[kernel-sec-discuss] r3895 - active retired
Moritz Muehlenhoff
jmm at moszumanska.debian.org
Fri Aug 7 13:54:48 UTC 2015
Author: jmm
Date: 2015-08-07 13:54:48 +0000 (Fri, 07 Aug 2015)
New Revision: 3895
Added:
retired/CVE-2015-4700
retired/CVE-2015-5706
Removed:
active/CVE-2015-4700
active/CVE-2015-5706
Log:
retire
Deleted: active/CVE-2015-4700
===================================================================
--- active/CVE-2015-4700 2015-08-07 13:53:52 UTC (rev 3894)
+++ active/CVE-2015-4700 2015-08-07 13:54:48 UTC (rev 3895)
@@ -1,14 +0,0 @@
-Description: Crafted BPF filters may crash kernel during JIT optimisation
-References:
-Notes: Introduced in 0a14842f5a3c0e88a1e59fac5c3025db39721f74.
- This is mitigated by the fact that BPF JIT has always been disabled by
- default.
-Bugs:
-upstream: released (v4.1-rc6) [3f7352bf21f8fd7ba3e2fcef9488756f188e12be]
-3.16-upstream-stable: released (3.16.7-ckt13)
-3.2-upstream-stable: released (3.2.70) [x86-bpf_jit-fix-compilation-of-large-bpf-programs.patch]
-2.6.32-upstream-stable: N/A "Introduced in 3.0 with 0a14842f5a3c0e88a1e59fac5c3025db39721f74"
-sid: released (4.0.7-1)
-3.16-jessie-security: released (3.16.7-ckt11+deb8u3) [bugfix/x86/x86-bpf_jit-fix-compilation-of-large-bpf-programs.patch]
-3.2-wheezy-security: released (3.2.68-1+deb7u3) [bugfix/x86/x86-bpf_jit-fix-compilation-of-large-bpf-programs.patch]
-2.6.32-squeeze-security: N/A "Introduced in 3.0 with 0a14842f5a3c0e88a1e59fac5c3025db39721f74"
Deleted: active/CVE-2015-5706
===================================================================
--- active/CVE-2015-5706 2015-08-07 13:53:52 UTC (rev 3894)
+++ active/CVE-2015-5706 2015-08-07 13:54:48 UTC (rev 3895)
@@ -1,12 +0,0 @@
-Description: Use-after-free in path lookup
-References:
-Notes:
-Bugs:
-upstream: released (v4.1-rc3) [f15133df088ecadd141ea1907f2c96df67c729f0]
-3.16-upstream-stable: released (v3.16.7-ckt12) [bedf03d0b88d]
-3.2-upstream-stable: N/A "Introduced in 3.11-rc1 with 60545d0d4610b02e55f65d141c95b18ccf855b6e"
-2.6.32-upstream-stable: N/A "Introduced in 3.11-rc1 with 60545d0d4610b02e55f65d141c95b18ccf855b6e"
-sid: released (4.0.4-1)
-3.16-jessie-security: released (3.16.7-ckt11-1+deb8u3) [bugfix/all/path_openat-fix-double-fput.patch]
-3.2-wheezy-security: N/A "Introduced in 3.11-rc1 with 60545d0d4610b02e55f65d141c95b18ccf855b6e"
-2.6.32-squeeze-security: N/A "Introduced in 3.11-rc1 with 60545d0d4610b02e55f65d141c95b18ccf855b6e"
Copied: retired/CVE-2015-4700 (from rev 3894, active/CVE-2015-4700)
===================================================================
--- retired/CVE-2015-4700 (rev 0)
+++ retired/CVE-2015-4700 2015-08-07 13:54:48 UTC (rev 3895)
@@ -0,0 +1,14 @@
+Description: Crafted BPF filters may crash kernel during JIT optimisation
+References:
+Notes: Introduced in 0a14842f5a3c0e88a1e59fac5c3025db39721f74.
+ This is mitigated by the fact that BPF JIT has always been disabled by
+ default.
+Bugs:
+upstream: released (v4.1-rc6) [3f7352bf21f8fd7ba3e2fcef9488756f188e12be]
+3.16-upstream-stable: released (3.16.7-ckt13)
+3.2-upstream-stable: released (3.2.70) [x86-bpf_jit-fix-compilation-of-large-bpf-programs.patch]
+2.6.32-upstream-stable: N/A "Introduced in 3.0 with 0a14842f5a3c0e88a1e59fac5c3025db39721f74"
+sid: released (4.0.7-1)
+3.16-jessie-security: released (3.16.7-ckt11+deb8u3) [bugfix/x86/x86-bpf_jit-fix-compilation-of-large-bpf-programs.patch]
+3.2-wheezy-security: released (3.2.68-1+deb7u3) [bugfix/x86/x86-bpf_jit-fix-compilation-of-large-bpf-programs.patch]
+2.6.32-squeeze-security: N/A "Introduced in 3.0 with 0a14842f5a3c0e88a1e59fac5c3025db39721f74"
Copied: retired/CVE-2015-5706 (from rev 3886, active/CVE-2015-5706)
===================================================================
--- retired/CVE-2015-5706 (rev 0)
+++ retired/CVE-2015-5706 2015-08-07 13:54:48 UTC (rev 3895)
@@ -0,0 +1,12 @@
+Description: Use-after-free in path lookup
+References:
+Notes:
+Bugs:
+upstream: released (v4.1-rc3) [f15133df088ecadd141ea1907f2c96df67c729f0]
+3.16-upstream-stable: released (v3.16.7-ckt12) [bedf03d0b88d]
+3.2-upstream-stable: N/A "Introduced in 3.11-rc1 with 60545d0d4610b02e55f65d141c95b18ccf855b6e"
+2.6.32-upstream-stable: N/A "Introduced in 3.11-rc1 with 60545d0d4610b02e55f65d141c95b18ccf855b6e"
+sid: released (4.0.4-1)
+3.16-jessie-security: released (3.16.7-ckt11-1+deb8u3) [bugfix/all/path_openat-fix-double-fput.patch]
+3.2-wheezy-security: N/A "Introduced in 3.11-rc1 with 60545d0d4610b02e55f65d141c95b18ccf855b6e"
+2.6.32-squeeze-security: N/A "Introduced in 3.11-rc1 with 60545d0d4610b02e55f65d141c95b18ccf855b6e"
More information about the kernel-sec-discuss
mailing list