[kernel-sec-discuss] r4056 - active

[Ben Hutchings]

Author: benh
Date: 2015-12-21 11:53:44 +0000 (Mon, 21 Dec 2015)
New Revision: 4056

Modified:
   active/CVE-2015-8569
   active/CVE-2015-8575
Log:
Triage new socket name information leaks

Modified: active/CVE-2015-8569
===================================================================
--- active/CVE-2015-8569	2015-12-21 11:41:19 UTC (rev 4055)
+++ active/CVE-2015-8569	2015-12-21 11:53:44 UTC (rev 4056)
@@ -1,14 +1,14 @@
-Description: information leak from getsockname
+Description: information leak from pptp get{sock,peer}name
 References:
  - http://twitter.com/grsecurity/statuses/676744240802750464
  - https://lkml.org/lkml/2015/12/14/252
 Notes:
 Bugs:
 upstream: released (4.4-rc6) [09ccfd238e5a0e670d8178cf50180ea81ae09ae1]
-3.16-upstream-stable:
-3.2-upstream-stable:
-2.6.32-upstream-stable:
-sid:
-3.16-jessie-security:
-3.2-wheezy-security:
-2.6.32-squeeze-security:
+3.16-upstream-stable: needed
+3.2-upstream-stable: needed
+2.6.32-upstream-stable: N/A "Vulnerable code not present"
+sid: needed
+3.16-jessie-security: needed
+3.2-wheezy-security: needed
+2.6.32-squeeze-security: N/A "Vulnerable code not present"

Modified: active/CVE-2015-8575
===================================================================
--- active/CVE-2015-8575	2015-12-21 11:41:19 UTC (rev 4055)
+++ active/CVE-2015-8575	2015-12-21 11:53:44 UTC (rev 4056)
@@ -1,12 +1,12 @@
-Description:
+Description: information leak from bluetooth/sco getsockname
 References:
 Notes:
 Bugs:
 upstream: released (4.4-rc6) [5233252fce714053f0151680933571a2da9cbfb4]
-3.16-upstream-stable:
-3.2-upstream-stable:
-2.6.32-upstream-stable:
-sid:
-3.16-jessie-security:
-3.2-wheezy-security:
-2.6.32-squeeze-security:
+3.16-upstream-stable: needed
+3.2-upstream-stable: needed
+2.6.32-upstream-stable: needed
+sid: needed
+3.16-jessie-security: needed
+3.2-wheezy-security: needed
+2.6.32-squeeze-security: needed