[kernel-sec-discuss] r3857 - active
Ben Hutchings
benh at moszumanska.debian.org
Sat Jul 11 02:46:47 UTC 2015
Author: benh
Date: 2015-07-11 02:46:46 +0000 (Sat, 11 Jul 2015)
New Revision: 3857
Modified:
active/CVE-2015-3212
active/CVE-2015-4692
active/CVE-2015-4700
Log:
Update status of recent issues
Modified: active/CVE-2015-3212
===================================================================
--- active/CVE-2015-3212 2015-07-06 20:58:51 UTC (rev 3856)
+++ active/CVE-2015-3212 2015-07-11 02:46:46 UTC (rev 3857)
@@ -4,11 +4,11 @@
Notes:
Introduced in v3.1-rc1 by 9f7d653b67aed2d92540fbb0a8adaf
Bugs:
-upstream:
-3.16-upstream-stable:
-3.2-upstream-stable:
+upstream: released (4.2-rc1) [2d45a02d0166caf2627fe91897c6ffc3b19514c4]
+3.16-upstream-stable: needed
+3.2-upstream-stable: needed
2.6.32-upstream-stable: N/A "Introduced with 9f7d653b67aed2d92540fbb0a8adaf"
-sid:
-3.16-jessie-security:
-3.2-wheezy-security:
+sid: pending (4.0.8-1)
+3.16-jessie-security: needed
+3.2-wheezy-security: needed
2.6.32-squeeze-security: N/A "Introduced with 9f7d653b67aed2d92540fbb0a8adaf"
Modified: active/CVE-2015-4692
===================================================================
--- active/CVE-2015-4692 2015-07-06 20:58:51 UTC (rev 3856)
+++ active/CVE-2015-4692 2015-07-11 02:46:46 UTC (rev 3857)
@@ -4,11 +4,11 @@
Introduced by 66450a21f99636af4fafac2afd33f1a40631bc3a (v3.10-rc1)
https://lkml.org/lkml/2015/6/4/163
Bugs:
-upstream:
-3.16-upstream-stable:
+upstream: released (4.2-rc1) [ce40cd3fc7fa40a6119e5fe6c0f2bc0eb4541009]
+3.16-upstream-stable: needed
3.2-upstream-stable: N/A "Introduced with 66450a21f99636af4fafac2afd33f1a40631bc3a"
2.6.32-upstream-stable: N/A "Introduced with 66450a21f99636af4fafac2afd33f1a40631bc3a"
-sid:
-3.16-jessie-security:
+sid: needed
+3.16-jessie-security: needed
3.2-wheezy-security: N/A "Introduced with 66450a21f99636af4fafac2afd33f1a40631bc3a"
2.6.32-squeeze-security: N/A "Introduced with 66450a21f99636af4fafac2afd33f1a40631bc3a"
Modified: active/CVE-2015-4700
===================================================================
--- active/CVE-2015-4700 2015-07-06 20:58:51 UTC (rev 3856)
+++ active/CVE-2015-4700 2015-07-11 02:46:46 UTC (rev 3857)
@@ -1,12 +1,14 @@
Description: Crafted BPF filters may crash kernel during JIT optimisation
References:
-Notes: Introduced in 0a14842f5a3c0e88a1e59fac5c3025db39721f74
+Notes: Introduced in 0a14842f5a3c0e88a1e59fac5c3025db39721f74.
+ This is mitigated by the fact that BPF JIT has always been disabled by
+ default.
Bugs:
upstream: released (v4.1-rc6) [3f7352bf21f8fd7ba3e2fcef9488756f188e12be]
-3.16-upstream-stable:
-3.2-upstream-stable:
+3.16-upstream-stable: needed
+3.2-upstream-stable: needed
2.6.32-upstream-stable: N/A "Introduced in 3.0 with 0a14842f5a3c0e88a1e59fac5c3025db39721f74"
-sid:
-3.16-jessie-security:
-3.2-wheezy-security:
+sid: needed
+3.16-jessie-security: needed
+3.2-wheezy-security: needed
2.6.32-squeeze-security: N/A "Introduced in 3.0 with 0a14842f5a3c0e88a1e59fac5c3025db39721f74"
More information about the kernel-sec-discuss
mailing list