[kernel-sec-discuss] r4066 - active
Ben Hutchings
benh at moszumanska.debian.org
Mon Dec 28 00:03:27 UTC 2015
Author: benh
Date: 2015-12-28 00:03:27 +0000 (Mon, 28 Dec 2015)
New Revision: 4066
Modified:
active/CVE-2015-8543
active/CVE-2015-8550
active/CVE-2015-8551
active/CVE-2015-8552
active/CVE-2015-8569
active/CVE-2015-8575
Log:
Mark issues pending in squeeze and wheezy
Modified: active/CVE-2015-8543
===================================================================
--- active/CVE-2015-8543 2015-12-27 14:33:34 UTC (rev 4065)
+++ active/CVE-2015-8543 2015-12-28 00:03:27 UTC (rev 4066)
@@ -13,5 +13,5 @@
2.6.32-upstream-stable: needed
sid: released (4.3.3-1) [bugfix/all/net-add-validation-for-the-socket-syscall-protocol.patch]
3.16-jessie-security: released (3.16.7-ckt20-1+deb8u1) [bugfix/all/net-add-validation-for-the-socket-syscall-protocol.patch]
-3.2-wheezy-security: needed
-2.6.32-squeeze-security: needed
+3.2-wheezy-security: pending (3.2.73-2+deb7u2) [bugfix/all/net-add-validation-for-the-socket-syscall-protocol.patch]
+2.6.32-squeeze-security: pending (2.6.32-48squeeze18) [bugfix/all/net-add-validation-for-the-socket-syscall-protocol.patch]
Modified: active/CVE-2015-8550
===================================================================
--- active/CVE-2015-8550 2015-12-27 14:33:34 UTC (rev 4065)
+++ active/CVE-2015-8550 2015-12-28 00:03:27 UTC (rev 4066)
@@ -8,5 +8,5 @@
2.6.32-upstream-stable: N/A "Vulnerable code not present"
sid: pending (4.3.3-3) [bugfix/all/xen-add-ring_copy_request.patch, bugfix/all/xen-netback-don-t-use-last-request-to-determine-mini.patch, bugfix/all/xen-netback-use-ring_copy_request-throughout.patch, bugfix/all/xen-blkback-only-read-request-operation-from-shared-.patch, bugfix/all/xen-blkback-read-from-indirect-descriptors-only-once.patch, bugfix/all/xen-scsiback-safely-copy-requests.patch, bugfix/all/xen-pciback-save-xen_pci_op-commands-before-processi.patch]
3.16-jessie-security: pending (3.16.7-ckt20-1+deb8u2) [bugfix/all/xen-add-ring_copy_request.patch, bugfix/all/xen-netback-don-t-use-last-request-to-determine-mini.patch, bugfix/all/xen-netback-use-ring_copy_request-throughout.patch, bugfix/all/xen-blkback-only-read-request-operation-from-shared-.patch, bugfix/all/xen-blkback-read-from-indirect-descriptors-only-once.patch, bugfix/all/xen-pciback-save-xen_pci_op-commands-before-processi.patch]
-3.2-wheezy-security: needed
+3.2-wheezy-security: pending (3.2.73-2+deb7u2) [bugfix/all/xen-add-ring_copy_request.patch, bugfix/all/xen-netback-don-t-use-last-request-to-determine-mini.patch, bugfix/all/xen-netback-use-ring_copy_request-throughout.patch, bugfix/all/xen-blkback-only-read-request-operation-from-shared-.patch, bugfix/all/xen-pciback-save-xen_pci_op-commands-before-processi.patch]
2.6.32-squeeze-security: ignored "Xen not supported in Squeeze LTS"
Modified: active/CVE-2015-8551
===================================================================
--- active/CVE-2015-8551 2015-12-27 14:33:34 UTC (rev 4065)
+++ active/CVE-2015-8551 2015-12-28 00:03:27 UTC (rev 4066)
@@ -8,5 +8,5 @@
2.6.32-upstream-stable: N/A "Vulnerable code not present"
sid: pending (4.3.3-3) [bugfix/all/xen-pciback-return-error-on-xen_pci_op_enable_msi-wh.patch, bugfix/all/xen-pciback-return-error-on-xen_pci_op_enable_msix-w.patch, bugfix/all/xen-pciback-do-not-install-an-irq-handler-for-msi-in.patch, bugfix/all/xen-pciback-for-xen_pci_op_disable_msi-x-only-disabl.patch, bugfix/all/xen-pciback-don-t-allow-msi-x-ops-if-pci_command_mem.patch]
3.16-jessie-security: pending (3.16.7-ckt20-1+deb8u2) [bugfix/all/xen-pciback-return-error-on-xen_pci_op_enable_msi-wh.patch, bugfix/all/xen-pciback-return-error-on-xen_pci_op_enable_msix-w.patch, bugfix/all/xen-pciback-do-not-install-an-irq-handler-for-msi-in.patch, bugfix/all/xen-pciback-for-xen_pci_op_disable_msi-x-only-disabl.patch, bugfix/all/xen-pciback-don-t-allow-msi-x-ops-if-pci_command_mem.patch]
