[kernel-sec-discuss] r3697 - active

Ben Hutchings benh at moszumanska.debian.org
Tue Feb 24 00:19:11 UTC 2015 

Author: benh
Date: 2015-02-24 00:19:11 +0000 (Tue, 24 Feb 2015)
New Revision: 3697

Modified:
   active/CVE-2013-7421
   active/CVE-2014-7822
   active/CVE-2014-8160
   active/CVE-2014-8559
   active/CVE-2014-9585
   active/CVE-2014-9644
   active/CVE-2014-9683
   active/CVE-2015-0239
   active/CVE-2015-1420
   active/CVE-2015-1421
   active/CVE-2015-1593
Log:
Mark 3.2.65-1+deb7u2 as released

Modified: active/CVE-2013-7421
===================================================================
--- active/CVE-2013-7421	2015-02-23 10:19:49 UTC (rev 3696)
+++ active/CVE-2013-7421	2015-02-24 00:19:11 UTC (rev 3697)
@@ -7,7 +7,7 @@
 upstream: released (3.19-rc6) [5d26a105b5a73e5635eae0629b42fa0a90e07b7b, 4943ba16bbc2db05115707b3ff7b4874e9e3c560, 3e14dcf7cb80b34a1f38b55bc96f02d23fdaaaaf]
 2.6.32-upstream-stable: N/A "Introduced in 2.6.38"
 sid: released (3.16.7-ckt4-2) [bugfix/all/crypto-prefix-module-autoloading-with-crypto.patch, bugfix/all/crypto-include-crypto-module-prefix-in-template.patch, +bugfix/all/crypto-add-missing-crypto-module-aliases.patch]
-3.2-wheezy-security: pending (3.2.65-1+deb7u2) [bugfix/all/crypto-prefix-module-autoloading-with-crypto.patch, bugfix/all/crypto-include-crypto-module-prefix-in-template.patch, +bugfix/all/crypto-add-missing-crypto-module-aliases.patch]
+3.2-wheezy-security: released (3.2.65-1+deb7u2) [bugfix/all/crypto-prefix-module-autoloading-with-crypto.patch, bugfix/all/crypto-include-crypto-module-prefix-in-template.patch, +bugfix/all/crypto-add-missing-crypto-module-aliases.patch]
 2.6.32-squeeze-security: N/A "Introduced in 2.6.38"
 3.16-upstream-stable: released (3.16.7-ckt6)
 3.2-upstream-stable: released (3.2.67) [crypto-prefix-module-autoloading-with-crypto.patch, crypto-include-crypto-module-prefix-in-template.patch, crypto-add-missing-crypto-module-aliases.patch]

Modified: active/CVE-2014-7822
===================================================================
--- active/CVE-2014-7822	2015-02-23 10:19:49 UTC (rev 3696)
+++ active/CVE-2014-7822	2015-02-24 00:19:11 UTC (rev 3697)
@@ -9,7 +9,7 @@
 upstream: released (v3.16-rc1) [8d0207652cbe27d1f962050737848e5ad4671958]
 2.6.32-upstream-stable: needed
 sid: released (3.16.2-1)
-3.2-wheezy-security: pending (3.2.65-1+deb7u2) [bugfix/all/splice-apply-generic-position-and-size-checks-to-eac.patch]
+3.2-wheezy-security: released (3.2.65-1+deb7u2) [bugfix/all/splice-apply-generic-position-and-size-checks-to-eac.patch]
 2.6.32-squeeze-security: released (2.6.32-48squeeze11) [bugfix/all/splice-apply-generic-position-and-size-checks-to-eac.patch]
 3.16-upstream-stable: N/A "fixed before 3.16"
 3.2-upstream-stable: released (3.2.67) [splice-apply-generic-position-and-size-checks-to-eac.patch]

Modified: active/CVE-2014-8160
===================================================================
--- active/CVE-2014-8160	2015-02-23 10:19:49 UTC (rev 3696)
+++ active/CVE-2014-8160	2015-02-24 00:19:11 UTC (rev 3697)
@@ -6,7 +6,7 @@
 upstream: released (3.18) [db29a9508a9246e77087c5531e45b2c88ec6988b]
 2.6.32-upstream-stable: needed
 sid: released (3.16.7-ckt4-1) [bugfix/all/netfilter-conntrack-disable-generic-tracking-for-kno.patch]
-3.2-wheezy-security: pending (3.2.65-1+deb7u2) [bugfix/all/netfilter-conntrack-disable-generic-tracking-for-kno.patch]
+3.2-wheezy-security: released (3.2.65-1+deb7u2) [bugfix/all/netfilter-conntrack-disable-generic-tracking-for-kno.patch]
 2.6.32-squeeze-security: released (2.6.32-48squeeze11) [bugfix/all/netfilter-conntrack-disable-generic-tracking-for-kno.patch]
 3.16-upstream-stable: released (3.16.7-ckt5)
 3.2-upstream-stable: released (3.2.67) [netfilter-conntrack-disable-generic-tracking-for-kno.patch]

