[kernel-sec-discuss] r3750 - active

Moritz Muehlenhoff jmm at moszumanska.debian.org
Wed Apr 22 11:17:35 UTC 2015


Author: jmm
Date: 2015-04-22 11:17:35 +0000 (Wed, 22 Apr 2015)
New Revision: 3750

Modified:
   active/CVE-2014-8159
   active/CVE-2015-2666
   active/CVE-2015-2922
   active/CVE-2015-3331
   active/CVE-2015-3332
Log:
fixes pending for 3.16.7-ckt10


Modified: active/CVE-2014-8159
===================================================================
--- active/CVE-2014-8159	2015-04-22 06:33:30 UTC (rev 3749)
+++ active/CVE-2014-8159	2015-04-22 11:17:35 UTC (rev 3750)
@@ -8,5 +8,5 @@
 sid: released (3.16.7-ckt9-1) [bugfix/all/ib-core-prevent-integer-overflow-in-ib_umem_get.patch]
 3.2-wheezy-security: pending (3.2.68-2) [bugfix/all/ib-core-prevent-integer-overflow-in-ib_umem_get.patch]
 2.6.32-squeeze-security: pending (2.6.32-48squeeze12) [bugfix/all/ib-core-prevent-integer-overflow-in-ib_umem_get.patch]
-3.16-upstream-stable: needed
+3.16-upstream-stable: pending (3.16.7-ckt10)
 3.2-upstream-stable: needed

Modified: active/CVE-2015-2666
===================================================================
--- active/CVE-2015-2666	2015-04-22 06:33:30 UTC (rev 3749)
+++ active/CVE-2015-2666	2015-04-22 11:17:35 UTC (rev 3750)
@@ -7,5 +7,5 @@
 sid: released (3.16.7-ckt9-1) [bugfix/x86/x86-microcode-intel-guard-against-stack-overflow-in-.patch]
 3.2-wheezy-security: N/A "Introduced in 3.9 with ec400ddeff200b068ddc6c70f7321f49ecf32ed5"
 2.6.32-squeeze-security: N/A "Introduced in 3.9 with ec400ddeff200b068ddc6c70f7321f49ecf32ed5"
-3.16-upstream-stable: needed
+3.16-upstream-stable: pending (3.16.7-ckt10)
 3.2-upstream-stable: N/A "Introduced in 3.9 with ec400ddeff200b068ddc6c70f7321f49ecf32ed5"

Modified: active/CVE-2015-2922
===================================================================
--- active/CVE-2015-2922	2015-04-22 06:33:30 UTC (rev 3749)
+++ active/CVE-2015-2922	2015-04-22 11:17:35 UTC (rev 3750)
@@ -7,5 +7,5 @@
 sid: released (3.16.7-ckt9-1) [bugfix/all/ipv6-don-t-reduce-hop-limit-for-an-interface.patch]
 3.2-wheezy-security: pending (3.2.68-2) [bugfix/all/ipv6-don-t-reduce-hop-limit-for-an-interface.patch]
 2.6.32-squeeze-security: pending (2.6.32-48squeeze12) [bugfix/all/ipv6-don-t-reduce-hop-limit-for-an-interface.patch]
-3.16-upstream-stable: needed
+3.16-upstream-stable: pending (3.16.7-ckt10)
 3.2-upstream-stable: needed

Modified: active/CVE-2015-3331
===================================================================
--- active/CVE-2015-3331	2015-04-22 06:33:30 UTC (rev 3749)
+++ active/CVE-2015-3331	2015-04-22 11:17:35 UTC (rev 3750)
@@ -1,8 +1,6 @@
 Description: Buffer overruns in Linux kernel RFC4106 implementation using AESNI
 References:
 Notes:
- - Fixed by: https://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=ccfe8c3f7e52ae83155cb038753f4c75b774ca8a (v4.0-rc5)
- - Introduced by: https://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=0bd82f5f6355775fbaf7d3c664432ce1b862be1e (v2.6.38-rc1)
 Bugs:
  - https://bugs.debian.org/782561
 upstream: released (v4.0-rc5) [ccfe8c3f7e52ae83155cb038753f4c75b774ca8a]
@@ -11,5 +9,5 @@
 3.16-jessie-security: needed
 3.2-wheezy-security: needed
 2.6.32-squeeze-security: N/A "Introduced in v2.6.38-rc1 with 0bd82f5f6355775fbaf7d3c664432ce1b862be1e"
-3.16-upstream-stable: needed
+3.16-upstream-stable: pending (3.16.7-ckt10)
 3.2-upstream-stable: needed

Modified: active/CVE-2015-3332
===================================================================
--- active/CVE-2015-3332	2015-04-22 06:33:30 UTC (rev 3749)
+++ active/CVE-2015-3332	2015-04-22 11:17:35 UTC (rev 3750)
@@ -9,5 +9,5 @@
 3.16-jessie-security: needed
 3.2-wheezy-security: N/A "355a901e6cf1b2b763ec85caa2a9f04fbcc4ab4a not backported"
 2.6.32-squeeze-security: N/A "355a901e6cf1b2b763ec85caa2a9f04fbcc4ab4a not backported"
-3.16-upstream-stable: needed
+3.16-upstream-stable: pending (3.16.7-ckt10)
 3.2-upstream-stable: N/A "355a901e6cf1b2b763ec85caa2a9f04fbcc4ab4a not backported"




More information about the kernel-sec-discuss mailing list