[kernel-sec-discuss] r3494 - active
Ben Hutchings
benh at moszumanska.debian.org
Wed Sep 17 21:39:47 UTC 2014
Author: benh
Date: 2014-09-17 21:39:46 +0000 (Wed, 17 Sep 2014)
New Revision: 3494
Modified:
active/CVE-2014-3181
active/CVE-2014-3182
active/CVE-2014-3183
active/CVE-2014-3184
active/CVE-2014-3185
active/CVE-2014-3186
active/CVE-2014-3601
active/CVE-2014-4171
active/CVE-2014-4608
active/CVE-2014-5077
active/CVE-2014-5471
active/CVE-2014-5472
active/CVE-2014-6416
active/CVE-2014-6417
active/CVE-2014-6418
Log:
Mark issues fixed/pending in 3.2.63, 3.16.2, 3.16.3 and corresponding Debian versions
Modified: active/CVE-2014-3181
===================================================================
--- active/CVE-2014-3181 2014-09-16 12:00:57 UTC (rev 3493)
+++ active/CVE-2014-3181 2014-09-17 21:39:46 UTC (rev 3494)
@@ -6,7 +6,7 @@
upstream: released (3.17-rc3) [c54def7bd64d7c0b6993336abcffb8444795bf38]
2.6.32-upstream-stable: N/A "Vulnerable code not present"
sid: needed
-3.2-wheezy-security:
+3.2-wheezy-security: pending (3.2.63-1)
2.6.32-squeeze-security: N/A "Vulnerable code not present"
3.16-upstream-stable: needed
-3.2-upstream-stable:
+3.2-upstream-stable: released (3.2.63)
Modified: active/CVE-2014-3182
===================================================================
--- active/CVE-2014-3182 2014-09-16 12:00:57 UTC (rev 3493)
+++ active/CVE-2014-3182 2014-09-17 21:39:46 UTC (rev 3494)
@@ -5,8 +5,8 @@
Bugs:
upstream: released (3.17-rc2) [ad3e14d7c5268c2e24477c6ef54bbdf88add5d36]
2.6.32-upstream-stable:
-sid: needed
-3.2-wheezy-security:
+sid: released (3.16.2-2)
+3.2-wheezy-security: pending (3.2.63-1)
2.6.32-squeeze-security:
-3.16-upstream-stable: needed
-3.2-upstream-stable:
+3.16-upstream-stable: released (3.16.2)
+3.2-upstream-stable: released (3.2.63)
Modified: active/CVE-2014-3183
===================================================================
--- active/CVE-2014-3183 2014-09-16 12:00:57 UTC (rev 3493)
+++ active/CVE-2014-3183 2014-09-17 21:39:46 UTC (rev 3494)
@@ -5,8 +5,8 @@
Bugs:
upstream: released (3.17-rc2) [6817ae225cd650fb1c3295d769298c38b1eba818]
2.6.32-upstream-stable:
-sid: needed
-3.2-wheezy-security:
+sid: released (3.16.2-2)
+3.2-wheezy-security: pending (3.2.63-1)
2.6.32-squeeze-security:
-3.16-upstream-stable: needed
-3.2-upstream-stable:
+3.16-upstream-stable: released (3.16.2)
+3.2-upstream-stable: released (3.2.63)
Modified: active/CVE-2014-3184
===================================================================
--- active/CVE-2014-3184 2014-09-16 12:00:57 UTC (rev 3493)
+++ active/CVE-2014-3184 2014-09-17 21:39:46 UTC (rev 3494)
@@ -5,8 +5,8 @@
Bugs:
upstream: released (3.17-rc2) [6817ae225cd650fb1c3295d769298c38b1eba818]
2.6.32-upstream-stable:
-sid: needed
-3.2-wheezy-security:
+sid: released (3.16.2-2)
+3.2-wheezy-security: pending (3.2.63-1)
2.6.32-squeeze-security:
-3.16-upstream-stable: needed
-3.2-upstream-stable:
+3.16-upstream-stable: released (3.16.2)
+3.2-upstream-stable: released (3.2.63)
Modified: active/CVE-2014-3185
===================================================================
--- active/CVE-2014-3185 2014-09-16 12:00:57 UTC (rev 3493)
+++ active/CVE-2014-3185 2014-09-17 21:39:46 UTC (rev 3494)
@@ -5,8 +5,8 @@
Bugs:
upstream: released (3.17-rc3) [6817ae225cd650fb1c3295d769298c38b1eba818]
