[kernel-sec-discuss] r3925 - active

Salvatore Bonaccorso carnil at moszumanska.debian.org
Mon Sep 21 17:29:22 UTC 2015 

Author: carnil
Date: 2015-09-21 17:29:22 +0000 (Mon, 21 Sep 2015)
New Revision: 3925

Modified:
   active/CVE-2015-0272
   active/CVE-2015-2925
   active/CVE-2015-5156
   active/CVE-2015-6252
   active/CVE-2015-6937
Log:
Mark versions for DSA-3364-1 as released

Modified: active/CVE-2015-0272
===================================================================
--- active/CVE-2015-0272	2015-09-21 17:02:01 UTC (rev 3924)
+++ active/CVE-2015-0272	2015-09-21 17:29:22 UTC (rev 3925)
@@ -9,6 +9,6 @@
 3.2-upstream-stable: needed
 2.6.32-upstream-stable: needed
 sid: released (4.0.2-1)
-3.16-jessie-security: pending (3.16.7-ckt11-1+deb8u4) [bugfix/all/ipv6-addrconf-validate-new-MTU-before-applying-it.patch]
-3.2-wheezy-security: pending (3.2.68-1+deb7u4) [bugfix/all/ipv6-addrconf-validate-new-MTU-before-applying-it.patch]
+3.16-jessie-security: released (3.16.7-ckt11-1+deb8u4) [bugfix/all/ipv6-addrconf-validate-new-MTU-before-applying-it.patch]
+3.2-wheezy-security: released (3.2.68-1+deb7u4) [bugfix/all/ipv6-addrconf-validate-new-MTU-before-applying-it.patch]
 2.6.32-squeeze-security: released (2.6.32-48squeeze14) [bugfix/all/ipv6-addrconf-validate-new-MTU-before-applying-it.patch]

Modified: active/CVE-2015-2925
===================================================================
--- active/CVE-2015-2925	2015-09-21 17:02:01 UTC (rev 3924)
+++ active/CVE-2015-2925	2015-09-21 17:29:22 UTC (rev 3925)
@@ -18,7 +18,7 @@
 upstream: pending (4.3-rc1) [cde93be45a8a90d8c264c776fab63487b5038a65, a03e283bf5c3d4851b4998122196ce9f849e6dfb, 397d425dc26da728396e66d392d5dcb8dac30c37]
 2.6.32-upstream-stable: N/A "user namespaces known broken before 3.5"
 sid: pending (4.2-1) [bugfix/all/dcache-handle-escaped-paths-in-prepend_path.patch, bugfix/all/dcache-reduce-the-scope-of-i_lock-in-d_splice_alias.patch, bugfix/all/vfs-test-for-and-handle-paths-that-are-unreachable-f.patch]
-3.16-jessie-security: pending (3.16.7-ckt11-1+deb8u4) [bugfix/all/namei-lift-open-coded-terminate_walk-in-follow_dotdo.patch, bugfix/all/dcache-handle-escaped-paths-in-prepend_path.patch, bugfix/all/vfs-test-for-and-handle-paths-that-are-unreachable-f.patch]
+3.16-jessie-security: released (3.16.7-ckt11-1+deb8u4) [bugfix/all/namei-lift-open-coded-terminate_walk-in-follow_dotdo.patch, bugfix/all/dcache-handle-escaped-paths-in-prepend_path.patch, bugfix/all/vfs-test-for-and-handle-paths-that-are-unreachable-f.patch]
 3.2-wheezy-security: N/A "user namespaces known broken before 3.5"
 2.6.32-squeeze-security: N/A "user namespaces known broken before 3.5"
 3.16-upstream-stable: needed

Modified: active/CVE-2015-5156
===================================================================
--- active/CVE-2015-5156	2015-09-21 17:02:01 UTC (rev 3924)
+++ active/CVE-2015-5156	2015-09-21 17:29:22 UTC (rev 3925)
@@ -8,7 +8,7 @@
 3.2-upstream-stable: needed
 2.6.32-upstream-stable: needed
 sid: released (4.1.5-1) [bugfix/all/virtio-net-drop-netif_f_fraglist.patch]
-3.16-jessie-security: pending (3.16.7-ckt11-1+deb8u4) [bugfix/all/virtio-net-drop-netif_f_fraglist.patch]
-3.2-wheezy-security: pending (3.2.68-1+deb7u4) [bugfix/all/virtio-net-drop-netif_f_fraglist.patch]
+3.16-jessie-security: released (3.16.7-ckt11-1+deb8u4) [bugfix/all/virtio-net-drop-netif_f_fraglist.patch]
+3.2-wheezy-security: released (3.2.68-1+deb7u4) [bugfix/all/virtio-net-drop-netif_f_fraglist.patch]
 2.6.32-squeeze-security: released (2.6.32-48squeeze14) [bugfix/all/virtio-net-drop-netif_f_fraglist.patch]
 

Modified: active/CVE-2015-6252
===================================================================
--- active/CVE-2015-6252	2015-09-21 17:02:01 UTC (rev 3924)
+++ active/CVE-2015-6252	2015-09-21 17:29:22 UTC (rev 3925)
@@ -8,6 +8,6 @@
 3.2-upstream-stable: released (3.2.71)
 2.6.32-upstream-stable: N/A ("Vulnerable code not present")
 sid: released (4.1.5-1)
-3.16-jessie-security: pending (3.16.7-ckt11-1+deb8u4) [bugfix/all/vhost-actually-track-log-eventfd-file.patch]
-3.2-wheezy-security: pending (3.2.68-1+deb7u4) [bugfix/all/vhost-actually-track-log-eventfd-file.patch]
+3.16-jessie-security: released (3.16.7-ckt11-1+deb8u4) [bugfix/all/vhost-actually-track-log-eventfd-file.patch]
+3.2-wheezy-security: released (3.2.68-1+deb7u4) [bugfix/all/vhost-actually-track-log-eventfd-file.patch]
 2.6.32-squeeze-security: N/A ("Vulnerable code not present")

Modified: active/CVE-2015-6937
===================================================================
--- active/CVE-2015-6937	2015-09-21 17:02:01 UTC (rev 3924)
+++ active/CVE-2015-6937	2015-09-21 17:29:22 UTC (rev 3925)
@@ -7,6 +7,6 @@
 3.2-upstream-stable: needed
 2.6.32-upstream-stable: needed
 sid: pending (4.2-1) [bugfix/all/rds-verify-the-underlying-transport-exists-before-cr.patch]
-3.16-jessie-security: pending (3.16.7-ckt11-1+deb8u4) [bugfix/all/rds-verify-the-underlying-transport-exists-before-cr.patch]
-3.2-wheezy-security: pending (3.2.68-1+deb7u4) [bugfix/all/rds-verify-the-underlying-transport-exists-before-cr.patch]
+3.16-jessie-security: released (3.16.7-ckt11-1+deb8u4) [bugfix/all/rds-verify-the-underlying-transport-exists-before-cr.patch]
+3.2-wheezy-security: released (3.2.68-1+deb7u4) [bugfix/all/rds-verify-the-underlying-transport-exists-before-cr.patch]
 2.6.32-squeeze-security: released (2.6.32-48squeeze14) [bugfix/all/rds-verify-the-underlying-transport-exists-before-cr.patch]

More information about the kernel-sec-discuss mailing list