[kernel-sec-discuss] r3779 - active retired

Moritz Muehlenhoff jmm at moszumanska.debian.org
Mon May 11 07:06:16 UTC 2015 

Author: jmm
Date: 2015-05-11 07:06:16 +0000 (Mon, 11 May 2015)
New Revision: 3779

Added:
   retired/CVE-2014-9715
   retired/CVE-2015-1593
   retired/CVE-2015-2150
   retired/CVE-2015-3331
Removed:
   active/CVE-2014-9715
   active/CVE-2015-1593
   active/CVE-2015-2150
   active/CVE-2015-3331
Log:
retire


Deleted: active/CVE-2014-9715
===================================================================
--- active/CVE-2014-9715	2015-05-11 07:05:14 UTC (rev 3778)
+++ active/CVE-2014-9715	2015-05-11 07:06:16 UTC (rev 3779)
@@ -1,15 +0,0 @@
-Description: nf_conntrack: reserve two bytes for nf_ct_ext->len
-References:
-Notes:
- The issue was introduced in 3.6 but as well backported to 3.2
- Introduced by (v3.6-rc5) [5b423f6a40a0327f9d40bc8b97ce9b]
- In 3.2. introduced by (v3.2.33) [cc1b75d796ad050c83c95733c4220aaa04fa1304]
-Bugs: https://bugs.debian.org/741667
-upstream: released (v3.15-rc1) [223b02d923ecd7c84cf9780bb3686f455d279279]
-2.6.32-upstream-stable: N/A "Introduced in 3.6"
-sid: released (3.14.5-1)
-3.16-jessie-security: N/A "Fixed before initial release"
-3.2-wheezy-security: released (3.2.68-1+deb7u1) [bugfix/all/netfilter-nf_conntrack-reserve-two-bytes-for-nf_ct_e.patch]
-2.6.32-squeeze-security: N/A "Introduced in 3.6"
-3.16-upstream-stable: N/A "Fixed already in v3.15-rc1"
-3.2-upstream-stable: released (3.2.69) [netfilter-nf_conntrack-reserve-two-bytes-for-nf_ct_ext-len.patch]

Deleted: active/CVE-2015-1593
===================================================================
--- active/CVE-2015-1593	2015-05-11 07:05:14 UTC (rev 3778)
+++ active/CVE-2015-1593	2015-05-11 07:06:16 UTC (rev 3779)
@@ -1,15 +0,0 @@
-Description: Linux stack ASLR implementation integer overflow
-References:
- http://hmarco.org/bugs/linux-ASLR-integer-overflow.html
- https://lkml.org/lkml/2015/1/7/811
- http://article.gmane.org/gmane.linux.kernel/1888210
-Notes:
-Bugs:
-upstream: released (4.0-rc1) [4e7c22d447bb6d7e37bfe39ff658486ae78e8d77]
-2.6.32-upstream-stable: pending (2.6.32.66)
-sid: released (3.16.7-ckt7-1) [bugfix/all/aslr-fix-stack-randomization-on-64-bit-systems.patch]
-3.16-jessie-security: N/A "Fixed before initial release"
-3.2-wheezy-security: released (3.2.65-1+deb7u2) [bugfix/all/aslr-fix-stack-randomization-on-64-bit-systems.patch]
-2.6.32-squeeze-security: released (2.6.32-48squeeze11) [bugfix/all/aslr-fix-stack-randomization-on-64-bit-systems.patch]
-3.16-upstream-stable: released (3.16.7-ckt8)
-3.2-upstream-stable: released (3.2.69) [x86-mm-aslr-fix-stack-randomization-on-64-bit-systems.patch]

