[kernel-sec-discuss] r3337 - active retired
Moritz Muehlenhoff
jmm at moszumanska.debian.org
Fri May 2 07:15:17 UTC 2014
Author: jmm
Date: 2014-05-02 07:15:17 +0000 (Fri, 02 May 2014)
New Revision: 3337
Added:
retired/CVE-2014-0055
retired/CVE-2014-0077
retired/CVE-2014-1446
retired/CVE-2014-1874
retired/CVE-2014-2039
retired/CVE-2014-2309
retired/CVE-2014-2523
Removed:
active/CVE-2014-0055
active/CVE-2014-0077
active/CVE-2014-1446
active/CVE-2014-1874
active/CVE-2014-2039
active/CVE-2014-2309
active/CVE-2014-2523
Log:
retire
Deleted: active/CVE-2014-0055
===================================================================
--- active/CVE-2014-0055 2014-05-02 07:13:47 UTC (rev 3336)
+++ active/CVE-2014-0055 2014-05-02 07:15:17 UTC (rev 3337)
@@ -1,12 +0,0 @@
-Description: vhost-net: insufficient handling of error conditions in get_rx_bufs()
-References:
- https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2014-0055
- http://rhn.redhat.com/errata/RHSA-2014-0328.html
-Notes:
-Bugs:
-upstream: released (3.14) [a39ee449f96a2cd44ce056d8a0a112211a9b1a1f]
-2.6.32-upstream-stable: N/A "vhost_net introduced in 2.6.33"
-sid: released (3.13.10-1) [bugfix/all/vhost-validate-vhost_get_vq_desc-return-value.patch]
-3.2-wheezy-security: released (3.2.57-1) [bugfix/all/vhost-validate-vhost_get_vq_desc-return-value.patch]
-2.6.32-squeeze-security: N/A "vhost_net introduced in 2.6.33"
-3.2-upstream-stable: released (3.2.58) [vhost-validate-vhost_get_vq_desc-return-value.patch]
Deleted: active/CVE-2014-0077
===================================================================
--- active/CVE-2014-0077 2014-05-02 07:13:47 UTC (rev 3336)
+++ active/CVE-2014-0077 2014-05-02 07:15:17 UTC (rev 3337)
@@ -1,11 +0,0 @@
-Description: vhost-net: insufficiency in handling of big packets in handle_rx()
-References:
- http://article.gmane.org/gmane.linux.network/311012
-Notes:
-Bugs:
-upstream: released (3.14) [d8316f3991d207fe32881a9ac20241be8fa2bad0]
-2.6.32-upstream-stable: N/A "vhost_net introduced in 2.6.33"
-sid: released (3.13.10-1) [bugfix/all/vhost-fix-total-length-when-packets-are-too-short.patch]
-3.2-wheezy-security: released (3.2.57-1) [bugfix/all/vhost-fix-total-length-when-packets-are-too-short.patch]
-2.6.32-squeeze-security: N/A "vhost_net introduced in 2.6.33"
-3.2-upstream-stable: released (3.2.58) [vhost-fix-total-length-when-packets-are-too-short.patch]
Deleted: active/CVE-2014-1446
===================================================================
--- active/CVE-2014-1446 2014-05-02 07:13:47 UTC (rev 3336)
+++ active/CVE-2014-1446 2014-05-02 07:15:17 UTC (rev 3337)
@@ -1,10 +0,0 @@
-Description: hamradio/yam: fix info leak in ioctl
-References:
-Notes:
-Bugs:
-upstream: released (3.13-rc7) [8e3fbf870481eb53b2d3a322d1fc395ad8b367ed]
-2.6.32-upstream-stable: pending
-sid: released (3.12.8-1)
-3.2-wheezy-security: released (3.2.54-1) [bugfix/all/hamradio-yam-fix-info-leak-in-ioctl.patch]
-2.6.32-squeeze-security: released (2.6.32-48squeeze5) [bugfix/all/hamradio-yam-fix-info-leak-in-ioctl.patch]
-3.2-upstream-stable: released (3.2.55)
Deleted: active/CVE-2014-1874
===================================================================
--- active/CVE-2014-1874 2014-05-02 07:13:47 UTC (rev 3336)
+++ active/CVE-2014-1874 2014-05-02 07:15:17 UTC (rev 3337)
