[kernel-sec-discuss] r3692 - active

Ben Hutchings benh at moszumanska.debian.org
Sun Feb 22 05:32:26 UTC 2015 

Author: benh
Date: 2015-02-22 05:32:25 +0000 (Sun, 22 Feb 2015)
New Revision: 3692

Modified:
   active/CVE-2013-6885
   active/CVE-2013-7421
   active/CVE-2014-7822
   active/CVE-2014-8160
   active/CVE-2014-9419
   active/CVE-2014-9420
   active/CVE-2014-9529
   active/CVE-2014-9584
   active/CVE-2014-9585
   active/CVE-2014-9644
   active/CVE-2015-0239
   active/CVE-2015-1421
Log:
Mark 3.2.67 as released

Modified: active/CVE-2013-6885
===================================================================
--- active/CVE-2013-6885	2015-02-22 05:13:11 UTC (rev 3691)
+++ active/CVE-2013-6885	2015-02-22 05:32:25 UTC (rev 3692)
@@ -8,4 +8,4 @@
 3.2-wheezy-security: released (3.2.65-1+deb7u1) [bugfix/x86/x86-cpu-amd-add-workaround-for-family-16h-erratum-79.patch]
 2.6.32-squeeze-security: released (2.6.32-48squeeze11) [bugfix/x86/x86-cpu-amd-add-workaround-for-family-16h-erratum-79.patch]
 3.16-upstream-stable: N/A "fixed before 3.16"
-3.2-upstream-stable: pending (3.2.67) [x86-cpu-amd-add-workaround-for-family-16h-erratum-793.patch]
+3.2-upstream-stable: released (3.2.67) [x86-cpu-amd-add-workaround-for-family-16h-erratum-793.patch]

Modified: active/CVE-2013-7421
===================================================================
--- active/CVE-2013-7421	2015-02-22 05:13:11 UTC (rev 3691)
+++ active/CVE-2013-7421	2015-02-22 05:32:25 UTC (rev 3692)
@@ -10,4 +10,4 @@
 3.2-wheezy-security: pending (3.2.65-1+deb7u2) [bugfix/all/crypto-prefix-module-autoloading-with-crypto.patch, bugfix/all/crypto-include-crypto-module-prefix-in-template.patch, +bugfix/all/crypto-add-missing-crypto-module-aliases.patch]
 2.6.32-squeeze-security: N/A "Introduced in 2.6.38"
 3.16-upstream-stable: released (3.16.7-ckt6)
-3.2-upstream-stable: pending (3.2.67) [crypto-prefix-module-autoloading-with-crypto.patch, crypto-include-crypto-module-prefix-in-template.patch, crypto-add-missing-crypto-module-aliases.patch]
+3.2-upstream-stable: released (3.2.67) [crypto-prefix-module-autoloading-with-crypto.patch, crypto-include-crypto-module-prefix-in-template.patch, crypto-add-missing-crypto-module-aliases.patch]

Modified: active/CVE-2014-7822
===================================================================
--- active/CVE-2014-7822	2015-02-22 05:13:11 UTC (rev 3691)
+++ active/CVE-2014-7822	2015-02-22 05:32:25 UTC (rev 3692)
@@ -12,4 +12,4 @@
 3.2-wheezy-security: pending (3.2.65-1+deb7u2) [bugfix/all/splice-apply-generic-position-and-size-checks-to-eac.patch]
 2.6.32-squeeze-security: released (2.6.32-48squeeze11) [bugfix/all/splice-apply-generic-position-and-size-checks-to-eac.patch]
 3.16-upstream-stable: N/A "fixed before 3.16"
-3.2-upstream-stable: pending (3.2.67) [splice-apply-generic-position-and-size-checks-to-eac.patch]
+3.2-upstream-stable: released (3.2.67) [splice-apply-generic-position-and-size-checks-to-eac.patch]

