[kernel-sec-discuss] r3750 - active
Moritz Muehlenhoff
jmm at moszumanska.debian.org
Wed Apr 22 11:17:35 UTC 2015
Author: jmm
Date: 2015-04-22 11:17:35 +0000 (Wed, 22 Apr 2015)
New Revision: 3750
Modified:
active/CVE-2014-8159
active/CVE-2015-2666
active/CVE-2015-2922
active/CVE-2015-3331
active/CVE-2015-3332
Log:
fixes pending for 3.16.7-ckt10
Modified: active/CVE-2014-8159
===================================================================
--- active/CVE-2014-8159 2015-04-22 06:33:30 UTC (rev 3749)
+++ active/CVE-2014-8159 2015-04-22 11:17:35 UTC (rev 3750)
@@ -8,5 +8,5 @@
sid: released (3.16.7-ckt9-1) [bugfix/all/ib-core-prevent-integer-overflow-in-ib_umem_get.patch]
3.2-wheezy-security: pending (3.2.68-2) [bugfix/all/ib-core-prevent-integer-overflow-in-ib_umem_get.patch]
2.6.32-squeeze-security: pending (2.6.32-48squeeze12) [bugfix/all/ib-core-prevent-integer-overflow-in-ib_umem_get.patch]
-3.16-upstream-stable: needed
+3.16-upstream-stable: pending (3.16.7-ckt10)
3.2-upstream-stable: needed
Modified: active/CVE-2015-2666
===================================================================
--- active/CVE-2015-2666 2015-04-22 06:33:30 UTC (rev 3749)
+++ active/CVE-2015-2666 2015-04-22 11:17:35 UTC (rev 3750)
@@ -7,5 +7,5 @@
sid: released (3.16.7-ckt9-1) [bugfix/x86/x86-microcode-intel-guard-against-stack-overflow-in-.patch]
3.2-wheezy-security: N/A "Introduced in 3.9 with ec400ddeff200b068ddc6c70f7321f49ecf32ed5"
2.6.32-squeeze-security: N/A "Introduced in 3.9 with ec400ddeff200b068ddc6c70f7321f49ecf32ed5"
-3.16-upstream-stable: needed
+3.16-upstream-stable: pending (3.16.7-ckt10)
3.2-upstream-stable: N/A "Introduced in 3.9 with ec400ddeff200b068ddc6c70f7321f49ecf32ed5"
Modified: active/CVE-2015-2922
===================================================================
--- active/CVE-2015-2922 2015-04-22 06:33:30 UTC (rev 3749)
+++ active/CVE-2015-2922 2015-04-22 11:17:35 UTC (rev 3750)
@@ -7,5 +7,5 @@
sid: released (3.16.7-ckt9-1) [bugfix/all/ipv6-don-t-reduce-hop-limit-for-an-interface.patch]
3.2-wheezy-security: pending (3.2.68-2) [bugfix/all/ipv6-don-t-reduce-hop-limit-for-an-interface.patch]
2.6.32-squeeze-security: pending (2.6.32-48squeeze12) [bugfix/all/ipv6-don-t-reduce-hop-limit-for-an-interface.patch]
-3.16-upstream-stable: needed
+3.16-upstream-stable: pending (3.16.7-ckt10)
3.2-upstream-stable: needed
Modified: active/CVE-2015-3331
===================================================================
--- active/CVE-2015-3331 2015-04-22 06:33:30 UTC (rev 3749)
+++ active/CVE-2015-3331 2015-04-22 11:17:35 UTC (rev 3750)
@@ -1,8 +1,6 @@
Description: Buffer overruns in Linux kernel RFC4106 implementation using AESNI
References:
Notes:
- - Fixed by: https://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=ccfe8c3f7e52ae83155cb038753f4c75b774ca8a (v4.0-rc5)
- - Introduced by: https://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=0bd82f5f6355775fbaf7d3c664432ce1b862be1e (v2.6.38-rc1)
Bugs:
- https://bugs.debian.org/782561
upstream: released (v4.0-rc5) [ccfe8c3f7e52ae83155cb038753f4c75b774ca8a]
@@ -11,5 +9,5 @@
3.16-jessie-security: needed
3.2-wheezy-security: needed
2.6.32-squeeze-security: N/A "Introduced in v2.6.38-rc1 with 0bd82f5f6355775fbaf7d3c664432ce1b862be1e"
-3.16-upstream-stable: needed
+3.16-upstream-stable: pending (3.16.7-ckt10)
3.2-upstream-stable: needed
Modified: active/CVE-2015-3332
===================================================================
--- active/CVE-2015-3332 2015-04-22 06:33:30 UTC (rev 3749)
+++ active/CVE-2015-3332 2015-04-22 11:17:35 UTC (rev 3750)
@@ -9,5 +9,5 @@
3.16-jessie-security: needed
3.2-wheezy-security: N/A "355a901e6cf1b2b763ec85caa2a9f04fbcc4ab4a not backported"
2.6.32-squeeze-security: N/A "355a901e6cf1b2b763ec85caa2a9f04fbcc4ab4a not backported"
-3.16-upstream-stable: needed
+3.16-upstream-stable: pending (3.16.7-ckt10)
3.2-upstream-stable: N/A "355a901e6cf1b2b763ec85caa2a9f04fbcc4ab4a not backported"
More information about the kernel-sec-discuss
mailing list