@@ -1,12 +0,0 @@
-Description: SeLinux local DoS
-References:
- http://marc.info/?l=selinux&m=139110025203759&w=2
-Notes:
- Only triggerable with CAP_MAC_ADMIN
-Bugs:
-upstream: released (3.14-rc2) [2172fa709ab32ca60e86179dc67d0857be8e2c98]
-2.6.32-upstream-stable: pending
-sid: released (3.13.4-1)
-3.2-wheezy-security: released (3.2.56-1)
-2.6.32-squeeze-security: released (2.6.32-48squeeze5) [bugfix/all/SELinux-Fix-kernel-BUG-on-empty-security-contexts.patch]
-3.2-upstream-stable: released (3.2.56)
Deleted: active/CVE-2014-2039
===================================================================
--- active/CVE-2014-2039 2014-05-02 07:13:47 UTC (rev 3336)
+++ active/CVE-2014-2039 2014-05-02 07:15:17 UTC (rev 3337)
@@ -1,10 +0,0 @@
-Description: s390: fix kernel crash due to linkage stack instructions
-References:
-Notes:
-Bugs:
-upstream: released (3.14-rc2) [8d7f6690cedb83456edd41c9bd583783f0703bf0]
-2.6.32-upstream-stable: pending
-sid: released (3.13.5-1)
-3.2-wheezy-security: released (3.2.57-1)
-2.6.32-squeeze-security: released (2.6.32-48squeeze5) [bugfix/s390/fix-kernel-crash-due-to-linkage-stack-instructi.patch]
-3.2-upstream-stable: released (3.2.57) [s390-fix-kernel-crash-due-to-linkage-stack-instructions.patch]
Deleted: active/CVE-2014-2309
===================================================================
--- active/CVE-2014-2309 2014-05-02 07:13:47 UTC (rev 3336)
+++ active/CVE-2014-2309 2014-05-02 07:15:17 UTC (rev 3337)
@@ -1,11 +0,0 @@
-Description: ipv6: don't set DST_NOCOUNT for remotely added routes
-References:
- https://git.kernel.org/cgit/linux/kernel/git/davem/net.git/commit/?id=c88507fbad8055297c1d1e21e599f46960cbee39
-Notes:
-Bugs:
-upstream: released (3.14-rc4) [c88507fbad8055297c1d1e21e599f46960cbee39]
-2.6.32-upstream-stable: N/A "Introduced in 3.0 with 957c665f37007de93ccbe45902a23143724170d0"
-sid: released (3.13.6-1) [bugfix/all/ipv6-don-t-set-DST_NOCOUNT-for-remotely-added-routes.patch]
-3.2-wheezy-security: released (3.2.57-1) [bugfix/all/ipv6-don-t-set-dst_nocount-for-remotely-added-routes.patch]
-2.6.32-squeeze-security: N/A "Introduced in 3.0 with 957c665f37007de93ccbe45902a23143724170d0"
-3.2-upstream-stable: released (3.2.58) [ipv6-don-t-set-dst_nocount-for-remotely-added-routes.patch]
Deleted: active/CVE-2014-2523
===================================================================
--- active/CVE-2014-2523 2014-05-02 07:13:47 UTC (rev 3336)
+++ active/CVE-2014-2523 2014-05-02 07:15:17 UTC (rev 3337)
@@ -1,10 +0,0 @@
-Description: netfilter: remote memory corruption in nf_conntrack_proto_dccp
-References:
-Notes:
-Bugs:
-upstream: released (3.14-rc1) [b22f5126a24b3b2f15448c3f2a254fc10cbc2b92]
-2.6.32-upstream-stable: pending
-sid: released (3.13.10-1)
-3.2-wheezy-security: released (3.2.57-1)
-2.6.32-squeeze-security: released (2.6.32-48squeeze5) [bugfix/all/netfilter-nf_conntrack_dccp-fix-skb_header_pointer-A.patch]
-3.2-upstream-stable: released (3.2.57) [netfilter-nf_conntrack_dccp-fix-skb_header_pointer-api-usages.patch]
Copied: retired/CVE-2014-0055 (from rev 3335, active/CVE-2014-0055)
===================================================================
--- retired/CVE-2014-0055 (rev 0)
+++ retired/CVE-2014-0055 2014-05-02 07:15:17 UTC (rev 3337)
@@ -0,0 +1,12 @@