2.6.32-upstream-stable:
-sid: needed
-3.2-wheezy-security:
+sid: released (3.16.2-2)
+3.2-wheezy-security: pending (3.2.63-1)
2.6.32-squeeze-security:
-3.16-upstream-stable: needed
-3.2-upstream-stable:
+3.16-upstream-stable: released (3.16.2)
+3.2-upstream-stable: released (3.2.63)
Modified: active/CVE-2014-3186
===================================================================
--- active/CVE-2014-3186 2014-09-16 12:00:57 UTC (rev 3493)
+++ active/CVE-2014-3186 2014-09-17 21:39:46 UTC (rev 3494)
@@ -6,7 +6,7 @@
upstream: released (3.17-rc3) [844817e47eef14141cf59b8d5ac08dd11c0a9189]
2.6.32-upstream-stable: N/A "Vulnerable code not present"
sid: needed
-3.2-wheezy-security:
+3.2-wheezy-security: pending (3.2.63-1)
2.6.32-squeeze-security: N/A "Vulnerable code not present"
3.16-upstream-stable: needed
-3.2-upstream-stable:
+3.2-upstream-stable: released (3.2.63)
Modified: active/CVE-2014-3601
===================================================================
--- active/CVE-2014-3601 2014-09-16 12:00:57 UTC (rev 3493)
+++ active/CVE-2014-3601 2014-09-17 21:39:46 UTC (rev 3494)
@@ -6,7 +6,7 @@
upstream: released (3.17-rc2) [350b8bdd689cd2ab2c67c8a86a0be86cfa0751a7]
2.6.32-upstream-stable:
sid: released (3.16.2-2)
-3.2-wheezy-security:
+3.2-wheezy-security: pending (3.2.63-1)
2.6.32-squeeze-security:
3.16-upstream-stable: needed
3.2-upstream-stable: released (3.2.63) [kvm-iommu-fix-the-third-parameter-of-kvm_iommu_put_pages.patch]
Modified: active/CVE-2014-4171
===================================================================
--- active/CVE-2014-4171 2014-09-16 12:00:57 UTC (rev 3493)
+++ active/CVE-2014-4171 2014-09-17 21:39:46 UTC (rev 3494)
@@ -9,7 +9,7 @@
upstream: released (3.16-rc7) [f00cdc6df7d7cfcabb5b740911e6788cb0802bdb, 8e205f779d1443a94b5ae81aa359cb535dd3021e, b1a366500bd537b50c3aad26dc7df083ec03a448]
2.6.32-upstream-stable: N/A "Vulnerable code introduced later"
sid: released (3.14.15-1)
-3.2-wheezy-security: needed
+3.2-wheezy-security: pending (3.2.63-1)
3.16-upstream-stable: N/A
2.6.32-squeeze-security: N/A "Vulnerable code introduced later"
3.2-upstream-stable: released (3.2.62) [shmem-fix-faulting-into-a-hole-while-it-s-punched.patch, shmem-fix-faulting-into-a-hole-not-taking-i_mutex.patch, shmem-fix-splicing-from-a-hole-while-it-s-punched.patch]
Modified: active/CVE-2014-4608
===================================================================
--- active/CVE-2014-4608 2014-09-16 12:00:57 UTC (rev 3493)
+++ active/CVE-2014-4608 2014-09-17 21:39:46 UTC (rev 3494)
@@ -6,7 +6,7 @@
upstream: released (3.16-rc3) [206a81c18401c0cde6e579164f752c4b147324ce]
2.6.32-upstream-stable:
sid: released (3.14.9-1)
-3.2-wheezy-security:
+3.2-wheezy-security: pending (3.2.63-1)
3.16-upstream-stable: N/A
2.6.32-squeeze-security:
3.2-upstream-stable: released (3.2.61) [lib-lzo-rename-lzo1x_decompress.c-to-lzo1x_decompress_safe.c.patch, lib-lzo-update-lzo-compression-to-current-upstream-version.patch, lzo-properly-check-for-overruns.patch]
Modified: active/CVE-2014-5077
===================================================================
--- active/CVE-2014-5077 2014-09-16 12:00:57 UTC (rev 3493)
+++ active/CVE-2014-5077 2014-09-17 21:39:46 UTC (rev 3494)
@@ -8,7 +8,7 @@
upstream: released (3.16) [1be9a950c646c9092fb3618197f7b6bfb50e82aa]
