[kernel-sec-discuss] r3998 - active

Ben Hutchings benh at moszumanska.debian.org
Sun Nov 15 01:44:55 UTC 2015


Author: benh
Date: 2015-11-15 01:44:54 +0000 (Sun, 15 Nov 2015)
New Revision: 3998

Modified:
   active/CVE-2015-5307
   active/CVE-2015-7872
   active/CVE-2015-8019
   active/CVE-2015-8104
Log:
Mark issues pending for 4.4-rc1 and 3.2.73

Modified: active/CVE-2015-5307
===================================================================
--- active/CVE-2015-5307	2015-11-11 06:18:23 UTC (rev 3997)
+++ active/CVE-2015-5307	2015-11-15 01:44:54 UTC (rev 3998)
@@ -1,12 +1,12 @@
-Description:
+Description: Denial of service by KVM guest using #AC exception
 References:
 Notes:
 Bugs:
-upstream: needed
+upstream: pending (4.4-rc1) [54a20552e1eae07aa240fa370a0293e006b5faed]
 3.16-upstream-stable: needed
-3.2-upstream-stable: needed
+3.2-upstream-stable: pending (3.2.73) [kvm-x86-work-around-infinite-loop-in-microcode-when-ac-is.patch]
 2.6.32-upstream-stable: needed
 sid: released (4.2.6-1) [bugfix/x86/kvm-x86-vmx-avoid-guest-host-dos-by-intercepting-ac.patch, bugfix/x86/kvm-x86-svm-intercept-ac-to-avoid-guest-host-exploit.patch]
 3.16-jessie-security: released (3.16.7-ckt11-1+deb8u6) [bugfix/x86/kvm-x86-vmx-avoid-guest-host-dos-by-intercepting-ac.patch, bugfix/x86/kvm-x86-svm-intercept-ac-to-avoid-guest-host-exploit.patch]
 3.2-wheezy-security: released (3.2.68-1+deb7u6) [bugfix/x86/kvm-x86-vmx-avoid-guest-host-dos-by-intercepting-ac.patch, bugfix/x86/kvm-x86-svm-intercept-ac-to-avoid-guest-host-exploit.patch]
-2.6.32-squeeze-security: needed
+2.6.32-squeeze-security: ignored "KVM not supported in squeeze LTS"

Modified: active/CVE-2015-7872
===================================================================
--- active/CVE-2015-7872	2015-11-11 06:18:23 UTC (rev 3997)
+++ active/CVE-2015-7872	2015-11-15 01:44:54 UTC (rev 3998)
@@ -7,7 +7,7 @@
  https://bugzilla.redhat.com/show_bug.cgi?id=1272172
 upstream: released (v4.3-rc7) [f05819df10d7b09f6d1eb6f8534a8f68e5a4fe61]
 3.16-upstream-stable: released (3.16.7-ckt19)
-3.2-upstream-stable: needed
+3.2-upstream-stable: pending (3.2.73) [keys-fix-crash-when-attempt-to-garbage-collect-an-uninstantiated.patch]
 2.6.32-upstream-stable: N/A "vulnerable code not present"
 sid: released (4.2.5-1) [bugfix/all/KEYS-Fix-crash-when-attempt-to-garbage-collect-an-un.patch]
 3.16-jessie-security: released (3.16.7-ckt11-1+deb8u6) [bugfix/all/KEYS-Fix-crash-when-attempt-to-garbage-collect-an-un.patch]

Modified: active/CVE-2015-8019
===================================================================
--- active/CVE-2015-8019	2015-11-11 06:18:23 UTC (rev 3997)
+++ active/CVE-2015-8019	2015-11-15 01:44:54 UTC (rev 3998)
@@ -12,7 +12,7 @@
 Bugs:
 upstream: N/A "Vulnerable code not present"
 3.16-upstream-stable: released (v3.16.7-ckt19) [fa89ae5548ed282f0ceb4660b3b93e4e2ee875f3]
-3.2-upstream-stable: needed
+3.2-upstream-stable: pending (3.2.73) [net-add-length-argument-to-skb_copy_and_csum_datagram_iovec.patch]
 2.6.32-upstream-stable:
 sid: N/A "Vulnerable code not present"
 3.16-jessie-security: N/A "Vulnerable code not present"

Modified: active/CVE-2015-8104
===================================================================
--- active/CVE-2015-8104	2015-11-11 06:18:23 UTC (rev 3997)
+++ active/CVE-2015-8104	2015-11-15 01:44:54 UTC (rev 3998)
@@ -5,11 +5,11 @@
  https://bugzilla.novell.com/attachment.cgi?id=655406
 Notes:
 Bugs:
-upstream:
-3.16-upstream-stable:
-3.2-upstream-stable:
-2.6.32-upstream-stable:
+upstream: pending (4.4-rc1) [cbdb967af3d54993f5814f1cee0ed311a055377d]
+3.16-upstream-stable: needed
+3.2-upstream-stable: needed
+2.6.32-upstream-stable: needed
 sid: pending (4.2.6-2) [bugfix/x86/kvm-svm-unconditionally-intercept-DB.patch]
-3.16-jessie-security:
-3.2-wheezy-security:
-2.6.32-squeeze-security:
+3.16-jessie-security: needed
+3.2-wheezy-security: needed
+2.6.32-squeeze-security: ignored "KVM not supported in squeeze LTS"




More information about the kernel-sec-discuss mailing list