Deleted: active/CVE-2015-2150
===================================================================
--- active/CVE-2015-2150	2015-05-11 07:05:14 UTC (rev 3778)
+++ active/CVE-2015-2150	2015-05-11 07:06:16 UTC (rev 3779)
@@ -1,13 +0,0 @@
-Description: Xen: Non-maskable interrupts triggerable by guests
-References:
- http://xenbits.xen.org/xsa/advisory-120.html
-Notes:
-Bugs:
-upstream: released (4.0-rc4) [af6fc858a35b90e89ea7a7ee58e66628c55c776b]
-2.6.32-upstream-stable: N/A "xen-pciback introduced in 3.1"
-sid: released (3.16.7-ckt9-1)
-3.16-jessie-security: N/A "Fixed before initial release"
-3.2-wheezy-security: released (3.2.68-1+deb7u1) [bugfix/all/xen-pciback-limit-guest-control-of-command-register.patch]
-2.6.32-squeeze-security: N/A "xen-pciback introduced in 3.1"
-3.16-upstream-stable: released (3.16.7-ckt9)
-3.2-upstream-stable: released (3.2.69) [xen-pciback-limit-guest-control-of-command-register.patch]

Deleted: active/CVE-2015-3331
===================================================================
--- active/CVE-2015-3331	2015-05-11 07:05:14 UTC (rev 3778)
+++ active/CVE-2015-3331	2015-05-11 07:06:16 UTC (rev 3779)
@@ -1,13 +0,0 @@
-Description: Buffer overruns in Linux kernel RFC4106 implementation using AESNI
-References:
-Notes:
-Bugs:
- - https://bugs.debian.org/782561
-upstream: released (v4.0-rc5) [ccfe8c3f7e52ae83155cb038753f4c75b774ca8a]
-2.6.32-upstream-stable: N/A "Introduced in v2.6.38-rc1 with 0bd82f5f6355775fbaf7d3c664432ce1b862be1e"
-sid: released (3.16.7-ckt9-3) [bugfix/x86/crypto-aesni-fix-memory-usage-in-GCM-decryption.patch]
-3.16-jessie-security: released (3.16.7-ckt9-3~deb8u1) [bugfix/x86/crypto-aesni-fix-memory-usage-in-GCM-decryption.patch]
-3.2-wheezy-security: released (3.2.68-1+deb7u1) [bugfix/x86/crypto-aesni-fix-memory-usage-in-GCM-decryption.patch]
-2.6.32-squeeze-security: N/A "Introduced in v2.6.38-rc1 with 0bd82f5f6355775fbaf7d3c664432ce1b862be1e"
-3.16-upstream-stable: released (3.16.7-ckt10)
-3.2-upstream-stable: released (3.2.69) [crypto-aesni-fix-memory-usage-in-gcm-decryption.patch]

Copied: retired/CVE-2014-9715 (from rev 3778, active/CVE-2014-9715)
===================================================================
--- retired/CVE-2014-9715	                        (rev 0)
+++ retired/CVE-2014-9715	2015-05-11 07:06:16 UTC (rev 3779)
@@ -0,0 +1,15 @@
+Description: nf_conntrack: reserve two bytes for nf_ct_ext->len
+References:
+Notes:
+ The issue was introduced in 3.6 but as well backported to 3.2
+ Introduced by (v3.6-rc5) [5b423f6a40a0327f9d40bc8b97ce9b]
+ In 3.2. introduced by (v3.2.33) [cc1b75d796ad050c83c95733c4220aaa04fa1304]
+Bugs: https://bugs.debian.org/741667
+upstream: released (v3.15-rc1) [223b02d923ecd7c84cf9780bb3686f455d279279]
+2.6.32-upstream-stable: N/A "Introduced in 3.6"
+sid: released (3.14.5-1)
+3.16-jessie-security: N/A "Fixed before initial release"
+3.2-wheezy-security: released (3.2.68-1+deb7u1) [bugfix/all/netfilter-nf_conntrack-reserve-two-bytes-for-nf_ct_e.patch]
+2.6.32-squeeze-security: N/A "Introduced in 3.6"
+3.16-upstream-stable: N/A "Fixed already in v3.15-rc1"
+3.2-upstream-stable: released (3.2.69) [netfilter-nf_conntrack-reserve-two-bytes-for-nf_ct_ext-len.patch]