Modified: active/CVE-2014-8160
===================================================================
--- active/CVE-2014-8160	2015-02-22 05:13:11 UTC (rev 3691)
+++ active/CVE-2014-8160	2015-02-22 05:32:25 UTC (rev 3692)
@@ -9,4 +9,4 @@
 3.2-wheezy-security: pending (3.2.65-1+deb7u2) [bugfix/all/netfilter-conntrack-disable-generic-tracking-for-kno.patch]
 2.6.32-squeeze-security: released (2.6.32-48squeeze11) [bugfix/all/netfilter-conntrack-disable-generic-tracking-for-kno.patch]
 3.16-upstream-stable: released (3.16.7-ckt5)
-3.2-upstream-stable: pending (3.2.67) [netfilter-conntrack-disable-generic-tracking-for-kno.patch]
+3.2-upstream-stable: released (3.2.67) [netfilter-conntrack-disable-generic-tracking-for-kno.patch]

Modified: active/CVE-2014-9419
===================================================================
--- active/CVE-2014-9419	2015-02-22 05:13:11 UTC (rev 3691)
+++ active/CVE-2014-9419	2015-02-22 05:32:25 UTC (rev 3692)
@@ -14,4 +14,4 @@
 3.2-wheezy-security: released (3.2.65-1+deb7u1) [bugfix/x86/x86_64-switch_to-load-tls-descriptors-before-switchi.patch]
 2.6.32-squeeze-security: ignored ("complete fix is too invasive to backport")
 3.16-upstream-stable: released (3.16.7-ckt4)
-3.2-upstream-stable: pending (3.2.67) [x86_64-switch_to-load-tls-descriptors-before-switching-ds-and-es.patch]
+3.2-upstream-stable: released (3.2.67) [x86_64-switch_to-load-tls-descriptors-before-switching-ds-and-es.patch]

Modified: active/CVE-2014-9420
===================================================================
--- active/CVE-2014-9420	2015-02-22 05:13:11 UTC (rev 3691)
+++ active/CVE-2014-9420	2015-02-22 05:32:25 UTC (rev 3692)
@@ -8,4 +8,4 @@
 3.2-wheezy-security: released (3.2.65-1) [bugfix/all/isofs-fix-infinite-looping-over-ce-entries.patch]
 2.6.32-squeeze-security: released (2.6.32-48squeeze11) [bugfix/all/isofs-fix-infinite-looping-over-ce-entries.patch]
 3.16-upstream-stable: released (3.16.7-ckt4)
-3.2-upstream-stable: pending (3.2.67) [isofs-fix-infinite-looping-over-ce-entries.patch]
+3.2-upstream-stable: released (3.2.67) [isofs-fix-infinite-looping-over-ce-entries.patch]

Modified: active/CVE-2014-9529
===================================================================
--- active/CVE-2014-9529	2015-02-22 05:13:11 UTC (rev 3691)
+++ active/CVE-2014-9529	2015-02-22 05:32:25 UTC (rev 3692)
@@ -9,4 +9,4 @@
 3.2-wheezy-security: released (3.2.65-1+deb7u1) [bugfix/all/keys-close-race-between-key-lookup-and-freeing.patch]
 2.6.32-squeeze-security: N/A "Vulnerable code not present"
 3.16-upstream-stable: released (3.16.7-ckt4)
-3.2-upstream-stable: pending (3.2.67) [keys-close-race-between-key-lookup-and-freeing.patch]
+3.2-upstream-stable: released (3.2.67) [keys-close-race-between-key-lookup-and-freeing.patch]

Modified: active/CVE-2014-9584
===================================================================
--- active/CVE-2014-9584	2015-02-22 05:13:11 UTC (rev 3691)
+++ active/CVE-2014-9584	2015-02-22 05:32:25 UTC (rev 3692)
@@ -8,4 +8,4 @@
 3.2-wheezy-security: released (3.2.65-1+deb7u1) [bugfix/all/isofs-fix-unchecked-printing-of-er-records.patch]
 2.6.32-squeeze-security: released (2.6.32-48squeeze11) [bugfix/all/isofs-fix-unchecked-printing-of-er-records.patch]
 3.16-upstream-stable: released (3.16.7-ckt4)
-3.2-upstream-stable: pending (3.2.67) [isofs-fix-unchecked-printing-of-er-records.patch]
+3.2-upstream-stable: released (3.2.67) [isofs-fix-unchecked-printing-of-er-records.patch]

