[kernel-sec-discuss] r3746 - active

Moritz Muehlenhoff jmm at moszumanska.debian.org
Mon Apr 20 10:17:00 UTC 2015 

Author: jmm
Date: 2015-04-20 10:17:00 +0000 (Mon, 20 Apr 2015)
New Revision: 3746

Modified:
   active/CVE-2014-9717
   active/CVE-2015-3332
Log:
updates


Modified: active/CVE-2014-9717
===================================================================
--- active/CVE-2014-9717	2015-04-18 04:52:17 UTC (rev 3745)
+++ active/CVE-2014-9717	2015-04-20 10:17:00 UTC (rev 3746)
@@ -1,13 +1,15 @@
 Description: USERNS allows circumventing MNT_LOCKED
 References:
- - http://marc.info/?l=linux-kernel&m=141271552117745&w=2
+ http://marc.info/?l=linux-kernel&m=141271552117745&w=2
+ https://groups.google.com/forum/#!topic/linux.kernel/HnegnbXk0Vs
+ http://www.spinics.net/lists/linux-containers/msg30786.html
 Notes:
 Bugs:
-upstream:
+upstream: needed
 2.6.32-upstream-stable: N/A "user namespaces known broken before 3.5"
-sid:
+sid: needed
 3.16-jessie-security:
 3.2-wheezy-security: N/A "user namespaces known broken before 3.5"
 2.6.32-squeeze-security: N/A "user namespaces known broken before 3.5"
-3.16-upstream-stable:
+3.16-upstream-stable: needed
 3.2-upstream-stable: N/A "user namespaces known broken before 3.5"

Modified: active/CVE-2015-3332
===================================================================
--- active/CVE-2015-3332	2015-04-18 04:52:17 UTC (rev 3745)
+++ active/CVE-2015-3332	2015-04-20 10:17:00 UTC (rev 3746)
@@ -3,11 +3,11 @@
 Notes:
 Bugs:
  - http://bugs.debian.org/782515
-upstream:
-2.6.32-upstream-stable:
-sid:
-3.16-jessie-security:
-3.2-wheezy-security:
-2.6.32-squeeze-security:
-3.16-upstream-stable:
-3.2-upstream-stable:
+upstream: N/A "Only affects < 3.18 kernels with 355a901e6cf1b2b763ec85caa2a9f04fbcc4ab4a backported"
+2.6.32-upstream-stable: N/A "355a901e6cf1b2b763ec85caa2a9f04fbcc4ab4a not backported"
+sid: needed
+3.16-jessie-security: needed
+3.2-wheezy-security: N/A "355a901e6cf1b2b763ec85caa2a9f04fbcc4ab4a not backported"
+2.6.32-squeeze-security: N/A "355a901e6cf1b2b763ec85caa2a9f04fbcc4ab4a not backported"
+3.16-upstream-stable: needed
+3.2-upstream-stable: N/A "355a901e6cf1b2b763ec85caa2a9f04fbcc4ab4a not backported"

More information about the kernel-sec-discuss mailing list