[kernel-sec-discuss] r3650 - active retired

Moritz Muehlenhoff jmm at moszumanska.debian.org
Fri Jan 16 18:05:42 UTC 2015 

Author: jmm
Date: 2015-01-16 18:05:42 +0000 (Fri, 16 Jan 2015)
New Revision: 3650

Added:
   retired/CVE-2014-8989
   retired/CVE-2014-9428
Removed:
   active/CVE-2014-8989
   active/CVE-2014-9428
Log:
retire


Deleted: active/CVE-2014-8989
===================================================================
--- active/CVE-2014-8989	2015-01-16 18:01:43 UTC (rev 3649)
+++ active/CVE-2014-8989	2015-01-16 18:05:42 UTC (rev 3650)
@@ -1,17 +0,0 @@
-Description: Linux user namespaces can bypass group-based restrictions
-References:
- http://www.openwall.com/lists/oss-security/2014/11/17/19
- http://thread.gmane.org/gmane.linux.man/7385/
- http://lwn.net/Articles/626665/
- http://lwn.net/Articles/626677/
-Notes:
- bwh> Mitigated in Debian because by default you need CAP_SYS_ADMIN to
- bwh> create a new userns.
-Bugs:
-upstream: released (3.19-rc1) [0542f17bf2c1f2430d368f44c8fcf2f82ec9e53e, 273d2c67c3e179adb1e74f403d1e9a06e3f841b5, be7c6dba2332cef0677fbabb606e279ae76652c3, 80dd00a23784b384ccea049bfb3f259d3f973b9d, f95d7918bd1e724675de4940039f2865e5eec5fe, f0d62aec931e4ae3333c797d346dc4f188f454ba, 9cc46516ddf497ea16e8d7cb986ae03a0f6b92f8, 66d2f338ee4c449396b6f99f5e75cd18eb6df272, db86da7cb76f797a1a8b445166a15cb922c6ff85]
-2.6.32-upstream-stable: N/A "User namespaces not usable"
-sid: released (3.16.7-ckt4-1)
-3.2-wheezy-security: N/A "User namespaces not usable"
-2.6.32-squeeze-security: N/A "User namespaces not usable"
-3.16-upstream-stable: released (3.16.7-ckt4)
-3.2-upstream-stable: N/A "User namespaces not usable"

Deleted: active/CVE-2014-9428
===================================================================
--- active/CVE-2014-9428	2015-01-16 18:01:43 UTC (rev 3649)
+++ active/CVE-2014-9428	2015-01-16 18:05:42 UTC (rev 3650)
@@ -1,11 +0,0 @@
-Description: Remote crash of kernel via batman-adv module
-References:
-Notes: Introduced by 610bfc6bc99bc83680d190ebc69359a05fc7f605
-Bugs: https://bugs.debian.org/774155
-upstream: released (3.19-rc3) [5b6698b0e4a37053de35cc24ee695b98a7eb712b]
-2.6.32-upstream-stable: N/A "Introduced in 3.13-rc1"
-sid: released (3.16.7-ckt4-1)
-3.2-wheezy-security: N/A "Introduced in 3.13-rc1"
-2.6.32-squeeze-security: N/A "Introduced in 3.13-rc1"
-3.16-upstream-stable: released (3.16.7-ckt4)
-3.2-upstream-stable: N/A "Introduced in 3.13-rc1"

Copied: retired/CVE-2014-8989 (from rev 3648, active/CVE-2014-8989)
===================================================================
--- retired/CVE-2014-8989	                        (rev 0)
+++ retired/CVE-2014-8989	2015-01-16 18:05:42 UTC (rev 3650)
@@ -0,0 +1,17 @@
+Description: Linux user namespaces can bypass group-based restrictions
+References:
+ http://www.openwall.com/lists/oss-security/2014/11/17/19
+ http://thread.gmane.org/gmane.linux.man/7385/
+ http://lwn.net/Articles/626665/
+ http://lwn.net/Articles/626677/
+Notes:
+ bwh> Mitigated in Debian because by default you need CAP_SYS_ADMIN to
+ bwh> create a new userns.
+Bugs:
+upstream: released (3.19-rc1) [0542f17bf2c1f2430d368f44c8fcf2f82ec9e53e, 273d2c67c3e179adb1e74f403d1e9a06e3f841b5, be7c6dba2332cef0677fbabb606e279ae76652c3, 80dd00a23784b384ccea049bfb3f259d3f973b9d, f95d7918bd1e724675de4940039f2865e5eec5fe, f0d62aec931e4ae3333c797d346dc4f188f454ba, 9cc46516ddf497ea16e8d7cb986ae03a0f6b92f8, 66d2f338ee4c449396b6f99f5e75cd18eb6df272, db86da7cb76f797a1a8b445166a15cb922c6ff85]
+2.6.32-upstream-stable: N/A "User namespaces not usable"
+sid: released (3.16.7-ckt4-1)
+3.2-wheezy-security: N/A "User namespaces not usable"
+2.6.32-squeeze-security: N/A "User namespaces not usable"
+3.16-upstream-stable: released (3.16.7-ckt4)
+3.2-upstream-stable: N/A "User namespaces not usable"

Copied: retired/CVE-2014-9428 (from rev 3648, active/CVE-2014-9428)
===================================================================
--- retired/CVE-2014-9428	                        (rev 0)
+++ retired/CVE-2014-9428	2015-01-16 18:05:42 UTC (rev 3650)
@@ -0,0 +1,11 @@
+Description: Remote crash of kernel via batman-adv module
+References:
+Notes: Introduced by 610bfc6bc99bc83680d190ebc69359a05fc7f605
+Bugs: https://bugs.debian.org/774155
+upstream: released (3.19-rc3) [5b6698b0e4a37053de35cc24ee695b98a7eb712b]
+2.6.32-upstream-stable: N/A "Introduced in 3.13-rc1"
+sid: released (3.16.7-ckt4-1)
+3.2-wheezy-security: N/A "Introduced in 3.13-rc1"
+2.6.32-squeeze-security: N/A "Introduced in 3.13-rc1"
+3.16-upstream-stable: released (3.16.7-ckt4)
+3.2-upstream-stable: N/A "Introduced in 3.13-rc1"

More information about the kernel-sec-discuss mailing list