[kernel-sec-discuss] r4052 - active

Salvatore Bonaccorso carnil at moszumanska.debian.org
Thu Dec 17 20:37:08 UTC 2015 

Author: carnil
Date: 2015-12-17 20:37:08 +0000 (Thu, 17 Dec 2015)
New Revision: 4052

Modified:
   active/CVE-2013-7446
   active/CVE-2015-7799
   active/CVE-2015-7833
   active/CVE-2015-8104
   active/CVE-2015-8374
   active/CVE-2015-8543
Log:
Mark versions as released for DSA-3426-1

Modified: active/CVE-2013-7446
===================================================================
--- active/CVE-2013-7446	2015-12-17 18:41:16 UTC (rev 4051)
+++ active/CVE-2013-7446	2015-12-17 20:37:08 UTC (rev 4052)
@@ -11,6 +11,6 @@
 3.2-upstream-stable: needed
 2.6.32-upstream-stable: needed
 sid: released (4.2.6-2) [bugfix/all/unix-avoid-use-after-free-in-ep_remove_wait_queue.patch]
-3.16-jessie-security: pending (3.16.7-ckt20-1+deb8u1) [bugfix/all/unix-avoid-use-after-free-in-ep_remove_wait_queue.patch]
-3.2-wheezy-security: pending (3.2.73-2+deb7u1) [bugfix/all/unix-avoid-use-after-free-in-ep_remove_wait_queue.patch]
+3.16-jessie-security: released (3.16.7-ckt20-1+deb8u1) [bugfix/all/unix-avoid-use-after-free-in-ep_remove_wait_queue.patch]
+3.2-wheezy-security: released (3.2.73-2+deb7u1) [bugfix/all/unix-avoid-use-after-free-in-ep_remove_wait_queue.patch]
 2.6.32-squeeze-security: released (2.6.32-48squeeze17) [bugfix/all/unix-avoid-use-after-free-in-ep_remove_wait_queue.patch]

Modified: active/CVE-2015-7799
===================================================================
--- active/CVE-2015-7799	2015-12-17 18:41:16 UTC (rev 4051)
+++ active/CVE-2015-7799	2015-12-17 20:37:08 UTC (rev 4052)
@@ -8,6 +8,6 @@
 3.2-upstream-stable: needed
 2.6.32-upstream-stable: needed
 sid: released (4.2.6-2) [bugfix/all/isdn_ppp-add-checks-for-allocation-failure-in-isdn_p.patch, bugfix/all/ppp-slip-validate-vj-compression-slot-parameters-com.patch]
-3.16-jessie-security: pending (3.16.7-ckt20-1+deb8u1)
-3.2-wheezy-security: pending (3.2.73-2+deb7u1) [bugfix/all/isdn_ppp-add-checks-for-allocation-failure-in-isdn_p.patch, bugfix/all/ppp-slip-validate-vj-compression-slot-parameters-com.patch]
+3.16-jessie-security: released (3.16.7-ckt20-1+deb8u1)
+3.2-wheezy-security: released (3.2.73-2+deb7u1) [bugfix/all/isdn_ppp-add-checks-for-allocation-failure-in-isdn_p.patch, bugfix/all/ppp-slip-validate-vj-compression-slot-parameters-com.patch]
 2.6.32-squeeze-security: released (2.6.32-48squeeze17) [bugfix/all/isdn_ppp-add-checks-for-allocation-failure-in-isdn_p.patch, bugfix/all/ppp-slip-validate-vj-compression-slot-parameters-com.patch]