2.6.32-upstream-stable: needed
sid: released (3.14.15-1) [bugfix/all/net-sctp-inherit-auth_capable-on-INIT-collisions.patch]
-3.2-wheezy-security: needed
+3.2-wheezy-security: pending (3.2.63-1)
3.16-upstream-stable: N/A
2.6.32-squeeze-security: needed
3.2-upstream-stable: released (3.2.63) [net-sctp-inherit-auth_capable-on-init-collisions.patch]
Modified: active/CVE-2014-5471
===================================================================
--- active/CVE-2014-5471 2014-09-16 12:00:57 UTC (rev 3493)
+++ active/CVE-2014-5471 2014-09-17 21:39:46 UTC (rev 3494)
@@ -5,7 +5,7 @@
upstream: released (v3.17-rc2) [410dd3cf4c9b36f27ed4542ee18b1af5e68645a4]
2.6.32-upstream-stable:
sid: released (3.16.2-2)
-3.2-wheezy-security:
+3.2-wheezy-security: pending (3.2.63-1)
2.6.32-squeeze-security:
3.16-upstream-stable: needed
3.2-upstream-stable: released (3.2.63) [isofs-fix-unbounded-recursion-when-processing-relocated-directories.patch]
Modified: active/CVE-2014-5472
===================================================================
--- active/CVE-2014-5472 2014-09-16 12:00:57 UTC (rev 3493)
+++ active/CVE-2014-5472 2014-09-17 21:39:46 UTC (rev 3494)
@@ -5,7 +5,7 @@
upstream: released (v3.17-rc2) [410dd3cf4c9b36f27ed4542ee18b1af5e68645a4]
2.6.32-upstream-stable:
sid: released (3.16.2-2)
-3.2-wheezy-security:
+3.2-wheezy-security: pending (3.2.63-1)
2.6.32-squeeze-security:
3.16-upstream-stable: needed
3.2-upstream-stable: released (3.2.63) [isofs-fix-unbounded-recursion-when-processing-relocated-directories.patch]
Modified: active/CVE-2014-6416
===================================================================
--- active/CVE-2014-6416 2014-09-16 12:00:57 UTC (rev 3493)
+++ active/CVE-2014-6416 2014-09-17 21:39:46 UTC (rev 3494)
@@ -6,8 +6,8 @@
Bugs:
upstream: released (v3.17-rc5) [c27a3e4d667fdcad3db7b104f75659478e0c68d8]
2.6.32-upstream-stable: N/A "Introduced in 2.6.34"
-sid: needed
+sid: pending (3.16.3-1)
3.2-wheezy-security:
2.6.32-squeeze-security: N/A "Introduced in 2.6.34"
-3.16-upstream-stable: needed
+3.16-upstream-stable: released (3.16.3)
3.2-upstream-stable:
Modified: active/CVE-2014-6417
===================================================================
--- active/CVE-2014-6417 2014-09-16 12:00:57 UTC (rev 3493)
+++ active/CVE-2014-6417 2014-09-17 21:39:46 UTC (rev 3494)
@@ -6,8 +6,8 @@
Bugs:
upstream: released (v3.17-rc5) [c27a3e4d667fdcad3db7b104f75659478e0c68d8]
2.6.32-upstream-stable: N/A "Introduced in 2.6.34"
-sid: needed
+sid: pending (3.16.3-1)
3.2-wheezy-security:
2.6.32-squeeze-security: N/A "Introduced in 2.6.34"
-3.16-upstream-stable: needed
+3.16-upstream-stable: released (3.16.3)
3.2-upstream-stable:
Modified: active/CVE-2014-6418
===================================================================
--- active/CVE-2014-6418 2014-09-16 12:00:57 UTC (rev 3493)
+++ active/CVE-2014-6418 2014-09-17 21:39:46 UTC (rev 3494)
@@ -6,8 +6,8 @@
Bugs:
upstream: released (v3.17-rc5) [c27a3e4d667fdcad3db7b104f75659478e0c68d8]
2.6.32-upstream-stable: N/A "Introduced in 2.6.34"
-sid: needed
+sid: pending (3.16.3-1)
3.2-wheezy-security:
2.6.32-squeeze-security: N/A "Introduced in 2.6.34"
-3.16-upstream-stable: needed
+3.16-upstream-stable: released (3.16.3)
3.2-upstream-stable:
More information about the kernel-sec-discuss
mailing list