[kernel-sec-discuss] r3778 - active

Moritz Muehlenhoff jmm at moszumanska.debian.org
Mon May 11 07:05:14 UTC 2015 

Author: jmm
Date: 2015-05-11 07:05:14 +0000 (Mon, 11 May 2015)
New Revision: 3778

Modified:
   active/CVE-2014-8159
   active/CVE-2014-9715
   active/CVE-2015-0275
   active/CVE-2015-1420
   active/CVE-2015-1593
   active/CVE-2015-2041
   active/CVE-2015-2042
   active/CVE-2015-2150
   active/CVE-2015-2830
   active/CVE-2015-2922
   active/CVE-2015-3331
   active/CVE-2015-3339
   active/CVE-2015-3636
Log:
3.2.69 released


Modified: active/CVE-2014-8159
===================================================================
--- active/CVE-2014-8159	2015-05-10 19:08:05 UTC (rev 3777)
+++ active/CVE-2014-8159	2015-05-11 07:05:14 UTC (rev 3778)
@@ -10,4 +10,4 @@
 3.2-wheezy-security: released (3.2.68-1+deb7u1) [bugfix/all/ib-core-prevent-integer-overflow-in-ib_umem_get.patch]
 2.6.32-squeeze-security: pending (2.6.32-48squeeze12) [bugfix/all/ib-core-prevent-integer-overflow-in-ib_umem_get.patch]
 3.16-upstream-stable: released (3.16.7-ckt10)
-3.2-upstream-stable: pending (3.2.69) [ib-uverbs-prevent-integer-overflow-in-ib_umem_get-address-arithmetic.patch]
+3.2-upstream-stable: released (3.2.69) [ib-uverbs-prevent-integer-overflow-in-ib_umem_get-address-arithmetic.patch]

Modified: active/CVE-2014-9715
===================================================================
--- active/CVE-2014-9715	2015-05-10 19:08:05 UTC (rev 3777)
+++ active/CVE-2014-9715	2015-05-11 07:05:14 UTC (rev 3778)
@@ -12,4 +12,4 @@
 3.2-wheezy-security: released (3.2.68-1+deb7u1) [bugfix/all/netfilter-nf_conntrack-reserve-two-bytes-for-nf_ct_e.patch]
 2.6.32-squeeze-security: N/A "Introduced in 3.6"
 3.16-upstream-stable: N/A "Fixed already in v3.15-rc1"
-3.2-upstream-stable: pending (3.2.69) [netfilter-nf_conntrack-reserve-two-bytes-for-nf_ct_ext-len.patch]
+3.2-upstream-stable: released (3.2.69) [netfilter-nf_conntrack-reserve-two-bytes-for-nf_ct_ext-len.patch]

Modified: active/CVE-2015-0275
===================================================================
--- active/CVE-2015-0275	2015-05-10 19:08:05 UTC (rev 3777)
+++ active/CVE-2015-0275	2015-05-11 07:05:14 UTC (rev 3778)
@@ -10,5 +10,5 @@
 3.16-jessie-security: N/A "Fixed before initial release"
 3.2-wheezy-security: N/A "vulnerable code not present"
 2.6.32-squeeze-security: N/A "vulnerable code not present"
-3.16-upstream-stable: needed
+3.16-upstream-stable: pending (3.16.7-ckt11)
 3.2-upstream-stable: N/A "vulnerable code not present"

Modified: active/CVE-2015-1420
===================================================================
--- active/CVE-2015-1420	2015-05-10 19:08:05 UTC (rev 3777)
+++ active/CVE-2015-1420	2015-05-11 07:05:14 UTC (rev 3778)
@@ -2,6 +2,7 @@
 References:
  http://marc.info/?l=linux-kernel&m=142247707318982&w=2
 Notes:
+ jmm> Pinged Sasha, this fell through the cracks, he'll re-poke
 Bugs:
 upstream: needed
 2.6.32-upstream-stable: N/A "Introduced in 2.6.39 with becfd1f37544798cbdfd788f32c827160fab98c1"