Copied: retired/CVE-2015-1593 (from rev 3778, active/CVE-2015-1593)
===================================================================
--- retired/CVE-2015-1593	                        (rev 0)
+++ retired/CVE-2015-1593	2015-05-11 07:06:16 UTC (rev 3779)
@@ -0,0 +1,15 @@
+Description: Linux stack ASLR implementation integer overflow
+References:
+ http://hmarco.org/bugs/linux-ASLR-integer-overflow.html
+ https://lkml.org/lkml/2015/1/7/811
+ http://article.gmane.org/gmane.linux.kernel/1888210
+Notes:
+Bugs:
+upstream: released (4.0-rc1) [4e7c22d447bb6d7e37bfe39ff658486ae78e8d77]
+2.6.32-upstream-stable: pending (2.6.32.66)
+sid: released (3.16.7-ckt7-1) [bugfix/all/aslr-fix-stack-randomization-on-64-bit-systems.patch]
+3.16-jessie-security: N/A "Fixed before initial release"
+3.2-wheezy-security: released (3.2.65-1+deb7u2) [bugfix/all/aslr-fix-stack-randomization-on-64-bit-systems.patch]
+2.6.32-squeeze-security: released (2.6.32-48squeeze11) [bugfix/all/aslr-fix-stack-randomization-on-64-bit-systems.patch]
+3.16-upstream-stable: released (3.16.7-ckt8)
+3.2-upstream-stable: released (3.2.69) [x86-mm-aslr-fix-stack-randomization-on-64-bit-systems.patch]

Copied: retired/CVE-2015-2150 (from rev 3778, active/CVE-2015-2150)
===================================================================
--- retired/CVE-2015-2150	                        (rev 0)
+++ retired/CVE-2015-2150	2015-05-11 07:06:16 UTC (rev 3779)
@@ -0,0 +1,13 @@
+Description: Xen: Non-maskable interrupts triggerable by guests
+References:
+ http://xenbits.xen.org/xsa/advisory-120.html
+Notes:
+Bugs:
+upstream: released (4.0-rc4) [af6fc858a35b90e89ea7a7ee58e66628c55c776b]
+2.6.32-upstream-stable: N/A "xen-pciback introduced in 3.1"
+sid: released (3.16.7-ckt9-1)
+3.16-jessie-security: N/A "Fixed before initial release"
+3.2-wheezy-security: released (3.2.68-1+deb7u1) [bugfix/all/xen-pciback-limit-guest-control-of-command-register.patch]
+2.6.32-squeeze-security: N/A "xen-pciback introduced in 3.1"
+3.16-upstream-stable: released (3.16.7-ckt9)
+3.2-upstream-stable: released (3.2.69) [xen-pciback-limit-guest-control-of-command-register.patch]

Copied: retired/CVE-2015-3331 (from rev 3778, active/CVE-2015-3331)
===================================================================
--- retired/CVE-2015-3331	                        (rev 0)
+++ retired/CVE-2015-3331	2015-05-11 07:06:16 UTC (rev 3779)
@@ -0,0 +1,13 @@
+Description: Buffer overruns in Linux kernel RFC4106 implementation using AESNI
+References:
+Notes:
+Bugs:
+ - https://bugs.debian.org/782561
+upstream: released (v4.0-rc5) [ccfe8c3f7e52ae83155cb038753f4c75b774ca8a]
+2.6.32-upstream-stable: N/A "Introduced in v2.6.38-rc1 with 0bd82f5f6355775fbaf7d3c664432ce1b862be1e"
+sid: released (3.16.7-ckt9-3) [bugfix/x86/crypto-aesni-fix-memory-usage-in-GCM-decryption.patch]
+3.16-jessie-security: released (3.16.7-ckt9-3~deb8u1) [bugfix/x86/crypto-aesni-fix-memory-usage-in-GCM-decryption.patch]
+3.2-wheezy-security: released (3.2.68-1+deb7u1) [bugfix/x86/crypto-aesni-fix-memory-usage-in-GCM-decryption.patch]
+2.6.32-squeeze-security: N/A "Introduced in v2.6.38-rc1 with 0bd82f5f6355775fbaf7d3c664432ce1b862be1e"
+3.16-upstream-stable: released (3.16.7-ckt10)
+3.2-upstream-stable: released (3.2.69) [crypto-aesni-fix-memory-usage-in-gcm-decryption.patch]

More information about the kernel-sec-discuss mailing list