[kernel-sec-discuss] r3525 - active
Ben Hutchings
benh at moszumanska.debian.org
Fri Oct 31 16:39:49 UTC 2014
Author: benh
Date: 2014-10-31 16:39:49 +0000 (Fri, 31 Oct 2014)
New Revision: 3525
Modified:
active/CVE-2014-3610
active/CVE-2014-3611
active/CVE-2014-3645
active/CVE-2014-3646
active/CVE-2014-3647
active/CVE-2014-3673
active/CVE-2014-3687
active/CVE-2014-3688
active/CVE-2014-3690
active/CVE-2014-7970
active/CVE-2014-7975
Log:
Update issues fixed in 3.2.63-2+deb7u1 and 3.16.7, and pending in 3.16.7-1
Modified: active/CVE-2014-3610
===================================================================
--- active/CVE-2014-3610 2014-10-29 21:26:34 UTC (rev 3524)
+++ active/CVE-2014-3610 2014-10-31 16:39:49 UTC (rev 3525)
@@ -4,8 +4,8 @@
Bugs:
upstream: released (3.18-rc2) [854e8bb1aa06c578c2c9145fa6bfe3680ef63b23, 8b3c3104c3f4f706e99365c3e0d2aa61b95f969f]
2.6.32-upstream-stable:
-sid:
-3.2-wheezy-security:
+sid: pending (3.16.7-1) [bugfix/x86/KVM-x86-Check-non-canonical-addresses-upon-WRMSR.patch, bugfix/x86/KVM-x86-Prevent-host-from-panicking-on-shared-MSR-wr.patch]
+3.2-wheezy-security: released (3.2.63-2+deb7u1) [bugfix/x86/KVM-x86-Check-non-canonical-addresses-upon-WRMSR.patch]
2.6.32-squeeze-security:
3.16-upstream-stable:
3.2-upstream-stable:
Modified: active/CVE-2014-3611
===================================================================
--- active/CVE-2014-3611 2014-10-29 21:26:34 UTC (rev 3524)
+++ active/CVE-2014-3611 2014-10-31 16:39:49 UTC (rev 3525)
@@ -4,8 +4,8 @@
Bugs:
upstream: released (3.18-rc2) [2febc839133280d5a5e8e1179c94ea674489dae2]
2.6.32-upstream-stable:
-sid:
-3.2-wheezy-security:
+sid: pending (3.16.7-1) [bugfix/x86/KVM-x86-Improve-thread-safety-in-pit.patch]
+3.2-wheezy-security: released (3.2.63-2+deb7u1) [bugfix/x86/KVM-x86-Improve-thread-safety-in-pit.patch]
2.6.32-squeeze-security:
3.16-upstream-stable:
3.2-upstream-stable:
Modified: active/CVE-2014-3645
===================================================================
--- active/CVE-2014-3645 2014-10-29 21:26:34 UTC (rev 3524)
+++ active/CVE-2014-3645 2014-10-31 16:39:49 UTC (rev 3525)
@@ -4,8 +4,8 @@
Bugs:
upstream: released (3.12) [bfd0a56b90005f8c8a004baf407ad90045c2b11e]
2.6.32-upstream-stable:
-sid:
-3.2-wheezy-security:
+sid: N/A
+3.2-wheezy-security: released (3.2.63-2+deb7u1) [bugfix/x86/nEPT-Nested-INVEPT.patch]
2.6.32-squeeze-security:
3.16-upstream-stable: N/A
3.2-upstream-stable:
Modified: active/CVE-2014-3646
===================================================================
--- active/CVE-2014-3646 2014-10-29 21:26:34 UTC (rev 3524)
+++ active/CVE-2014-3646 2014-10-31 16:39:49 UTC (rev 3525)
@@ -4,8 +4,8 @@
Bugs:
upstream: released (3.18-rc2) [a642fc305053cc1c6e47e4f4df327895747ab485]
2.6.32-upstream-stable:
-sid:
-3.2-wheezy-security:
+sid: pending (3.16.7-1) [bugfix/x86/kvm-vmx-handle-invvpid-vm-exit-gracefully.patch]
+3.2-wheezy-security: released (3.2.63-2+deb7u1) [bugfix/x86/kvm-vmx-handle-invvpid-vm-exit-gracefully.patch]
2.6.32-squeeze-security:
3.16-upstream-stable:
3.2-upstream-stable:
Modified: active/CVE-2014-3647
===================================================================
--- active/CVE-2014-3647 2014-10-29 21:26:34 UTC (rev 3524)
+++ active/CVE-2014-3647 2014-10-31 16:39:49 UTC (rev 3525)
@@ -4,8 +4,8 @@
Bugs:
upstream: released (3.18-rc2) [234f3ce485d54017f15cf5e0699cff4100121601, d1442d85cc30ea75f7d399474ca738e0bc96f715]
2.6.32-upstream-stable:
-sid:
-3.2-wheezy-security:
+sid: pending (3.16.7-1) [bugfix/x86/KVM-x86-Fix-wrong-masking-on-relative-jump-call.patch, bugfix/x86/KVM-x86-Emulator-fixes-for-eip-canonical-checks-on-n.patch, bugfix/x86/KVM-x86-Handle-errors-when-RIP-is-set-during-far-jum.patch]
+3.2-wheezy-security: released (3.2.63-2+deb7u1) [bugfix/x86/KVM-x86-emulator-Use-opcode-execute-for-CALL.patch, bugfix/x86/KVM-x86-Fix-wrong-masking-on-relative-jump-call.patch, bugfix/x86/KVM-x86-Emulator-fixes-for-eip-canonical-checks-on-n.patch, bugfix/x86/KVM-x86-use-new-CS.RPL-as-CPL-during-task-switch.patch, bugfix/x86/KVM-x86-Handle-errors-when-RIP-is-set-during-far-jum.patch]
