[kernel-sec-discuss] r3647 - active

Ben Hutchings benh at moszumanska.debian.org
Fri Jan 16 00:08:15 UTC 2015 

Author: benh
Date: 2015-01-16 00:08:15 +0000 (Fri, 16 Jan 2015)
New Revision: 3647

Modified:
   active/CVE-2014-8133
   active/CVE-2014-8134
   active/CVE-2014-8559
   active/CVE-2014-8989
   active/CVE-2014-9419
   active/CVE-2014-9420
   active/CVE-2014-9428
   active/CVE-2014-9529
   active/CVE-2014-9584
Log:
Mark issued fixed in 3.16.7-ckt4 and pending in 3.16.7-ckt4-1

Modified: active/CVE-2014-8133
===================================================================
--- active/CVE-2014-8133	2015-01-15 05:30:02 UTC (rev 3646)
+++ active/CVE-2014-8133	2015-01-16 00:08:15 UTC (rev 3647)
@@ -4,8 +4,8 @@
 Bugs:
 upstream: released (3.19-rc1) [41bdc78544b8a93a9c6814b8bbbfef966272abbe]
 2.6.32-upstream-stable: needed
-sid: pending (3.16.7-ckt3-1) [bugfix/x86/x86-tls-validate-tls-entries-to-protect-espfix.patch]
+sid: pending (3.16.7-ckt4-1)
 3.2-wheezy-security: pending (3.2.65-1+deb7u1) [bugfix/x86/x86-tls-validate-tls-entries-to-protect-espfix.patch]
 2.6.32-squeeze-security: needed
-3.16-upstream-stable: pending (3.16.7-ckt4)
+3.16-upstream-stable: released (3.16.7-ckt4)
 3.2-upstream-stable: released (3.2.66) [x86-tls-validate-tls-entries-to-protect-espfix.patch]

Modified: active/CVE-2014-8134
===================================================================
--- active/CVE-2014-8134	2015-01-15 05:30:02 UTC (rev 3646)
+++ active/CVE-2014-8134	2015-01-16 00:08:15 UTC (rev 3647)
@@ -7,8 +7,8 @@
 Bugs:
 upstream: released (3.19-rc1) [29fa6825463c97e5157284db80107d1bfac5d77b]
 2.6.32-upstream-stable: needed
-sid: pending (3.16.7-ckt3-1) [bugfix/x86/x86-kvm-clear-paravirt_enabled-on-kvm-guests-for-espfix32-s-benefit.patch]
+sid: pending (3.16.7-ckt4-1)
 3.2-wheezy-security: released (3.2.65-1) [bugfix/x86/x86-kvm-clear-paravirt_enabled-on-kvm-guests-for-espfix32-s-benefit.patch]
 2.6.32-squeeze-security: needed
-3.16-upstream-stable: pending (3.16.7-ckt4)
+3.16-upstream-stable: released (3.16.7-ckt4)
 3.2-upstream-stable: released (3.2.66) [x86-kvm-clear-paravirt_enabled-on-kvm-guests-for-espfix32-s-benefit.patch]

Modified: active/CVE-2014-8559
===================================================================
--- active/CVE-2014-8559	2015-01-15 05:30:02 UTC (rev 3646)
+++ active/CVE-2014-8559	2015-01-16 00:08:15 UTC (rev 3647)
@@ -13,8 +13,8 @@
 Bugs:
 upstream: released (3.19-rc1) [946e51f2bf37f1656916eb75bd0742ba33983c28, ca5358ef75fc69fee5322a38a340f5739d997c10]
 2.6.32-upstream-stable: N/A
-sid: pending (3.16.7-ckt3-1) [bugfix/all/move-d_rcu-from-overlapping-d_child-to-overlapping-d_alias.patch, bugfix/all/aufs-move-d_rcu-from-overlapping-d_child-to-overlapping-d.patch, debian/vfs-avoid-abi-change-for-dentry-union-changes.patch, bugfix/all/deal-with-deadlock-in-d_walk.patch]
+sid: pending (3.16.7-ckt4-1)
 3.2-wheezy-security: needed
 2.6.32-squeeze-security: N/A
-3.16-upstream-stable: needed
+3.16-upstream-stable: released (3.16.7-ckt4)
 3.2-upstream-stable: released (3.2.66) [move-d_rcu-from-overlapping-d_child-to-overlapping-d_alias.patch, deal-with-deadlock-in-d_walk.patch]

Modified: active/CVE-2014-8989
===================================================================
--- active/CVE-2014-8989	2015-01-15 05:30:02 UTC (rev 3646)
+++ active/CVE-2014-8989	2015-01-16 00:08:15 UTC (rev 3647)
@@ -10,8 +10,8 @@
 Bugs:
 upstream: released (3.19-rc1) [0542f17bf2c1f2430d368f44c8fcf2f82ec9e53e, 273d2c67c3e179adb1e74f403d1e9a06e3f841b5, be7c6dba2332cef0677fbabb606e279ae76652c3, 80dd00a23784b384ccea049bfb3f259d3f973b9d, f95d7918bd1e724675de4940039f2865e5eec5fe, f0d62aec931e4ae3333c797d346dc4f188f454ba, 9cc46516ddf497ea16e8d7cb986ae03a0f6b92f8, 66d2f338ee4c449396b6f99f5e75cd18eb6df272, db86da7cb76f797a1a8b445166a15cb922c6ff85]
 2.6.32-upstream-stable: N/A "User namespaces not usable"
-sid: needed
+sid: pending (3.16.7-ckt4-1)
 3.2-wheezy-security: N/A "User namespaces not usable"
 2.6.32-squeeze-security: N/A "User namespaces not usable"
-3.16-upstream-stable: needed
+3.16-upstream-stable: released (3.16.7-ckt4)
 3.2-upstream-stable: N/A "User namespaces not usable"