Modified: active/CVE-2015-1593
===================================================================
--- active/CVE-2015-1593	2015-05-10 19:08:05 UTC (rev 3777)
+++ active/CVE-2015-1593	2015-05-11 07:05:14 UTC (rev 3778)
@@ -12,4 +12,4 @@
 3.2-wheezy-security: released (3.2.65-1+deb7u2) [bugfix/all/aslr-fix-stack-randomization-on-64-bit-systems.patch]
 2.6.32-squeeze-security: released (2.6.32-48squeeze11) [bugfix/all/aslr-fix-stack-randomization-on-64-bit-systems.patch]
 3.16-upstream-stable: released (3.16.7-ckt8)
-3.2-upstream-stable: pending (3.2.69) [x86-mm-aslr-fix-stack-randomization-on-64-bit-systems.patch]
+3.2-upstream-stable: released (3.2.69) [x86-mm-aslr-fix-stack-randomization-on-64-bit-systems.patch]

Modified: active/CVE-2015-2041
===================================================================
--- active/CVE-2015-2041	2015-05-10 19:08:05 UTC (rev 3777)
+++ active/CVE-2015-2041	2015-05-11 07:05:14 UTC (rev 3778)
@@ -11,4 +11,4 @@
 3.2-wheezy-security: released (3.2.68-1+deb7u1) [bugfix/all/net-llc-use-correct-size-for-sysctl-timeout-entries.patch]
 2.6.32-squeeze-security: pending (2.6.32-48squeeze12) [bugfix/all/net-llc-use-correct-size-for-sysctl-timeout-entries.patch]
 3.16-upstream-stable: released (3.16.7-ckt8)
-3.2-upstream-stable: pending (3.2.69) [net-llc-use-correct-size-for-sysctl-timeout-entries.patch]
+3.2-upstream-stable: released (3.2.69) [net-llc-use-correct-size-for-sysctl-timeout-entries.patch]

Modified: active/CVE-2015-2042
===================================================================
--- active/CVE-2015-2042	2015-05-10 19:08:05 UTC (rev 3777)
+++ active/CVE-2015-2042	2015-05-11 07:05:14 UTC (rev 3778)
@@ -11,4 +11,4 @@
 3.2-wheezy-security: released (3.2.68-1+deb7u1) [bugfix/all/net-rds-use-correct-size-for-max-unacked-packets-and.patch]
 2.6.32-squeeze-security: pending (2.6.32-48squeeze12) [bugfix/all/net-rds-use-correct-size-for-max-unacked-packets-and.patch]
 3.16-upstream-stable: released (3.16.7-ckt8)
-3.2-upstream-stable: pending (3.2.69) [net-rds-use-correct-size-for-max-unacked-packets-and-bytes.patch]
+3.2-upstream-stable: released (3.2.69) [net-rds-use-correct-size-for-max-unacked-packets-and-bytes.patch]

Modified: active/CVE-2015-2150
===================================================================
--- active/CVE-2015-2150	2015-05-10 19:08:05 UTC (rev 3777)
+++ active/CVE-2015-2150	2015-05-11 07:05:14 UTC (rev 3778)
@@ -10,4 +10,4 @@
 3.2-wheezy-security: released (3.2.68-1+deb7u1) [bugfix/all/xen-pciback-limit-guest-control-of-command-register.patch]
 2.6.32-squeeze-security: N/A "xen-pciback introduced in 3.1"
 3.16-upstream-stable: released (3.16.7-ckt9)
-3.2-upstream-stable: pending (3.2.69) [xen-pciback-limit-guest-control-of-command-register.patch]
+3.2-upstream-stable: released (3.2.69) [xen-pciback-limit-guest-control-of-command-register.patch]

Modified: active/CVE-2015-2830
===================================================================
--- active/CVE-2015-2830	2015-05-10 19:08:05 UTC (rev 3777)
+++ active/CVE-2015-2830	2015-05-11 07:05:14 UTC (rev 3778)
@@ -9,4 +9,4 @@
 3.2-wheezy-security: released (3.2.68-1+deb7u1) [bugfix/x86/x86-asm-entry-64-remove-a-bogus-ret_from_fork-optimi.patch]
 2.6.32-squeeze-security: pending (2.6.32-48squeeze12) [bugfix/x86/x86-asm-entry-64-remove-a-bogus-ret_from_fork-optimi.patch]
 3.16-upstream-stable: released (3.16.7-ckt9)
-3.2-upstream-stable: pending (3.2.69) [x86-asm-entry-64-remove-a-bogus-ret_from_fork-optimization.patch]
+3.2-upstream-stable: released (3.2.69) [x86-asm-entry-64-remove-a-bogus-ret_from_fork-optimization.patch]