2.6.32-squeeze-security:
3.16-upstream-stable:
3.2-upstream-stable:
Modified: active/CVE-2014-3673
===================================================================
--- active/CVE-2014-3673 2014-10-29 21:26:34 UTC (rev 3524)
+++ active/CVE-2014-3673 2014-10-31 16:39:49 UTC (rev 3525)
@@ -4,8 +4,8 @@
Bugs:
upstream: released (v3.18-rc1) [9de7922bc709eee2f609cd01d98aaedc4cf5ea74]
2.6.32-upstream-stable:
-sid:
-3.2-wheezy-security:
+sid: pending (3.16.7-1) [bugfix/all/net-sctp-fix-skb_over_panic-when-receiving-malformed.patch]
+3.2-wheezy-security: released (3.2.63-2+deb7u1) [bugfix/all/net-sctp-fix-skb_over_panic-when-receiving-malformed.patch]
2.6.32-squeeze-security:
3.16-upstream-stable:
3.2-upstream-stable:
Modified: active/CVE-2014-3687
===================================================================
--- active/CVE-2014-3687 2014-10-29 21:26:34 UTC (rev 3524)
+++ active/CVE-2014-3687 2014-10-31 16:39:49 UTC (rev 3525)
@@ -4,8 +4,8 @@
Bugs:
upstream: released (3.18-rc1) [b69040d8e39f20d5215a03502a8e8b4c6ab78395]
2.6.32-upstream-stable:
-sid:
-3.2-wheezy-security:
+sid: pending (3.16.7-1) [bugfix/all/net-sctp-fix-panic-on-duplicate-ASCONF-chunks.patch]
+3.2-wheezy-security: released (3.2.63-2+deb7u1) [debian/patches/bugfix/all/net-sctp-fix-panic-on-duplicate-ASCONF-chunks.patch]
2.6.32-squeeze-security:
3.16-upstream-stable:
3.2-upstream-stable:
Modified: active/CVE-2014-3688
===================================================================
--- active/CVE-2014-3688 2014-10-29 21:26:34 UTC (rev 3524)
+++ active/CVE-2014-3688 2014-10-31 16:39:49 UTC (rev 3525)
@@ -4,8 +4,8 @@
Bugs:
upstream: released (3.18-rc1) [26b87c7881006311828bb0ab271a551a62dcceb4]
2.6.32-upstream-stable:
-sid:
-3.2-wheezy-security:
+sid: pending (3.16.7-1) [bugfix/all/net-sctp-fix-remote-memory-pressure-from-excessive-q.patch]
+3.2-wheezy-security: released (3.2.63-2+deb7u1) [bugfix/all/net-sctp-fix-remote-memory-pressure-from-excessive-q.patch]
2.6.32-squeeze-security:
3.16-upstream-stable:
3.2-upstream-stable:
Modified: active/CVE-2014-3690
===================================================================
--- active/CVE-2014-3690 2014-10-29 21:26:34 UTC (rev 3524)
+++ active/CVE-2014-3690 2014-10-31 16:39:49 UTC (rev 3525)
@@ -5,8 +5,8 @@
Bugs:
upstream: released (3.18-rc1) [d974baa398f34393db76be45f7d4d04fbdbb4a0a]
2.6.32-upstream-stable:
-sid:
-3.2-wheezy-security:
+sid: pending (3.16.7-1)
+3.2-wheezy-security: released (3.2.63-2+deb7u1) [bugfix/x86/x86-kvm-vmx-Preserve-CR4-across-VM-entry.patch]
2.6.32-squeeze-security:
-3.16-upstream-stable:
+3.16-upstream-stable: released (3.16.7)
3.2-upstream-stable:
Modified: active/CVE-2014-7970
===================================================================
--- active/CVE-2014-7970 2014-10-29 21:26:34 UTC (rev 3524)
+++ active/CVE-2014-7970 2014-10-31 16:39:49 UTC (rev 3525)
@@ -5,7 +5,7 @@
Bugs:
upstream: released (3.18-rc1) [0d0826019e529f21c84687521d03f60cd241ca7d]
2.6.32-upstream-stable: N/A "User namespaces not usable"
-sid: needed
+sid: pending (3.16.7-1) [bugfix/all/mnt-Prevent-pivot_root-from-creating-a-loop-in-the-m.patch]
3.2-wheezy-security: N/A "User namespaces not usable"
2.6.32-squeeze-security: N/A "User namespaces not usable"
3.16-upstream-stable: needed
Modified: active/CVE-2014-7975
===================================================================
--- active/CVE-2014-7975 2014-10-29 21:26:34 UTC (rev 3524)
+++ active/CVE-2014-7975 2014-10-31 16:39:49 UTC (rev 3525)
@@ -3,10 +3,10 @@
http://thread.gmane.org/gmane.linux.kernel.stable/109312
Notes:
Bugs:
-upstream: released (3.18-rc1) [0ef3a56b1c466629cd0bf482b09c7b0e5a085bb5]
+upstream: released (3.18-rc1) [a1480dcc3c706e309a88884723446f2e84fedd5b]
2.6.32-upstream-stable: N/A "User namespaces not usable"
-sid: needed
+sid: pending (3.16.7-1)
3.2-wheezy-security: N/A "User namespaces not usable"
2.6.32-squeeze-security: N/A "User namespaces not usable"
-3.16-upstream-stable: needed
+3.16-upstream-stable: released (3.16.7)
3.2-upstream-stable: N/A "User namespaces not usable"
More information about the kernel-sec-discuss
mailing list