[kernel-sec-discuss] r3490 - active
Moritz Muehlenhoff
jmm at moszumanska.debian.org
Mon Sep 15 21:41:44 UTC 2014
Author: jmm
Date: 2014-09-15 21:41:44 +0000 (Mon, 15 Sep 2014)
New Revision: 3490
Modified:
active/CVE-2014-0205
active/CVE-2014-3535
active/CVE-2014-4171
active/CVE-2014-4508
active/CVE-2014-4608
active/CVE-2014-4653
active/CVE-2014-4654
active/CVE-2014-4655
active/CVE-2014-4943
active/CVE-2014-5045
Log:
add status for 3.16.x stable series
Modified: active/CVE-2014-0205
===================================================================
--- active/CVE-2014-0205 2014-09-15 21:33:35 UTC (rev 3489)
+++ active/CVE-2014-0205 2014-09-15 21:41:44 UTC (rev 3490)
@@ -6,5 +6,6 @@
2.6.32-upstream-stable: needed
sid: released (2.6.37-1)
3.2-wheezy-security: N/A
+3.16-upstream-stable: N/A
2.6.32-squeeze-security: needed
3.2-upstream-stable: N/A
Modified: active/CVE-2014-3535
===================================================================
--- active/CVE-2014-3535 2014-09-15 21:33:35 UTC (rev 3489)
+++ active/CVE-2014-3535 2014-09-15 21:41:44 UTC (rev 3490)
@@ -6,5 +6,6 @@
2.6.32-upstream-stable: needed
sid: released (2.6.36-1)
3.2-wheezy-security: N/A
+3.16-upstream-stable: N/A
2.6.32-squeeze-security: needed
3.2-upstream-stable: N/A
Modified: active/CVE-2014-4171
===================================================================
--- active/CVE-2014-4171 2014-09-15 21:33:35 UTC (rev 3489)
+++ active/CVE-2014-4171 2014-09-15 21:41:44 UTC (rev 3490)
@@ -10,6 +10,7 @@
2.6.32-upstream-stable: N/A "Vulnerable code introduced later"
sid: released (3.14.15-1)
3.2-wheezy-security: needed
+3.16-upstream-stable: N/A
2.6.32-squeeze-security: N/A "Vulnerable code introduced later"
3.2-upstream-stable: released (3.2.62) [shmem-fix-faulting-into-a-hole-while-it-s-punched.patch, shmem-fix-faulting-into-a-hole-not-taking-i_mutex.patch, shmem-fix-splicing-from-a-hole-while-it-s-punched.patch]
Modified: active/CVE-2014-4508
===================================================================
--- active/CVE-2014-4508 2014-09-15 21:33:35 UTC (rev 3489)
+++ active/CVE-2014-4508 2014-09-15 21:41:44 UTC (rev 3490)
@@ -7,5 +7,6 @@
2.6.32-upstream-stable:
sid: released (3.14.9-1) [bugfix/x86/x86_32-entry-Do-syscall-exit-work-on-badsys-CVE-2014.patch]
3.2-wheezy-security: released (3.2.60-1) [bugfix/x86/x86_32-entry-Do-syscall-exit-work-on-badsys-CVE-2014.patch]
+3.16-upstream-stable: N/A
2.6.32-squeeze-security:
3.2-upstream-stable: released (3.2.61) [x86_32-entry-do-syscall-exit-work-on-badsys-cve-2014-4508.patch]
Modified: active/CVE-2014-4608
===================================================================
--- active/CVE-2014-4608 2014-09-15 21:33:35 UTC (rev 3489)
+++ active/CVE-2014-4608 2014-09-15 21:41:44 UTC (rev 3490)
@@ -7,5 +7,6 @@
2.6.32-upstream-stable:
sid: released (3.14.9-1)
3.2-wheezy-security:
+3.16-upstream-stable: N/A
2.6.32-squeeze-security:
3.2-upstream-stable: released (3.2.61) [lib-lzo-rename-lzo1x_decompress.c-to-lzo1x_decompress_safe.c.patch, lib-lzo-update-lzo-compression-to-current-upstream-version.patch, lzo-properly-check-for-overruns.patch]
Modified: active/CVE-2014-4653
===================================================================
--- active/CVE-2014-4653 2014-09-15 21:33:35 UTC (rev 3489)
+++ active/CVE-2014-4653 2014-09-15 21:41:44 UTC (rev 3490)
@@ -7,4 +7,5 @@
sid: released (3.14.9-1)
3.2-wheezy-security: released (3.2.60-1) [bugfix/all/ALSA-control-Don-t-access-controls-outside-of-protec.patch]
2.6.32-squeeze-security: needed
+3.16-upstream-stable: N/A
3.2-upstream-stable: released (3.2.61) [alsa-control-don-t-access-controls-outside-of-protected-regions.patch]
Modified: active/CVE-2014-4654
===================================================================
--- active/CVE-2014-4654 2014-09-15 21:33:35 UTC (rev 3489)
+++ active/CVE-2014-4654 2014-09-15 21:41:44 UTC (rev 3490)
@@ -6,5 +6,6 @@
2.6.32-upstream-stable: needed
sid: released (3.14.9-1)
3.2-wheezy-security: released (3.2.60-1) [bugfix/all/ALSA-control-Fix-replacing-user-controls.patch]
+3.16-upstream-stable: N/A
2.6.32-squeeze-security: needed
3.2-upstream-stable: released (3.2.61) [alsa-control-fix-replacing-user-controls.patch]
Modified: active/CVE-2014-4655
===================================================================
--- active/CVE-2014-4655 2014-09-15 21:33:35 UTC (rev 3489)
+++ active/CVE-2014-4655 2014-09-15 21:41:44 UTC (rev 3490)
@@ -6,5 +6,6 @@
2.6.32-upstream-stable: needed
sid: released (3.14.9-1)
3.2-wheezy-security: released (3.2.60-1) [bugfix/all/ALSA-control-Fix-replacing-user-controls.patch]
+3.16-upstream-stable: N/A
2.6.32-squeeze-security: needed
3.2-upstream-stable: released (3.2.61) [alsa-control-fix-replacing-user-controls.patch]
Modified: active/CVE-2014-4943
===================================================================
--- active/CVE-2014-4943 2014-09-15 21:33:35 UTC (rev 3489)
+++ active/CVE-2014-4943 2014-09-15 21:41:44 UTC (rev 3490)
@@ -6,5 +6,6 @@
2.6.32-upstream-stable: needed
sid: released (3.14.13-1) [bugfix/all/net-l2tp-don-t-fall-back-on-UDP-get-set-sockopt.patch]
3.2-wheezy-security: released (3.2.60-1+deb7u3) [bugfix/all/net-l2tp-don-t-fall-back-on-UDP-get-set-sockopt.patch]
+3.16-upstream-stable: N/A
2.6.32-squeeze-security: pending (2.6.32-48squeeze9) [bugfix/all/CVE-2014-4943.patch]
3.2-upstream-stable: released (3.2.62) [net-l2tp-don-t-fall-back-on-udp-sockopt.patch]
Modified: active/CVE-2014-5045
===================================================================
--- active/CVE-2014-5045 2014-09-15 21:33:35 UTC (rev 3489)
+++ active/CVE-2014-5045 2014-09-15 21:41:44 UTC (rev 3490)
@@ -9,5 +9,6 @@
2.6.32-upstream-stable: N/A ("not reproducible")
sid: released (3.14.15-1)
3.2-wheezy-security: N/A ("not reproducible")
+3.16-upstream-stable: N/A
2.6.32-squeeze-security: N/A ("not reproducible")
3.2-upstream-stable: N/A ("not reproducible")
More information about the kernel-sec-discuss
mailing list