Modified: active/CVE-2015-7833
===================================================================
--- active/CVE-2015-7833	2015-12-17 18:41:16 UTC (rev 4051)
+++ active/CVE-2015-7833	2015-12-17 20:37:08 UTC (rev 4052)
@@ -11,6 +11,6 @@
 3.2-upstream-stable: needed
 2.6.32-upstream-stable: needed
 sid: released (4.2.6-2) [bugfix/all/usbvision-fix-overflow-of-interfaces-array.patch, media-usbvision-fix-crash-on-detecting-device-with-i.patch]
-3.16-jessie-security: pending (3.16.7-ckt20-1+deb8u1) [bugfix/all/usbvision-fix-overflow-of-interfaces-array.patch, media-usbvision-fix-crash-on-detecting-device-with-i.patch]
-3.2-wheezy-security: pending (3.2.73-2+deb7u1) [bugfix/all/usbvision-fix-overflow-of-interfaces-array.patch, media-usbvision-fix-crash-on-detecting-device-with-i.patch]
+3.16-jessie-security: released (3.16.7-ckt20-1+deb8u1) [bugfix/all/usbvision-fix-overflow-of-interfaces-array.patch, media-usbvision-fix-crash-on-detecting-device-with-i.patch]
+3.2-wheezy-security: released (3.2.73-2+deb7u1) [bugfix/all/usbvision-fix-overflow-of-interfaces-array.patch, media-usbvision-fix-crash-on-detecting-device-with-i.patch]
 2.6.32-squeeze-security: released (2.6.32-48squeeze17) [bugfix/all/usbvision-fix-overflow-of-interfaces-array.patch, media-usbvision-fix-crash-on-detecting-device-with-i.patch]

Modified: active/CVE-2015-8104
===================================================================
--- active/CVE-2015-8104	2015-12-17 18:41:16 UTC (rev 4051)
+++ active/CVE-2015-8104	2015-12-17 20:37:08 UTC (rev 4052)
@@ -10,6 +10,6 @@
 3.2-upstream-stable: released (3.2.74)
 2.6.32-upstream-stable: needed
 sid: released (4.2.6-2) [bugfix/x86/kvm-svm-unconditionally-intercept-DB.patch]
-3.16-jessie-security: pending (3.16.7-ckt11-1+deb8u7) [bugfix/x86/kvm-svm-unconditionally-intercept-DB.patch]
-3.2-wheezy-security: pending (3.2.73-2+deb7u1) [bugfix/x86/kvm-svm-unconditionally-intercept-db.patch]
+3.16-jessie-security: released (3.16.7-ckt11-1+deb8u7) [bugfix/x86/kvm-svm-unconditionally-intercept-DB.patch]
+3.2-wheezy-security: released (3.2.73-2+deb7u1) [bugfix/x86/kvm-svm-unconditionally-intercept-db.patch]
 2.6.32-squeeze-security: ignored "KVM not supported in squeeze LTS"

Modified: active/CVE-2015-8374
===================================================================
--- active/CVE-2015-8374	2015-12-17 18:41:16 UTC (rev 4051)
+++ active/CVE-2015-8374	2015-12-17 20:37:08 UTC (rev 4052)
@@ -7,6 +7,6 @@
 3.2-upstream-stable: released (3.2.74)
 2.6.32-upstream-stable: ignored "btrfs in 2.6.32 is just a tech preview and not usable for production"
 sid: released (4.2.6-2) [bugfix/all/btrfs-fix-truncation-of-compressed-and-inlined-exten.patch]
-3.16-jessie-security: pending (3.16.7-ckt20-1+deb8u1) [bugfix/all/btrfs-fix-truncation-of-compressed-and-inlined-exten.patch]
+3.16-jessie-security: released (3.16.7-ckt20-1+deb8u1) [bugfix/all/btrfs-fix-truncation-of-compressed-and-inlined-exten.patch]
 3.2-wheezy-security: ignored "btrfs in wheezy is just a tech preview and not usable for production"
 2.6.32-squeeze-security: ignored "btrfs in squeeze is just a tech preview and not usable for production"

Modified: active/CVE-2015-8543
===================================================================
--- active/CVE-2015-8543	2015-12-17 18:41:16 UTC (rev 4051)
+++ active/CVE-2015-8543	2015-12-17 20:37:08 UTC (rev 4052)
@@ -12,6 +12,6 @@
 3.2-upstream-stable: needed
 2.6.32-upstream-stable: needed
 sid: released (4.3.3-1) [bugfix/all/net-add-validation-for-the-socket-syscall-protocol.patch]
-3.16-jessie-security: pending (3.16.7-ckt20-1+deb8u1) [bugfix/all/net-add-validation-for-the-socket-syscall-protocol.patch]
+3.16-jessie-security: released (3.16.7-ckt20-1+deb8u1) [bugfix/all/net-add-validation-for-the-socket-syscall-protocol.patch]
 3.2-wheezy-security: needed
 2.6.32-squeeze-security: needed

More information about the kernel-sec-discuss mailing list