-3.2-wheezy-security: needed
+3.2-wheezy-security: pending (3.2.73-2+deb7u2) [bugfix/all/xen-pciback-return-error-on-xen_pci_op_enable_msi-wh.patch, bugfix/all/xen-pciback-return-error-on-xen_pci_op_enable_msix-w.patch, bugfix/all/xen-pciback-do-not-install-an-irq-handler-for-msi-in.patch, bugfix/all/xen-pciback-for-xen_pci_op_disable_msi-x-only-disabl.patch, bugfix/all/xen-pciback-don-t-allow-msi-x-ops-if-pci_command_mem.patch]
2.6.32-squeeze-security: ignored "Xen not supported in Squeeze LTS"
Modified: active/CVE-2015-8552
===================================================================
--- active/CVE-2015-8552 2015-12-27 14:33:34 UTC (rev 4065)
+++ active/CVE-2015-8552 2015-12-28 00:03:27 UTC (rev 4066)
@@ -8,5 +8,5 @@
2.6.32-upstream-stable: N/A "Vulnerable code not present"
sid: pending (4.3.3-3) [bugfix/all/xen-pciback-return-error-on-xen_pci_op_enable_msi-wh.patch, bugfix/all/xen-pciback-return-error-on-xen_pci_op_enable_msix-w.patch, bugfix/all/xen-pciback-do-not-install-an-irq-handler-for-msi-in.patch, bugfix/all/xen-pciback-for-xen_pci_op_disable_msi-x-only-disabl.patch, bugfix/all/xen-pciback-don-t-allow-msi-x-ops-if-pci_command_mem.patch]
3.16-jessie-security: pending (3.16.7-ckt20-1+deb8u2) [bugfix/all/xen-pciback-return-error-on-xen_pci_op_enable_msi-wh.patch, bugfix/all/xen-pciback-return-error-on-xen_pci_op_enable_msix-w.patch, bugfix/all/xen-pciback-do-not-install-an-irq-handler-for-msi-in.patch, bugfix/all/xen-pciback-for-xen_pci_op_disable_msi-x-only-disabl.patch, bugfix/all/xen-pciback-don-t-allow-msi-x-ops-if-pci_command_mem.patch]
-3.2-wheezy-security: needed
+3.2-wheezy-security: pending (3.2.73-2+deb7u2) [bugfix/all/xen-pciback-return-error-on-xen_pci_op_enable_msi-wh.patch, bugfix/all/xen-pciback-return-error-on-xen_pci_op_enable_msix-w.patch, bugfix/all/xen-pciback-do-not-install-an-irq-handler-for-msi-in.patch, bugfix/all/xen-pciback-for-xen_pci_op_disable_msi-x-only-disabl.patch, bugfix/all/xen-pciback-don-t-allow-msi-x-ops-if-pci_command_mem.patch]
2.6.32-squeeze-security: ignored "Xen not supported in Squeeze LTS"
Modified: active/CVE-2015-8569
===================================================================
--- active/CVE-2015-8569 2015-12-27 14:33:34 UTC (rev 4065)
+++ active/CVE-2015-8569 2015-12-28 00:03:27 UTC (rev 4066)
@@ -10,5 +10,5 @@
2.6.32-upstream-stable: N/A "Vulnerable code not present"
sid: pending (4.3.3-3) [bugfix/all/pptp-verify-sockaddr_len-in-pptp_bind-and-pptp_conne.patch]
3.16-jessie-security: pending (3.16.7-ckt20-1+deb8u2) [bugfix/all/pptp-verify-sockaddr_len-in-pptp_bind-and-pptp_conne.patch]
-3.2-wheezy-security: needed
+3.2-wheezy-security: pending (3.2.73-2+deb7u2) [bugfix/all/pptp-verify-sockaddr_len-in-pptp_bind-and-pptp_conne.patch]
2.6.32-squeeze-security: N/A "Vulnerable code not present"
Modified: active/CVE-2015-8575
===================================================================
--- active/CVE-2015-8575 2015-12-27 14:33:34 UTC (rev 4065)
+++ active/CVE-2015-8575 2015-12-28 00:03:27 UTC (rev 4066)
@@ -8,5 +8,5 @@
2.6.32-upstream-stable: needed
sid: pending (4.3.3-3) [bugfix/all/bluetooth-validate-socket-address-length-in-sco_sock.patch]
3.16-jessie-security: pending (3.16.7-ckt20-1+deb8u2) [bugfix/all/bluetooth-validate-socket-address-length-in-sco_sock.patch]
-3.2-wheezy-security: needed
-2.6.32-squeeze-security: needed
+3.2-wheezy-security: pending (3.2.73-2+deb7u2) [bugfix/all/bluetooth-validate-socket-address-length-in-sco_sock.patch]
+2.6.32-squeeze-security: pending (2.6.32-48squeeze18) [bugfix/all/bluetooth-validate-socket-address-length-in-sco_sock.patch]
More information about the kernel-sec-discuss
mailing list