[kernel-sec-discuss] r4019 - active
Ben Hutchings
benh at moszumanska.debian.org
Tue Nov 24 18:12:56 UTC 2015
Author: benh
Date: 2015-11-24 18:12:56 +0000 (Tue, 24 Nov 2015)
New Revision: 4019
Modified:
active/CVE-2015-7833
Log:
Update references and status of CVE-2015-7833, which needed a second patch
Modified: active/CVE-2015-7833
===================================================================
--- active/CVE-2015-7833 2015-11-24 07:45:55 UTC (rev 4018)
+++ active/CVE-2015-7833 2015-11-24 18:12:56 UTC (rev 4019)
@@ -1,13 +1,16 @@
Description: usbvision: crash on invalid USB device descriptors
References:
- https://bugzilla.novell.com/attachment.cgi?id=653350
+ http://git.linuxtv.org/cgit.cgi/media_tree.git/commit?id=588afcc1c0e45358159090d95bf7b246fb67565f
+ http://git.linuxtv.org/cgit.cgi/media_tree.git/commit?id=fa52bd506f274b7619955917abfde355e3d19ffe
Notes:
+ bwh> linux versions 3.2.68-1+deb7u6, 3.16.7-ckt11-1+deb8u6 and 4.2.6-1
+ bwh> have the first patch only.
Bugs:
upstream: needed
3.16-upstream-stable: needed
3.2-upstream-stable: needed
2.6.32-upstream-stable: needed
-sid: released (4.2.6-1) [bugfix/all/usbvision-fix-overflow-of-interfaces-array.patch]
-3.16-jessie-security: released (3.16.7-ckt11-1+deb8u6) [bugfix/all/usbvision-fix-overflow-of-interfaces-array.patch]
-3.2-wheezy-security: released (3.2.68-1+deb7u6) [bugfix/all/usbvision-fix-overflow-of-interfaces-array.patch]
-2.6.32-squeeze-security: pending (2.6.32-48squeeze17) [bugfix/all/usbvision-fix-overflow-of-interfaces-array.patch]
+sid: pending (4.2.6-2) [bugfix/all/usbvision-fix-overflow-of-interfaces-array.patch, media-usbvision-fix-crash-on-detecting-device-with-i.patch]
+3.16-jessie-security: pending (3.16.7-ckt11-1+deb8u7) [bugfix/all/usbvision-fix-overflow-of-interfaces-array.patch, media-usbvision-fix-crash-on-detecting-device-with-i.patch]
+3.2-wheezy-security: pending (3.2.68-1+deb7u7) [bugfix/all/usbvision-fix-overflow-of-interfaces-array.patch, media-usbvision-fix-crash-on-detecting-device-with-i.patch]
+2.6.32-squeeze-security: pending (2.6.32-48squeeze17) [bugfix/all/usbvision-fix-overflow-of-interfaces-array.patch, media-usbvision-fix-crash-on-detecting-device-with-i.patch]
More information about the kernel-sec-discuss
mailing list