[kernel-sec-discuss] r3375 - active
Ben Hutchings
benh at moszumanska.debian.org
Thu Jun 5 12:51:35 UTC 2014
Author: benh
Date: 2014-06-05 12:51:35 +0000 (Thu, 05 Jun 2014)
New Revision: 3375
Modified:
active/CVE-2014-3144
active/CVE-2014-3145
Log:
CVE-2014-3145 is fixed in 3.14.4-1 whereas the related CVE-2014-3144 is not
Modified: active/CVE-2014-3144
===================================================================
--- active/CVE-2014-3144 2014-06-05 07:55:14 UTC (rev 3374)
+++ active/CVE-2014-3144 2014-06-05 12:51:35 UTC (rev 3375)
@@ -2,10 +2,13 @@
References:
http://www.openwall.com/lists/oss-security/2014/05/09/5
Notes:
+ Thought to be fixed in 3.14.4-1 by patch
+ bugfix/all/filter-prevent-nla-extensions-to-peek-beyond-the-end.patch,
+ but two hunks are applied in the same place so the bug is only half-fixed.
Bugs:
upstream: released (v3.15-rc2) [05ab8f2647e4221cbdb3856dd7d32bd5407316b3]
2.6.32-upstream-stable: needed
-sid: released (3.14.4-1) [bugfix/all/filter-prevent-nla-extensions-to-peek-beyond-the-end.patch]
+sid: pending (3.14.5-1)
3.2-wheezy-security: needed
2.6.32-squeeze-security: needed
3.2-upstream-stable: needed
Modified: active/CVE-2014-3145
===================================================================
--- active/CVE-2014-3145 2014-06-05 07:55:14 UTC (rev 3374)
+++ active/CVE-2014-3145 2014-06-05 12:51:35 UTC (rev 3375)
@@ -2,13 +2,10 @@
References:
http://www.openwall.com/lists/oss-security/2014/05/09/5
Notes:
- Thought to be fixed in 3.14.4-1 by patch
- bugfix/all/filter-prevent-nla-extensions-to-peek-beyond-the-end.patch,
- but two hunks are applied in the same place so the bug is only half-fixed.
Bugs:
upstream: released (v3.15-rc2) [05ab8f2647e4221cbdb3856dd7d32bd5407316b3]
2.6.32-upstream-stable: needed
-sid: pending (3.14.5-1)
+sid: released (3.14.4-1) [bugfix/all/filter-prevent-nla-extensions-to-peek-beyond-the-end.patch]
3.2-wheezy-security: needed
2.6.32-squeeze-security: needed
3.2-upstream-stable: needed
More information about the kernel-sec-discuss
mailing list