Modified: active/CVE-2014-9419
===================================================================
--- active/CVE-2014-9419	2015-01-15 05:30:02 UTC (rev 3646)
+++ active/CVE-2014-9419	2015-01-16 00:08:15 UTC (rev 3647)
@@ -4,8 +4,8 @@
 Bugs:
 upstream: released (v3.19-rc1) [f647d7c155f069c1a068030255c300663516420e]
 2.6.32-upstream-stable:
-sid: pending (3.16.7-ckt3-1) [bugfix/x86/x86_64-switch_to-load-tls-descriptors-before-switchi.patch]
+sid: pending (3.16.7-ckt4-1)
 3.2-wheezy-security: pending (3.2.65-1+deb7u1) [bugfix/x86/x86_64-switch_to-load-tls-descriptors-before-switchi.patch]
 2.6.32-squeeze-security:
-3.16-upstream-stable: pending (3.16.7-ckt4)
+3.16-upstream-stable: released (3.16.7-ckt4)
 3.2-upstream-stable:

Modified: active/CVE-2014-9420
===================================================================
--- active/CVE-2014-9420	2015-01-15 05:30:02 UTC (rev 3646)
+++ active/CVE-2014-9420	2015-01-16 00:08:15 UTC (rev 3647)
@@ -4,8 +4,8 @@
 Bugs:
 upstream: released (v3.19-rc1) [f54e18f1b831c92f6512d2eedb224cd63d607d3d]
 2.6.32-upstream-stable:
-sid: pending (3.16.7-ckt3-1) [bugfix/all/isofs-fix-infinite-looping-over-ce-entries.patch]
+sid: pending (3.16.7-ckt4-1)
 3.2-wheezy-security: released (3.2.65-1) [bugfix/all/isofs-fix-infinite-looping-over-ce-entries.patch]
 2.6.32-squeeze-security:
-3.16-upstream-stable: pending (3.16.7-ckt4)
+3.16-upstream-stable: released (3.16.7-ckt4)
 3.2-upstream-stable:

Modified: active/CVE-2014-9428
===================================================================
--- active/CVE-2014-9428	2015-01-15 05:30:02 UTC (rev 3646)
+++ active/CVE-2014-9428	2015-01-16 00:08:15 UTC (rev 3647)
@@ -4,8 +4,8 @@
 Bugs: https://bugs.debian.org/774155
 upstream: released (3.19-rc3) [5b6698b0e4a37053de35cc24ee695b98a7eb712b]
 2.6.32-upstream-stable: N/A "Introduced in 3.13-rc1"
-sid: pending (3.16.7-ckt3-1) [bugfix/all/batman-adv-calculate-extra-tail-size-based-on-queued.patch]
+sid: pending (3.16.7-ckt4-1)
 3.2-wheezy-security: N/A "Introduced in 3.13-rc1"
 2.6.32-squeeze-security: N/A "Introduced in 3.13-rc1"
-3.16-upstream-stable: needed
+3.16-upstream-stable: released (3.16.7-ckt4)
 3.2-upstream-stable: N/A "Introduced in 3.13-rc1"

Modified: active/CVE-2014-9529
===================================================================
--- active/CVE-2014-9529	2015-01-15 05:30:02 UTC (rev 3646)
+++ active/CVE-2014-9529	2015-01-16 00:08:15 UTC (rev 3647)
@@ -5,8 +5,8 @@
 Bugs:
 upstream: released (3.19-rc4) [a3a8784454692dd72e5d5d34dcdab17b4420e74c]
 2.6.32-upstream-stable: N/A "Vulnerable code not present"
-sid: pending (3.16.7-ckt3-1) [bugfix/all/keys-close-race-between-key-lookup-and-freeing.patch]
+sid: pending (3.16.7-ckt4-1)
 3.2-wheezy-security: pending (3.2.65-1+deb7u1) [bugfix/all/keys-close-race-between-key-lookup-and-freeing.patch]
 2.6.32-squeeze-security: N/A "Vulnerable code not present"
-3.16-upstream-stable: needed
+3.16-upstream-stable: released (3.16.7-ckt4)
 3.2-upstream-stable: needed

Modified: active/CVE-2014-9584
===================================================================
--- active/CVE-2014-9584	2015-01-15 05:30:02 UTC (rev 3646)
+++ active/CVE-2014-9584	2015-01-16 00:08:15 UTC (rev 3647)
@@ -4,8 +4,8 @@
 Bugs:
 upstream: released (3.19-rc3) [4e2024624e678f0ebb916e6192bd23c1f9fdf696]
 2.6.32-upstream-stable: needed
-sid: pending (3.16.7-ckt3-1) [bugfix/all/isofs-fix-unchecked-printing-of-er-records.patch]
+sid: pending (3.16.7-ckt4-1)
 3.2-wheezy-security: pending (3.2.65-1+deb7u1) [bugfix/all/isofs-fix-unchecked-printing-of-er-records.patch]
 2.6.32-squeeze-security: needed
-3.16-upstream-stable: pending (3.16.7-ckt4)
+3.16-upstream-stable: released (3.16.7-ckt4)
 3.2-upstream-stable: needed

More information about the kernel-sec-discuss mailing list