[kernel-sec-discuss] r3372 - active
Ben Hutchings
benh at moszumanska.debian.org
Wed Jun 4 21:18:26 UTC 2014
Author: benh
Date: 2014-06-04 21:18:26 +0000 (Wed, 04 Jun 2014)
New Revision: 3372
Modified:
active/CVE-2014-3145
Log:
CVE-2014-3145 was only half-fixed in 3.14.4-1
Modified: active/CVE-2014-3145
===================================================================
--- active/CVE-2014-3145 2014-06-04 14:34:05 UTC (rev 3371)
+++ active/CVE-2014-3145 2014-06-04 21:18:26 UTC (rev 3372)
@@ -2,10 +2,13 @@
References:
http://www.openwall.com/lists/oss-security/2014/05/09/5
Notes:
+ Thought to be fixed in 3.14.4-1 by patch
+ bugfix/all/filter-prevent-nla-extensions-to-peek-beyond-the-end.patch,
+ but two hunks are applied in the same place so the bug is only half-fixed.
Bugs:
upstream: released (v3.15-rc2) [05ab8f2647e4221cbdb3856dd7d32bd5407316b3]
2.6.32-upstream-stable: needed
-sid: released (3.14.4-1) [bugfix/all/filter-prevent-nla-extensions-to-peek-beyond-the-end.patch]
+sid: pending (3.14.5-1)
3.2-wheezy-security: needed
2.6.32-squeeze-security: needed
3.2-upstream-stable: needed
More information about the kernel-sec-discuss
mailing list