[kernel-sec-discuss] r3746 - active
Moritz Muehlenhoff
jmm at moszumanska.debian.org
Mon Apr 20 10:17:00 UTC 2015
Author: jmm
Date: 2015-04-20 10:17:00 +0000 (Mon, 20 Apr 2015)
New Revision: 3746
Modified:
active/CVE-2014-9717
active/CVE-2015-3332
Log:
updates
Modified: active/CVE-2014-9717
===================================================================
--- active/CVE-2014-9717 2015-04-18 04:52:17 UTC (rev 3745)
+++ active/CVE-2014-9717 2015-04-20 10:17:00 UTC (rev 3746)
@@ -1,13 +1,15 @@
Description: USERNS allows circumventing MNT_LOCKED
References:
- - http://marc.info/?l=linux-kernel&m=141271552117745&w=2
+ http://marc.info/?l=linux-kernel&m=141271552117745&w=2
+ https://groups.google.com/forum/#!topic/linux.kernel/HnegnbXk0Vs
+ http://www.spinics.net/lists/linux-containers/msg30786.html
Notes:
Bugs:
-upstream:
+upstream: needed
2.6.32-upstream-stable: N/A "user namespaces known broken before 3.5"
-sid:
+sid: needed
3.16-jessie-security:
3.2-wheezy-security: N/A "user namespaces known broken before 3.5"
2.6.32-squeeze-security: N/A "user namespaces known broken before 3.5"
-3.16-upstream-stable:
+3.16-upstream-stable: needed
3.2-upstream-stable: N/A "user namespaces known broken before 3.5"
Modified: active/CVE-2015-3332
===================================================================
--- active/CVE-2015-3332 2015-04-18 04:52:17 UTC (rev 3745)
+++ active/CVE-2015-3332 2015-04-20 10:17:00 UTC (rev 3746)
@@ -3,11 +3,11 @@
Notes:
Bugs:
- http://bugs.debian.org/782515
-upstream:
-2.6.32-upstream-stable:
-sid:
-3.16-jessie-security:
-3.2-wheezy-security:
-2.6.32-squeeze-security:
-3.16-upstream-stable:
-3.2-upstream-stable:
+upstream: N/A "Only affects < 3.18 kernels with 355a901e6cf1b2b763ec85caa2a9f04fbcc4ab4a backported"
+2.6.32-upstream-stable: N/A "355a901e6cf1b2b763ec85caa2a9f04fbcc4ab4a not backported"
+sid: needed
+3.16-jessie-security: needed
+3.2-wheezy-security: N/A "355a901e6cf1b2b763ec85caa2a9f04fbcc4ab4a not backported"
+2.6.32-squeeze-security: N/A "355a901e6cf1b2b763ec85caa2a9f04fbcc4ab4a not backported"
+3.16-upstream-stable: needed
+3.2-upstream-stable: N/A "355a901e6cf1b2b763ec85caa2a9f04fbcc4ab4a not backported"
More information about the kernel-sec-discuss
mailing list