Modified: active/CVE-2014-9585
===================================================================
--- active/CVE-2014-9585	2015-02-22 05:13:11 UTC (rev 3691)
+++ active/CVE-2014-9585	2015-02-22 05:32:25 UTC (rev 3692)
@@ -9,4 +9,4 @@
 3.2-wheezy-security: pending (3.2.65-1+deb7u2) [bugfix/x86/x86_64-vdso-fix-the-vdso-address-randomization-algor.patch]
 2.6.32-squeeze-security: released (2.6.32-48squeeze11) [bugfix/x86/x86_64-vdso-fix-the-vdso-address-randomization-algor.patch]
 3.16-upstream-stable: released (3.16.7-ckt5)
-3.2-upstream-stable: pending (3.2.67) [x86_64-vdso-fix-the-vdso-address-randomization-algorithm.patch]
+3.2-upstream-stable: released (3.2.67) [x86_64-vdso-fix-the-vdso-address-randomization-algorithm.patch]

Modified: active/CVE-2014-9644
===================================================================
--- active/CVE-2014-9644	2015-02-22 05:13:11 UTC (rev 3691)
+++ active/CVE-2014-9644	2015-02-22 05:32:25 UTC (rev 3692)
@@ -10,4 +10,4 @@
 3.2-wheezy-security: pending (3.2.65-1+deb7u2) [bugfix/all/crypto-prefix-module-autoloading-with-crypto.patch, bugfix/all/crypto-include-crypto-module-prefix-in-template.patch, +bugfix/all/crypto-add-missing-crypto-module-aliases.patch]
 2.6.32-squeeze-security: N/A "Introduced in 2.6.38"
 3.16-upstream-stable: released (3.16.7-ckt6)
-3.2-upstream-stable: pending (3.2.67) [crypto-prefix-module-autoloading-with-crypto.patch, crypto-include-crypto-module-prefix-in-template.patch, crypto-add-missing-crypto-module-aliases.patch]
+3.2-upstream-stable: released (3.2.67) [crypto-prefix-module-autoloading-with-crypto.patch, crypto-include-crypto-module-prefix-in-template.patch, crypto-add-missing-crypto-module-aliases.patch]

Modified: active/CVE-2015-0239
===================================================================
--- active/CVE-2015-0239	2015-02-22 05:13:11 UTC (rev 3691)
+++ active/CVE-2015-0239	2015-02-22 05:32:25 UTC (rev 3692)
@@ -13,4 +13,4 @@
 3.2-wheezy-security: pending (3.2.65-1+deb7u2) [bugfix/x86/kvm-x86-sysenter-emulation-is-broken.patch]
 2.6.32-squeeze-security: ignored "KVM not supported in squeeze LTS"
 3.16-upstream-stable: released (3.16.7-ckt6)
-3.2-upstream-stable: pending (3.2.67) [kvm-x86-sysenter-emulation-is-broken.patch]
+3.2-upstream-stable: released (3.2.67) [kvm-x86-sysenter-emulation-is-broken.patch]

Modified: active/CVE-2015-1421
===================================================================
--- active/CVE-2015-1421	2015-02-22 05:13:11 UTC (rev 3691)
+++ active/CVE-2015-1421	2015-02-22 05:32:25 UTC (rev 3692)
@@ -10,4 +10,4 @@
 3.2-wheezy-security: pending (3.2.65-1+deb7u2) [bugfix/all/net-sctp-fix-slab-corruption-from-use-after-free-on-init-collisions.patch]
 2.6.32-squeeze-security: released (2.6.32-48squeeze11) [bugfix/all/net-sctp-fix-slab-corruption-from-use-after-free-on-.patch]
 3.16-upstream-stable: released (3.16.7-ckt6)
-3.2-upstream-stable: pending (3.2.67) [net-sctp-fix-slab-corruption-from-use-after-free-on-init-collisions.patch]
+3.2-upstream-stable: released (3.2.67) [net-sctp-fix-slab-corruption-from-use-after-free-on-init-collisions.patch]

More information about the kernel-sec-discuss mailing list