+Description: vhost-net: insufficient handling of error conditions in get_rx_bufs()
+References:
+ https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2014-0055
+ http://rhn.redhat.com/errata/RHSA-2014-0328.html
+Notes:
+Bugs:
+upstream: released (3.14) [a39ee449f96a2cd44ce056d8a0a112211a9b1a1f]
+2.6.32-upstream-stable: N/A "vhost_net introduced in 2.6.33"
+sid: released (3.13.10-1) [bugfix/all/vhost-validate-vhost_get_vq_desc-return-value.patch]
+3.2-wheezy-security: released (3.2.57-1) [bugfix/all/vhost-validate-vhost_get_vq_desc-return-value.patch]
+2.6.32-squeeze-security: N/A "vhost_net introduced in 2.6.33"
+3.2-upstream-stable: released (3.2.58) [vhost-validate-vhost_get_vq_desc-return-value.patch]
Property changes on: retired/CVE-2014-0055
___________________________________________________________________
Added: svn:mergeinfo
+
Copied: retired/CVE-2014-0077 (from rev 3335, active/CVE-2014-0077)
===================================================================
--- retired/CVE-2014-0077 (rev 0)
+++ retired/CVE-2014-0077 2014-05-02 07:15:17 UTC (rev 3337)
@@ -0,0 +1,11 @@
+Description: vhost-net: insufficiency in handling of big packets in handle_rx()
+References:
+ http://article.gmane.org/gmane.linux.network/311012
+Notes:
+Bugs:
+upstream: released (3.14) [d8316f3991d207fe32881a9ac20241be8fa2bad0]
+2.6.32-upstream-stable: N/A "vhost_net introduced in 2.6.33"
+sid: released (3.13.10-1) [bugfix/all/vhost-fix-total-length-when-packets-are-too-short.patch]
+3.2-wheezy-security: released (3.2.57-1) [bugfix/all/vhost-fix-total-length-when-packets-are-too-short.patch]
+2.6.32-squeeze-security: N/A "vhost_net introduced in 2.6.33"
+3.2-upstream-stable: released (3.2.58) [vhost-fix-total-length-when-packets-are-too-short.patch]
Property changes on: retired/CVE-2014-0077
___________________________________________________________________
Added: svn:mergeinfo
+
Copied: retired/CVE-2014-1446 (from rev 3336, active/CVE-2014-1446)
===================================================================
--- retired/CVE-2014-1446 (rev 0)
+++ retired/CVE-2014-1446 2014-05-02 07:15:17 UTC (rev 3337)
@@ -0,0 +1,10 @@
+Description: hamradio/yam: fix info leak in ioctl
+References:
+Notes:
+Bugs:
+upstream: released (3.13-rc7) [8e3fbf870481eb53b2d3a322d1fc395ad8b367ed]
+2.6.32-upstream-stable: pending
+sid: released (3.12.8-1)
+3.2-wheezy-security: released (3.2.54-1) [bugfix/all/hamradio-yam-fix-info-leak-in-ioctl.patch]
+2.6.32-squeeze-security: released (2.6.32-48squeeze5) [bugfix/all/hamradio-yam-fix-info-leak-in-ioctl.patch]
+3.2-upstream-stable: released (3.2.55)
Property changes on: retired/CVE-2014-1446
___________________________________________________________________
Added: svn:mergeinfo
+
Copied: retired/CVE-2014-1874 (from rev 3336, active/CVE-2014-1874)
===================================================================
--- retired/CVE-2014-1874 (rev 0)
+++ retired/CVE-2014-1874 2014-05-02 07:15:17 UTC (rev 3337)
@@ -0,0 +1,12 @@
+Description: SeLinux local DoS
+References:
+ http://marc.info/?l=selinux&m=139110025203759&w=2
+Notes:
+ Only triggerable with CAP_MAC_ADMIN
+Bugs:
+upstream: released (3.14-rc2) [2172fa709ab32ca60e86179dc67d0857be8e2c98]
+2.6.32-upstream-stable: pending
+sid: released (3.13.4-1)
+3.2-wheezy-security: released (3.2.56-1)
