[kernel-sec-discuss] r3475 - active

Ben Hutchings benh at moszumanska.debian.org
Sun Sep 7 23:03:12 UTC 2014 

Author: benh
Date: 2014-09-07 23:03:12 +0000 (Sun, 07 Sep 2014)
New Revision: 3475

Modified:
   active/CVE-2014-3601
   active/CVE-2014-5206
   active/CVE-2014-5207
   active/CVE-2014-5471
   active/CVE-2014-5472
Log:
Update issues that are pending in sid

Modified: active/CVE-2014-3601
===================================================================
--- active/CVE-2014-3601	2014-08-27 06:03:39 UTC (rev 3474)
+++ active/CVE-2014-3601	2014-09-07 23:03:12 UTC (rev 3475)
@@ -3,9 +3,9 @@
  https://git.kernel.org/cgit/virt/kvm/kvm.git/commit/?id=350b8bdd689cd2ab2c67c8a86a0be86cfa0751a7
 Notes:
 Bugs:
-upstream: needed
+upstream: released (3.17-rc2) [350b8bdd689cd2ab2c67c8a86a0be86cfa0751a7]
 2.6.32-upstream-stable:
-sid: needed
+sid: pending (3.16.2-1)
 3.2-wheezy-security:
 2.6.32-squeeze-security:
 3.2-upstream-stable:

Modified: active/CVE-2014-5206
===================================================================
--- active/CVE-2014-5206	2014-08-27 06:03:39 UTC (rev 3474)
+++ active/CVE-2014-5206	2014-09-07 23:03:12 UTC (rev 3475)
@@ -1,12 +1,12 @@
 Description: ro bind mount bypass using user namespaces
 References:
- https://git.kernel.org/cgit/linux/kernel/git/ebiederm/user-namespace.git/commit/?h=for-linus&id=db181ce011e3c03332+8608299cd6fac06ea50130
+ https://git.kernel.org/cgit/linux/kernel/git/ebiederm/user-namespace.git/commit/?h=for-linus&id=db181ce011e3c033328608299cd6fac06ea50130
  http://www.openwall.com/lists/oss-security/2014/08/12/6
 Notes:
 Bugs:
-upstream: needed
+upstream: released (3.17-rc1) [a6138db815df5ee542d848318e5dae681590fccd, 07b645589dcda8b7a5249e096fece2a67556f0f4, 9566d6742852c527bf5af38af5cbb878dad75705, ffbc6f0ead47fa5a1dc9642b0331cb75c20a640e, db181ce011e3c033328608299cd6fac06ea50130]
 2.6.32-upstream-stable: N/A "User namespaces not usable"
-sid: needed
+sid: pending (3.16.2-1) [bugfix/all/mnt-Only-change-user-settable-mount-flags-in-remount.patch, bugfix/all/mnt-Move-the-test-for-MNT_LOCK_READONLY-from-change_.patch, bugfix/all/mnt-Correct-permission-checks-in-do_remount.patch, bugfix/all/mnt-Change-the-default-remount-atime-from-relatime-t.patch, bugfix/all/mnt-Add-tests-for-unprivileged-remount-cases-that-ha.patch]
 3.2-wheezy-security: N/A "User namespaces not usable"
 2.6.32-squeeze-security: N/A "User namespaces not usable"
 3.2-upstream-stable: N/A "User namespaces not usable"

Modified: active/CVE-2014-5207
===================================================================
--- active/CVE-2014-5207	2014-08-27 06:03:39 UTC (rev 3474)
+++ active/CVE-2014-5207	2014-09-07 23:03:12 UTC (rev 3475)
@@ -1,12 +1,12 @@
 Description: ro bind mount bypass using user namespaces
 References:
- https://git.kernel.org/cgit/linux/kernel/git/ebiederm/user-namespace.git/commit/?h=for-linus&id=9566d6742852c527bf+5af38af5cbb878dad75705
+ https://git.kernel.org/cgit/linux/kernel/git/ebiederm/user-namespace.git/commit/?h=for-linus&id=9566d6742852c527bf5af38af5cbb878dad75705
  http://www.openwall.com/lists/oss-security/2014/08/12/6
 Notes:
 Bugs:
-upstream: needed
+upstream: released (3.17-rc1) [a6138db815df5ee542d848318e5dae681590fccd, 07b645589dcda8b7a5249e096fece2a67556f0f4, 9566d6742852c527bf5af38af5cbb878dad75705, ffbc6f0ead47fa5a1dc9642b0331cb75c20a640e, db181ce011e3c033328608299cd6fac06ea50130]
 2.6.32-upstream-stable: N/A "User namespaces not usable"
-sid: needed
+sid: pending (3.16.2-1) [bugfix/all/mnt-Only-change-user-settable-mount-flags-in-remount.patch, bugfix/all/mnt-Move-the-test-for-MNT_LOCK_READONLY-from-change_.patch, bugfix/all/mnt-Correct-permission-checks-in-do_remount.patch, bugfix/all/mnt-Change-the-default-remount-atime-from-relatime-t.patch, bugfix/all/mnt-Add-tests-for-unprivileged-remount-cases-that-ha.patch]
 3.2-wheezy-security: N/A "User namespaces not usable"
 2.6.32-squeeze-security: N/A "User namespaces not usable"
 3.2-upstream-stable: N/A "User namespaces not usable"

Modified: active/CVE-2014-5471
===================================================================
--- active/CVE-2014-5471	2014-08-27 06:03:39 UTC (rev 3474)
+++ active/CVE-2014-5471	2014-09-07 23:03:12 UTC (rev 3475)
@@ -4,7 +4,7 @@
 Bugs:
 upstream: released (v3.17-rc2) [410dd3cf4c9b36f27ed4542ee18b1af5e68645a4]
 2.6.32-upstream-stable:
-sid:
+sid: pending (3.16.2-1)
 3.2-wheezy-security:
 2.6.32-squeeze-security:
 3.2-upstream-stable:

Modified: active/CVE-2014-5472
===================================================================
--- active/CVE-2014-5472	2014-08-27 06:03:39 UTC (rev 3474)
+++ active/CVE-2014-5472	2014-09-07 23:03:12 UTC (rev 3475)
@@ -4,7 +4,7 @@
 Bugs:
 upstream: released (v3.17-rc2) [410dd3cf4c9b36f27ed4542ee18b1af5e68645a4]
 2.6.32-upstream-stable:
-sid:
+sid: pending (3.16.2-1)
 3.2-wheezy-security:
 2.6.32-squeeze-security:
 3.2-upstream-stable:

More information about the kernel-sec-discuss mailing list