch, skbuff-skb_segment-orphan-frags-before-copying.patch]

Copied: retired/CVE-2014-4027 (from rev 3436, active/CVE-2014-4027)
===================================================================
--- retired/CVE-2014-4027	                        (rev 0)
+++ retired/CVE-2014-4027	2014-07-14 05:44:52 UTC (rev 3437)
@@ -0,0 +1,12 @@
+Description: information leak in target/rd
+References:
+Notes:
+ jmm> Reduced patch for stable: http://permalink.gmane.org/gmane.linux.scsi.target.devel/6618
+Bugs:
+upstream: released (3.14) [4442dc8a92b8f9ad8ee9e7f8438f4c04c03a22dc]
+2.6.32-upstream-stable: N/A "Introduced in 2.6.38"
+sid: released (3.14.2-1)
+3.2-wheezy-security: released (3.2.60-1) [bugfix/all/target-explicitly-clear-ramdisk_mcp-backend-pages.patch]
+2.6.32-squeeze-security: N/A "Introduced in 2.6.38"
+3.2-upstream-stable: released (3.2.61) [target-explicitly-clear-ramdisk_mcp-backend-pages.patch]
+


Property changes on: retired/CVE-2014-4027
___________________________________________________________________
Added: svn:mergeinfo
   +

More information about the kernel-sec-discuss mailing list