Modified: active/CVE-2014-8559
===================================================================
--- active/CVE-2014-8559	2015-02-23 10:19:49 UTC (rev 3696)
+++ active/CVE-2014-8559	2015-02-24 00:19:11 UTC (rev 3697)
@@ -14,7 +14,7 @@
 upstream: released (3.19-rc1) [946e51f2bf37f1656916eb75bd0742ba33983c28, ca5358ef75fc69fee5322a38a340f5739d997c10]
 2.6.32-upstream-stable: N/A
 sid: released (3.16.7-ckt4-1)
-3.2-wheezy-security: pending (3.2.65-1+deb7u2) [bugfix/all/move-d_rcu-from-overlapping-d_child-to-overlapping-d_alias.patch, bugfix/all/deal-with-deadlock-in-d_walk.patch, bugfix/all/dcache-fix-locking-bugs-in-backported-deal-with-deadlock-in-d_walk.patch]
+3.2-wheezy-security: released (3.2.65-1+deb7u2) [bugfix/all/move-d_rcu-from-overlapping-d_child-to-overlapping-d_alias.patch, bugfix/all/deal-with-deadlock-in-d_walk.patch, bugfix/all/dcache-fix-locking-bugs-in-backported-deal-with-deadlock-in-d_walk.patch]
 2.6.32-squeeze-security: N/A
 3.16-upstream-stable: released (3.16.7-ckt4)
 3.2-upstream-stable: released (3.2.66) [move-d_rcu-from-overlapping-d_child-to-overlapping-d_alias.patch, deal-with-deadlock-in-d_walk.patch]

Modified: active/CVE-2014-9585
===================================================================
--- active/CVE-2014-9585	2015-02-23 10:19:49 UTC (rev 3696)
+++ active/CVE-2014-9585	2015-02-24 00:19:11 UTC (rev 3697)
@@ -6,7 +6,7 @@
 upstream: released (3.19-rc4) [394f56fe480140877304d342dec46d50dc823d46]
 2.6.32-upstream-stable: needed
 sid: released (3.16.7-ckt4-1) [bugfix/x86/x86_64-vdso-fix-the-vdso-address-randomization-algor.patch]
-3.2-wheezy-security: pending (3.2.65-1+deb7u2) [bugfix/x86/x86_64-vdso-fix-the-vdso-address-randomization-algor.patch]
+3.2-wheezy-security: released (3.2.65-1+deb7u2) [bugfix/x86/x86_64-vdso-fix-the-vdso-address-randomization-algor.patch]
 2.6.32-squeeze-security: released (2.6.32-48squeeze11) [bugfix/x86/x86_64-vdso-fix-the-vdso-address-randomization-algor.patch]
 3.16-upstream-stable: released (3.16.7-ckt5)
 3.2-upstream-stable: released (3.2.67) [x86_64-vdso-fix-the-vdso-address-randomization-algorithm.patch]

Modified: active/CVE-2014-9644
===================================================================
--- active/CVE-2014-9644	2015-02-23 10:19:49 UTC (rev 3696)
+++ active/CVE-2014-9644	2015-02-24 00:19:11 UTC (rev 3697)
@@ -7,7 +7,7 @@
 upstream: released (3.19-rc6) [5d26a105b5a73e5635eae0629b42fa0a90e07b7b, 4943ba16bbc2db05115707b3ff7b4874e9e3c560, 3e14dcf7cb80b34a1f38b55bc96f02d23fdaaaaf]
 2.6.32-upstream-stable: N/A "Introduced in 2.6.38"
 sid: released (3.16.7-ckt4-2) [bugfix/all/crypto-prefix-module-autoloading-with-crypto.patch, bugfix/all/crypto-include-crypto-module-prefix-in-template.patch, +bugfix/all/crypto-add-missing-crypto-module-aliases.patch]
-3.2-wheezy-security: pending (3.2.65-1+deb7u2) [bugfix/all/crypto-prefix-module-autoloading-with-crypto.patch, bugfix/all/crypto-include-crypto-module-prefix-in-template.patch, +bugfix/all/crypto-add-missing-crypto-module-aliases.patch]
+3.2-wheezy-security: released (3.2.65-1+deb7u2) [bugfix/all/crypto-prefix-module-autoloading-with-crypto.patch, bugfix/all/crypto-include-crypto-module-prefix-in-template.patch, +bugfix/all/crypto-add-missing-crypto-module-aliases.patch]
 2.6.32-squeeze-security: N/A "Introduced in 2.6.38"
 3.16-upstream-stable: released (3.16.7-ckt6)
 3.2-upstream-stable: released (3.2.67) [crypto-prefix-module-autoloading-with-crypto.patch, crypto-include-crypto-module-prefix-in-template.patch, crypto-add-missing-crypto-module-aliases.patch]

Modified: active/CVE-2014-9683
===================================================================
--- active/CVE-2014-9683	2015-02-23 10:19:49 UTC (rev 3696)
+++ active/CVE-2014-9683	2015-02-24 00:19:11 UTC (rev 3697)
@@ -5,7 +5,7 @@
 upstream: released (v3.19-rc1) [942080643bce061c3dd9d5718d3b745dcb39a8bc]
 2.6.32-upstream-stable: needed
 sid: released (3.16.7-ckt4-1)
-3.2-wheezy-security: pending (3.2.65-1+deb7u2)
+3.2-wheezy-security: released (3.2.65-1+deb7u2)
 2.6.32-squeeze-security: needed
 3.16-upstream-stable: released (3.16.7-ckt4)
 3.2-upstream-stable: released (3.2.67)

