[kernel-sec-discuss] r3783 - active
Ben Hutchings
benh at moszumanska.debian.org
Mon May 18 01:00:44 UTC 2015
Author: benh
Date: 2015-05-18 01:00:43 +0000 (Mon, 18 May 2015)
New Revision: 3783
Modified:
active/CVE-2014-8172
active/CVE-2015-3636
Log:
Triage issues affecting squeeze
Modified: active/CVE-2014-8172
===================================================================
--- active/CVE-2014-8172 2015-05-15 21:25:27 UTC (rev 3782)
+++ active/CVE-2014-8172 2015-05-18 01:00:43 UTC (rev 3783)
@@ -11,6 +11,6 @@
sid: released (3.13.4-1)
3.16-jessie-security: N/A "Fixed before initial release"
3.2-wheezy-security:
-2.6.32-squeeze-security:
+2.6.32-squeeze-security: ignored "Doesn't appear to be fixable without major locking changes"
3.16-upstream-stable: N/A "Fixed before initial release"
3.2-upstream-stable:
Modified: active/CVE-2015-3636
===================================================================
--- active/CVE-2015-3636 2015-05-15 21:25:27 UTC (rev 3782)
+++ active/CVE-2015-3636 2015-05-18 01:00:43 UTC (rev 3783)
@@ -6,8 +6,8 @@
upstream: released (v4.1-rc2) [a134f083e79fb4c3d0a925691e732c56911b4326]
3.16-upstream-stable: released (3.16.7-ckt11)
3.2-upstream-stable: released (3.2.69) [ipv4-missing-sk_nulls_node_init-in-ping_unhash.patch]
-2.6.32-upstream-stable:
+2.6.32-upstream-stable: N/A "Vulnerable code not present"
sid: released (4.0.2-1) [bugfix/all/ipv4-missing-sk_nulls_node_init-in-ping_unhash.patch]
3.16-jessie-security: needed
3.2-wheezy-security:
-2.6.32-squeeze-security:
+2.6.32-squeeze-security: N/A "Vulnerable code not present"
More information about the kernel-sec-discuss
mailing list