Modified: active/CVE-2015-2922
===================================================================
--- active/CVE-2015-2922	2015-05-10 19:08:05 UTC (rev 3777)
+++ active/CVE-2015-2922	2015-05-11 07:05:14 UTC (rev 3778)
@@ -9,4 +9,4 @@
 3.2-wheezy-security: released (3.2.68-1+deb7u1) [bugfix/all/ipv6-don-t-reduce-hop-limit-for-an-interface.patch]
 2.6.32-squeeze-security: pending (2.6.32-48squeeze12) [bugfix/all/ipv6-don-t-reduce-hop-limit-for-an-interface.patch]
 3.16-upstream-stable: released (3.16.7-ckt10)
-3.2-upstream-stable: pending (3.2.69) [ipv6-don-t-reduce-hop-limit-for-an-interface.patch]
+3.2-upstream-stable: released (3.2.69) [ipv6-don-t-reduce-hop-limit-for-an-interface.patch]

Modified: active/CVE-2015-3331
===================================================================
--- active/CVE-2015-3331	2015-05-10 19:08:05 UTC (rev 3777)
+++ active/CVE-2015-3331	2015-05-11 07:05:14 UTC (rev 3778)
@@ -10,4 +10,4 @@
 3.2-wheezy-security: released (3.2.68-1+deb7u1) [bugfix/x86/crypto-aesni-fix-memory-usage-in-GCM-decryption.patch]
 2.6.32-squeeze-security: N/A "Introduced in v2.6.38-rc1 with 0bd82f5f6355775fbaf7d3c664432ce1b862be1e"
 3.16-upstream-stable: released (3.16.7-ckt10)
-3.2-upstream-stable: pending (3.2.69) [crypto-aesni-fix-memory-usage-in-gcm-decryption.patch]
+3.2-upstream-stable: released (3.2.69) [crypto-aesni-fix-memory-usage-in-gcm-decryption.patch]

Modified: active/CVE-2015-3339
===================================================================
--- active/CVE-2015-3339	2015-05-10 19:08:05 UTC (rev 3777)
+++ active/CVE-2015-3339	2015-05-11 07:05:14 UTC (rev 3778)
@@ -9,4 +9,4 @@
 3.2-wheezy-security: released (3.2.68-1+deb7u1) [bugfix/all/fs-take-i_mutex-during-prepare_binprm-for-set-ug-id-.patch]
 2.6.32-squeeze-security: pending (2.6.32-48squeeze12) [bugfix/all/fs-take-i_mutex-during-prepare_binprm-for-set-ug-id-.patch]
 3.16-upstream-stable: pending (3.16.7-ckt11)
-3.2-upstream-stable: pending (3.2.69) [fs-take-i_mutex-during-prepare_binprm-for-setid-executables.patch]
+3.2-upstream-stable: released (3.2.69) [fs-take-i_mutex-during-prepare_binprm-for-setid-executables.patch]

Modified: active/CVE-2015-3636
===================================================================
--- active/CVE-2015-3636	2015-05-10 19:08:05 UTC (rev 3777)
+++ active/CVE-2015-3636	2015-05-11 07:05:14 UTC (rev 3778)
@@ -5,7 +5,7 @@
 Bugs:
 upstream: released (v4.1-rc2) [a134f083e79fb4c3d0a925691e732c56911b4326]
 3.16-upstream-stable:
-3.2-upstream-stable: pending (3.2.69) [ipv4-missing-sk_nulls_node_init-in-ping_unhash.patch]
+3.2-upstream-stable: released (3.2.69) [ipv4-missing-sk_nulls_node_init-in-ping_unhash.patch]
 2.6.32-upstream-stable:
 sid: pending (4.0.2-1) [bugfix/all/ipv4-missing-sk_nulls_node_init-in-ping_unhash.patch]
 3.16-jessie-security:

More information about the kernel-sec-discuss mailing list