[kernel-sec-discuss] r4056 - active
Ben Hutchings
benh at moszumanska.debian.org
Mon Dec 21 11:53:44 UTC 2015
Author: benh
Date: 2015-12-21 11:53:44 +0000 (Mon, 21 Dec 2015)
New Revision: 4056
Modified:
active/CVE-2015-8569
active/CVE-2015-8575
Log:
Triage new socket name information leaks
Modified: active/CVE-2015-8569
===================================================================
--- active/CVE-2015-8569 2015-12-21 11:41:19 UTC (rev 4055)
+++ active/CVE-2015-8569 2015-12-21 11:53:44 UTC (rev 4056)
@@ -1,14 +1,14 @@
-Description: information leak from getsockname
+Description: information leak from pptp get{sock,peer}name
References:
- http://twitter.com/grsecurity/statuses/676744240802750464
- https://lkml.org/lkml/2015/12/14/252
Notes:
Bugs:
upstream: released (4.4-rc6) [09ccfd238e5a0e670d8178cf50180ea81ae09ae1]
-3.16-upstream-stable:
-3.2-upstream-stable:
-2.6.32-upstream-stable:
-sid:
-3.16-jessie-security:
-3.2-wheezy-security:
-2.6.32-squeeze-security:
+3.16-upstream-stable: needed
+3.2-upstream-stable: needed
+2.6.32-upstream-stable: N/A "Vulnerable code not present"
+sid: needed
+3.16-jessie-security: needed
+3.2-wheezy-security: needed
+2.6.32-squeeze-security: N/A "Vulnerable code not present"
Modified: active/CVE-2015-8575
===================================================================
--- active/CVE-2015-8575 2015-12-21 11:41:19 UTC (rev 4055)
+++ active/CVE-2015-8575 2015-12-21 11:53:44 UTC (rev 4056)
@@ -1,12 +1,12 @@
-Description:
+Description: information leak from bluetooth/sco getsockname
References:
Notes:
Bugs:
upstream: released (4.4-rc6) [5233252fce714053f0151680933571a2da9cbfb4]
-3.16-upstream-stable:
-3.2-upstream-stable:
-2.6.32-upstream-stable:
-sid:
-3.16-jessie-security:
-3.2-wheezy-security:
-2.6.32-squeeze-security:
+3.16-upstream-stable: needed
+3.2-upstream-stable: needed
+2.6.32-upstream-stable: needed
+sid: needed
+3.16-jessie-security: needed
+3.2-wheezy-security: needed
+2.6.32-squeeze-security: needed
More information about the kernel-sec-discuss
mailing list