+2.6.32-squeeze-security: released (2.6.32-48squeeze5) [bugfix/all/SELinux-Fix-kernel-BUG-on-empty-security-contexts.patch]
+3.2-upstream-stable: released (3.2.56)
Property changes on: retired/CVE-2014-1874
___________________________________________________________________
Added: svn:mergeinfo
+
Copied: retired/CVE-2014-2039 (from rev 3336, active/CVE-2014-2039)
===================================================================
--- retired/CVE-2014-2039 (rev 0)
+++ retired/CVE-2014-2039 2014-05-02 07:15:17 UTC (rev 3337)
@@ -0,0 +1,10 @@
+Description: s390: fix kernel crash due to linkage stack instructions
+References:
+Notes:
+Bugs:
+upstream: released (3.14-rc2) [8d7f6690cedb83456edd41c9bd583783f0703bf0]
+2.6.32-upstream-stable: pending
+sid: released (3.13.5-1)
+3.2-wheezy-security: released (3.2.57-1)
+2.6.32-squeeze-security: released (2.6.32-48squeeze5) [bugfix/s390/fix-kernel-crash-due-to-linkage-stack-instructi.patch]
+3.2-upstream-stable: released (3.2.57) [s390-fix-kernel-crash-due-to-linkage-stack-instructions.patch]
Property changes on: retired/CVE-2014-2039
___________________________________________________________________
Added: svn:mergeinfo
+
Copied: retired/CVE-2014-2309 (from rev 3335, active/CVE-2014-2309)
===================================================================
--- retired/CVE-2014-2309 (rev 0)
+++ retired/CVE-2014-2309 2014-05-02 07:15:17 UTC (rev 3337)
@@ -0,0 +1,11 @@
+Description: ipv6: don't set DST_NOCOUNT for remotely added routes
+References:
+ https://git.kernel.org/cgit/linux/kernel/git/davem/net.git/commit/?id=c88507fbad8055297c1d1e21e599f46960cbee39
+Notes:
+Bugs:
+upstream: released (3.14-rc4) [c88507fbad8055297c1d1e21e599f46960cbee39]
+2.6.32-upstream-stable: N/A "Introduced in 3.0 with 957c665f37007de93ccbe45902a23143724170d0"
+sid: released (3.13.6-1) [bugfix/all/ipv6-don-t-set-DST_NOCOUNT-for-remotely-added-routes.patch]
+3.2-wheezy-security: released (3.2.57-1) [bugfix/all/ipv6-don-t-set-dst_nocount-for-remotely-added-routes.patch]
+2.6.32-squeeze-security: N/A "Introduced in 3.0 with 957c665f37007de93ccbe45902a23143724170d0"
+3.2-upstream-stable: released (3.2.58) [ipv6-don-t-set-dst_nocount-for-remotely-added-routes.patch]
Property changes on: retired/CVE-2014-2309
___________________________________________________________________
Added: svn:mergeinfo
+
Copied: retired/CVE-2014-2523 (from rev 3336, active/CVE-2014-2523)
===================================================================
--- retired/CVE-2014-2523 (rev 0)
+++ retired/CVE-2014-2523 2014-05-02 07:15:17 UTC (rev 3337)
@@ -0,0 +1,10 @@
+Description: netfilter: remote memory corruption in nf_conntrack_proto_dccp
+References:
+Notes:
+Bugs:
+upstream: released (3.14-rc1) [b22f5126a24b3b2f15448c3f2a254fc10cbc2b92]
+2.6.32-upstream-stable: pending
+sid: released (3.13.10-1)
+3.2-wheezy-security: released (3.2.57-1)
+2.6.32-squeeze-security: released (2.6.32-48squeeze5) [bugfix/all/netfilter-nf_conntrack_dccp-fix-skb_header_pointer-A.patch]
+3.2-upstream-stable: released (3.2.57) [netfilter-nf_conntrack_dccp-fix-skb_header_pointer-api-usages.patch]
Property changes on: retired/CVE-2014-2523
___________________________________________________________________
Added: svn:mergeinfo
+
More information about the kernel-sec-discuss
mailing list