Modified: active/CVE-2015-0239
===================================================================
--- active/CVE-2015-0239	2015-02-23 10:19:49 UTC (rev 3696)
+++ active/CVE-2015-0239	2015-02-24 00:19:11 UTC (rev 3697)
@@ -10,7 +10,7 @@
 upstream: released (3.19-rc6) [f3747379accba8e95d70cec0eae0582c8c182050]
 2.6.32-upstream-stable: needed
 sid: released (3.16.7-ckt4-2) [bugfix/x86/kvm-x86-sysenter-emulation-is-broken.patch]
-3.2-wheezy-security: pending (3.2.65-1+deb7u2) [bugfix/x86/kvm-x86-sysenter-emulation-is-broken.patch]
+3.2-wheezy-security: released (3.2.65-1+deb7u2) [bugfix/x86/kvm-x86-sysenter-emulation-is-broken.patch]
 2.6.32-squeeze-security: ignored "KVM not supported in squeeze LTS"
 3.16-upstream-stable: released (3.16.7-ckt6)
 3.2-upstream-stable: released (3.2.67) [kvm-x86-sysenter-emulation-is-broken.patch]

Modified: active/CVE-2015-1420
===================================================================
--- active/CVE-2015-1420	2015-02-23 10:19:49 UTC (rev 3696)
+++ active/CVE-2015-1420	2015-02-24 00:19:11 UTC (rev 3697)
@@ -6,7 +6,7 @@
 upstream: needed
 2.6.32-upstream-stable: N/A "Introduced in 2.6.39 with becfd1f37544798cbdfd788f32c827160fab98c1"
 sid: pending (3.16.7-ckt6-1) [bugfix/all/vfs-read-file_handle-only-once-in-handle_to_path.patch]
-3.2-wheezy-security: pending (3.2.65-1+deb7u2) [bugfix/all/vfs-read-file_handle-only-once-in-handle_to_path.patch]
+3.2-wheezy-security: released (3.2.65-1+deb7u2) [bugfix/all/vfs-read-file_handle-only-once-in-handle_to_path.patch]
 2.6.32-squeeze-security: N/A "Introduced in 2.6.39 with becfd1f37544798cbdfd788f32c827160fab98c1"
 3.16-upstream-stable: needed
 3.2-upstream-stable: needed

Modified: active/CVE-2015-1421
===================================================================
--- active/CVE-2015-1421	2015-02-23 10:19:49 UTC (rev 3696)
+++ active/CVE-2015-1421	2015-02-24 00:19:11 UTC (rev 3697)
@@ -7,7 +7,7 @@
 upstream: released (3.19-rc7) [600ddd6825543962fb807884169e57b580dba208]
 2.6.32-upstream-stable: needed
 sid: released (3.16.7-ckt4-3) [bugfix/all/net-sctp-fix-slab-corruption-from-use-after-free-on-.patch]
-3.2-wheezy-security: pending (3.2.65-1+deb7u2) [bugfix/all/net-sctp-fix-slab-corruption-from-use-after-free-on-init-collisions.patch]
+3.2-wheezy-security: released (3.2.65-1+deb7u2) [bugfix/all/net-sctp-fix-slab-corruption-from-use-after-free-on-init-collisions.patch]
 2.6.32-squeeze-security: released (2.6.32-48squeeze11) [bugfix/all/net-sctp-fix-slab-corruption-from-use-after-free-on-.patch]
 3.16-upstream-stable: released (3.16.7-ckt6)
 3.2-upstream-stable: released (3.2.67) [net-sctp-fix-slab-corruption-from-use-after-free-on-init-collisions.patch]

Modified: active/CVE-2015-1593
===================================================================
--- active/CVE-2015-1593	2015-02-23 10:19:49 UTC (rev 3696)
+++ active/CVE-2015-1593	2015-02-24 00:19:11 UTC (rev 3697)
@@ -8,7 +8,7 @@
 upstream: released (4.0-rc1) [4e7c22d447bb6d7e37bfe39ff658486ae78e8d77]
 2.6.32-upstream-stable: needed
 sid: pending (3.16.7-ckt6-1) [bugfix/all/aslr-fix-stack-randomization-on-64-bit-systems.patch]
-3.2-wheezy-security: pending (3.2.65-1+deb7u2) [bugfix/all/aslr-fix-stack-randomization-on-64-bit-systems.patch]
+3.2-wheezy-security: released (3.2.65-1+deb7u2) [bugfix/all/aslr-fix-stack-randomization-on-64-bit-systems.patch]
 2.6.32-squeeze-security: released (2.6.32-48squeeze11) [bugfix/all/aslr-fix-stack-randomization-on-64-bit-systems.patch]
 3.16-upstream-stable: needed
 3.2-upstream-stable: needed

More information about the kernel-sec-discuss mailing list