[kernel-sec-discuss] r3393 - retired

Moritz Muehlenhoff jmm at moszumanska.debian.org
Mon Jun 16 17:08:29 UTC 2014


Author: jmm
Date: 2014-06-16 17:08:29 +0000 (Mon, 16 Jun 2014)
New Revision: 3393

Added:
   retired/CVE-2013-6432
Removed:
   retired/CVE-2013-6432
Modified:
   retired/CVE-2013-2147
   retired/CVE-2013-2164
   retired/CVE-2013-2206
   retired/CVE-2013-2232
   retired/CVE-2013-2234
   retired/CVE-2013-2237
   retired/CVE-2013-2851
   retired/CVE-2013-2852
   retired/CVE-2013-2888
   retired/CVE-2013-2889
   retired/CVE-2013-2892
   retired/CVE-2013-2893
   retired/CVE-2013-6380
Log:
mark fixes from 2.6.32.62


Modified: retired/CVE-2013-2147
===================================================================
--- retired/CVE-2013-2147	2014-06-16 12:13:59 UTC (rev 3392)
+++ retired/CVE-2013-2147	2014-06-16 17:08:29 UTC (rev 3393)
@@ -5,7 +5,7 @@
 Notes:
 Bugs:
 upstream: released (3.12-rc3)[627aad1c01da6f881e7f98d71fd928ca0c316b1a, 58f09e00ae095e46ef9edfcf3a5fd9ccdfad065e]
-2.6.32-upstream-stable: pending (2.6.32.62)
+2.6.32-upstream-stable: released (2.6.32.62)
 sid: released (3.11.5-1)
 3.2-wheezy-security: released (3.2.53-1)
 2.6.32-squeeze-security: released (2.6.32-48squeeze5) [bugfix/all/cciss-fix-info-leak.patch, bugfix/all/cpqarray-fix-info-leak.patch]

Modified: retired/CVE-2013-2164
===================================================================
--- retired/CVE-2013-2164	2014-06-16 12:13:59 UTC (rev 3392)
+++ retired/CVE-2013-2164	2014-06-16 17:08:29 UTC (rev 3393)
@@ -5,7 +5,7 @@
 Notes:
 Bugs:
 upstream: released (3.11-rc1) [542db01579fbb7ea7d1f7bb9ddcef1559df660b2]
-2.6.32-upstream-stable: pending (2.6.32.62)
+2.6.32-upstream-stable: released (2.6.32.62)
 sid: released (3.9.8-1)
 3.2-wheezy-security: released (3.2.46-1+deb7u1) [bugfix/all/drivers-cdrom-cdrom.c-use-kzalloc-for-failing-hardwa.patch]
 2.6.32-squeeze-security: released (2.6.32-48squeeze4) [bugfix/all/cdrom-use-kzalloc-for-failing-hw.patch]

Modified: retired/CVE-2013-2206
===================================================================
--- retired/CVE-2013-2206	2014-06-16 12:13:59 UTC (rev 3392)
+++ retired/CVE-2013-2206	2014-06-16 17:08:29 UTC (rev 3393)
@@ -3,7 +3,7 @@
 Notes:
 Bugs:
 upstream: released (3.9) [f2815633504b442ca0b0605c16bf3d88a3a0fcea]
-2.6.32-upstream-stable: pending (2.6.32.62)
+2.6.32-upstream-stable: released (2.6.32.62)
 sid: released (3.9.4-1)
 3.2-wheezy-security: released (3.2.46-1
 2.6.32-squeeze-security: released (2.6.32-48squeeze4) [bugfix/all/sctp-duplicate-cookie-handling-null-pointer-deref.patch]

Modified: retired/CVE-2013-2232
===================================================================
--- retired/CVE-2013-2232	2014-06-16 12:13:59 UTC (rev 3392)
+++ retired/CVE-2013-2232	2014-06-16 17:08:29 UTC (rev 3393)
@@ -3,7 +3,7 @@
 Notes:
 Bugs:
 upstream: released (3.10) [a963a37d384d71ad43b3e9e79d68d42fbe0901f3]
-2.6.32-upstream-stable: pending (2.6.32.62)
+2.6.32-upstream-stable: released (2.6.32.62)
 sid: released (3.10.1-1)
 3.2-wheezy-security: released (3.2.46-1+deb7u1) [bugfix/all/ipv6-ip6_sk_dst_check-must-not-assume-ipv6-dst.patch]
 2.6.32-squeeze-security: released (2.6.32-48squeeze4) [bugfix/all/ipv6-ipv6_sk_dst_check_must-not-assume-ipv6-dst.patch]

Modified: retired/CVE-2013-2234
===================================================================
--- retired/CVE-2013-2234	2014-06-16 12:13:59 UTC (rev 3392)
+++ retired/CVE-2013-2234	2014-06-16 17:08:29 UTC (rev 3393)
@@ -3,7 +3,7 @@
 Notes:
 Bugs:
 upstream: released (3.10) [a5cc68f3d63306d0d288f31edfc2ae6ef8ecd887]
-2.6.32-upstream-stable: pending (2.6.32.62)
+2.6.32-upstream-stable: released (2.6.32.62)
 sid: released (3.10.1-1)
 3.2-wheezy-security: released (3.2.46-1+deb7u1) [bugfix/all/af_key-fix-info-leaks-in-notify-messages.patch]
 2.6.32-squeeze-security: released (2.6.32-48squeeze4) [bugfix/all/af_key-fix-info-leaks-in-notify-msgs.patch]

Modified: retired/CVE-2013-2237
===================================================================
--- retired/CVE-2013-2237	2014-06-16 12:13:59 UTC (rev 3392)
+++ retired/CVE-2013-2237	2014-06-16 17:08:29 UTC (rev 3393)
@@ -3,7 +3,7 @@
 Notes:
 Bugs:
 upstream: released (3.9) [85dfb745ee40232876663ae206cba35f24ab2a40]
-2.6.32-upstream-stable: pending (2.6.32.62)
+2.6.32-upstream-stable: released (2.6.32.62)
 sid: released (3.9.4-1)
 3.2-wheezy-security: released (3.2.46-1+deb7u1) [bugfix/all/af_key-initialize-satype-in-key_notify_policy_flush.patch]
 2.6.32-squeeze-security: released (2.6.32-48squeeze4) [bugfix/all/af_key-initialize-sa_type-in-key_notify_policy_flush.patch]

Modified: retired/CVE-2013-2851
===================================================================
--- retired/CVE-2013-2851	2014-06-16 12:13:59 UTC (rev 3392)
+++ retired/CVE-2013-2851	2014-06-16 17:08:29 UTC (rev 3393)
@@ -4,7 +4,7 @@
 Notes:
 Bugs:
 upstream: released (3.11-rc1) [ffc8b30866879ed9ba62bd0a86fecdbd51cd3d19]
-2.6.32-upstream-stable: pending (2.6.32.62)
+2.6.32-upstream-stable: released (2.6.32.62)
 sid: released (3.9.8-1)
 3.2-wheezy-security: released (3.2.46-1+deb7u1) [bugfix/all/block-do-not-pass-disk-names-as-format-strings.patch]
 2.6.32-squeeze-security: released (2.6.32-48squeeze4) [bugfix/all/block-do-not-pass-disknames-as-formatstrings.patch]

Modified: retired/CVE-2013-2852
===================================================================
--- retired/CVE-2013-2852	2014-06-16 12:13:59 UTC (rev 3392)
+++ retired/CVE-2013-2852	2014-06-16 17:08:29 UTC (rev 3393)
@@ -3,7 +3,7 @@
 Notes:
 Bugs:
 upstream: released (3.10-rc6) [e0e29b683d6784ef59bbc914eac85a04b650e63c]
-2.6.32-upstream-stable: pending (2.6.32.62)
+2.6.32-upstream-stable: released (2.6.32.62)
 sid: released (3.9.8-1)
 3.2-wheezy-security: released (3.2.46-1+deb7u1) [bugfix/all/b43-stop-format-string-leaking-into-error-msgs.patch]
 2.6.32-squeeze-security: released (2.6.32-48squeeze4) [bugfix/all/b43-stop-formatstring-leak.patch]

Modified: retired/CVE-2013-2888
===================================================================
--- retired/CVE-2013-2888	2014-06-16 12:13:59 UTC (rev 3392)
+++ retired/CVE-2013-2888	2014-06-16 17:08:29 UTC (rev 3393)
@@ -6,7 +6,7 @@
  http://marc.info/?t=137772196600012&r=1&w=1
 Bugs:
 upstream: released (3.12-rc1) [43622021d2e2b82ea03d883926605bdd0525e1d1, be67b68d52fa28b9b721c47bb42068f0c1214855]
-2.6.32-upstream-stable: pending (2.6.32.62)
+2.6.32-upstream-stable: released (2.6.32.62)
 sid: released (3.10.11-1)
 3.2-wheezy-security: released (3.2.51-1)
 2.6.32-squeeze-security: released (2.6.32-48squeeze4) [bugfix/all/hid-check-for-null-when-setting-values.patch, bugfix/all/hid-validate-report-id-size.patch]

Modified: retired/CVE-2013-2889
===================================================================
--- retired/CVE-2013-2889	2014-06-16 12:13:59 UTC (rev 3392)
+++ retired/CVE-2013-2889	2014-06-16 17:08:29 UTC (rev 3393)
@@ -5,7 +5,7 @@
  also needs http://marc.info/?l=linux-input&m=137772181214612&w=1
 Bugs:
 upstream: released (3.12-rc2) [78214e81a1bf43740ce89bb5efda78eac2f8ef83, 331415ff16a12147d57d5c953f3a961b7ede348b]
-2.6.32-upstream-stable: pending (2.6.32.62)
+2.6.32-upstream-stable: released (2.6.32.62)
 sid: released (3.11.5-1)
 3.2-wheezy-security: released (3.2.53-1)
 2.6.32-squeeze-security: released (2.6.32-48squeeze5) [bugfix/all/hid-zeroplus-validate-output.patch]

Modified: retired/CVE-2013-2892
===================================================================
--- retired/CVE-2013-2892	2014-06-16 12:13:59 UTC (rev 3392)
+++ retired/CVE-2013-2892	2014-06-16 17:08:29 UTC (rev 3393)
@@ -4,7 +4,7 @@
 Notes:
 Bugs:
 upstream: released (3.12-rc1) [412f30105ec6735224535791eed5cdc02888ecb4]
-2.6.32-upstream-stable: pending (2.6.32.62)
+2.6.32-upstream-stable: released (2.6.32.62)
 sid: released (3.10.11-1)
 3.2-wheezy-security: released (3.2.51-1)
 2.6.32-squeeze-security: released (2.6.32-48squeeze4) [bugfix/all/HID-pantherlord-validate-output-report-details.patch]

Modified: retired/CVE-2013-2893
===================================================================
--- retired/CVE-2013-2893	2014-06-16 12:13:59 UTC (rev 3392)
+++ retired/CVE-2013-2893	2014-06-16 17:08:29 UTC (rev 3393)
@@ -5,7 +5,7 @@
  also needs http://marc.info/?l=linux-input&m=137772181214612&w=1
 Bugs:
 upstream: released (3.12-rc2) [0fb6bd06e06792469acc15bbe427361b56ada528, 331415ff16a12147d57d5c953f3a961b7ede348b]
-2.6.32-upstream-stable: pending (2.6.32.62)
+2.6.32-upstream-stable: released (2.6.32.62)
 sid: released (3.11.5-1)
 3.2-wheezy-security: released (3.2.53-1)
 2.6.32-squeeze-security: released (2.6.32-48squeeze5) [bugfix/all/hid-helper-to-validate-hid-reports.patch, bugfix/all/hid-lg-validate-hid-output-report-details.patch]

Modified: retired/CVE-2013-6380
===================================================================
--- retired/CVE-2013-6380	2014-06-16 12:13:59 UTC (rev 3392)
+++ retired/CVE-2013-6380	2014-06-16 17:08:29 UTC (rev 3393)
@@ -3,7 +3,7 @@
 Notes:
 Bugs:
 upstream: released (3.13-rc1) [b4789b8e6be3151a955ade74872822f30e8cd914]
-2.6.32-upstream-stable: pending (2.6.32.62)
+2.6.32-upstream-stable: released (2.6.32.62)
 sid: released (3.11.10-1)
 3.2-wheezy-security: released (3.2.53-1) [bugfix/all/aacraid-prevent-invalid-pointer-dereference.patch]
 2.6.32-squeeze-security: released (2.6.32-48squeeze5) [bugfix/all/CVE-2013-6380.patch]

Deleted: retired/CVE-2013-6432
===================================================================
--- retired/CVE-2013-6432	2014-06-16 12:13:59 UTC (rev 3392)
+++ retired/CVE-2013-6432	2014-06-16 17:08:29 UTC (rev 3393)
@@ -1,10 +0,0 @@
-Description: ping: NULL pointer dereference on write to msg_name
-References:
-Notes:
-Bugs:
-upstream: released (3.13-rc3) [cf970c002d270c36202bd5b9c2804d3097a52da0]
-2.6.32-upstream-stable: N/A "Introduced in 3.11 with 6d0bfe22611602f36617bc7aa2ffa1bbb2f54c67"
-sid: released (3.12.4-1)
-3.2-wheezy-security: N/A "Introduced in 3.11 with 6d0bfe22611602f36617bc7aa2ffa1bbb2f54c67"
-2.6.32-squeeze-security: N/A "Introduced in 3.11 with 6d0bfe22611602f36617bc7aa2ffa1bbb2f54c67"
-3.2-upstream-stable: N/A "Introduced in 3.11 with 6d0bfe22611602f36617bc7aa2ffa1bbb2f54c67"

Copied: retired/CVE-2013-6432 (from rev 3191, active/CVE-2013-6432)
===================================================================
--- retired/CVE-2013-6432	                        (rev 0)
+++ retired/CVE-2013-6432	2014-06-16 17:08:29 UTC (rev 3393)
@@ -0,0 +1,10 @@
+Description: ping: NULL pointer dereference on write to msg_name
+References:
+Notes:
+Bugs:
+upstream: released (3.13-rc3) [cf970c002d270c36202bd5b9c2804d3097a52da0]
+2.6.32-upstream-stable: N/A "Introduced in 3.11 with 6d0bfe22611602f36617bc7aa2ffa1bbb2f54c67"
+sid: released (3.12.4-1)
+3.2-wheezy-security: N/A "Introduced in 3.11 with 6d0bfe22611602f36617bc7aa2ffa1bbb2f54c67"
+2.6.32-squeeze-security: N/A "Introduced in 3.11 with 6d0bfe22611602f36617bc7aa2ffa1bbb2f54c67"
+3.2-upstream-stable: N/A "Introduced in 3.11 with 6d0bfe22611602f36617bc7aa2ffa1bbb2f54c67"




More information about the kernel-sec-discuss mailing list