[kernel-sec-discuss] r4586 - active
Ben Hutchings
benh at moszumanska.debian.org
Tue Aug 23 22:52:19 UTC 2016
Author: benh
Date: 2016-08-23 22:52:19 +0000 (Tue, 23 Aug 2016)
New Revision: 4586
Modified:
active/CVE-2014-9904
active/CVE-2016-1237
active/CVE-2016-1583
active/CVE-2016-4470
active/CVE-2016-4482
active/CVE-2016-4569
active/CVE-2016-4578
active/CVE-2016-4997
active/CVE-2016-4998
active/CVE-2016-5243
active/CVE-2016-5244
active/CVE-2016-5412
active/CVE-2016-5696
active/CVE-2016-5728
active/CVE-2016-5828
active/CVE-2016-5829
active/CVE-2016-6130
active/CVE-2016-6136
Log:
Mark 3.2.82 and 3.16.37 as released
Modified: active/CVE-2014-9904
===================================================================
--- active/CVE-2014-9904 2016-08-19 07:32:20 UTC (rev 4585)
+++ active/CVE-2014-9904 2016-08-23 22:52:19 UTC (rev 4586)
@@ -3,7 +3,7 @@
Notes: Introduced in 3.7-rc1 with b35cc8225845112a616e3a2266d2fde5ab13d3ab
Bugs:
upstream: released (3.17-rc1) [6217e5ede23285ddfee10d2e4ba0cc2d4c046205]
-3.16-upstream-stable: pending (3.16.37) [alsa-compress-fix-an-integer-overflow-check.patch]
+3.16-upstream-stable: released (3.16.37) [alsa-compress-fix-an-integer-overflow-check.patch]
3.2-upstream-stable: N/A "Introduced with b35cc8225845112a616e3a2266d2fde5ab13d3ab in 3.7-rc1"
sid: released (4.0.2-1)
3.16-jessie-security: released (3.16.7-ckt25-2+deb8u3) [bugfix/all/alsa-compress-fix-an-integer-overflow-check.patch]
Modified: active/CVE-2016-1237
===================================================================
--- active/CVE-2016-1237 2016-08-19 07:32:20 UTC (rev 4585)
+++ active/CVE-2016-1237 2016-08-23 22:52:19 UTC (rev 4586)
@@ -4,7 +4,7 @@
Requisite for the fix: 485e71e8fb6356c08c7fc6bcce4bf02c9a9a663f
Bugs:
upstream: released (4.7-rc5) [999653786df6954a31044528ac3f7a5dadca08f4]
-3.16-upstream-stable: pending (3.16.37) [nfsd-check-permissions-when-setting-acls.patch]
+3.16-upstream-stable: released (3.16.37) [nfsd-check-permissions-when-setting-acls.patch]
3.2-upstream-stable: N/A "Introduced in v3.14-rc1 with 4ac7249ea5a0ceef9f8269f63f33cc873c3fac61"
sid: released (4.6.2-2) [bugfix/all/nfsd-check-permissions-when-setting-acls.patch]
3.16-jessie-security: released (3.16.7-ckt25-2+deb8u1) [bugfix/all/nfsd-check-permissions-when-setting-ACLs.patch]
Modified: active/CVE-2016-1583
===================================================================
--- active/CVE-2016-1583 2016-08-19 07:32:20 UTC (rev 4585)
+++ active/CVE-2016-1583 2016-08-23 22:52:19 UTC (rev 4586)
@@ -24,8 +24,8 @@
bwh> fix as well.
Bugs:
upstream: released (4.7-rc3) [e54ad7f1ee263ffa5a2de9c609d58dfa27b21cd9, 2f36db71009304b3f0b95afacd8eba1f9f046b87, 29d6455178a09e1dc340380c582b13356227e8df]
-3.16-upstream-stable: pending (3.16.37) [fs-limit-filesystem-stacking-depth.patch, proc-prevent-stacking-filesystems-on-top.patch, ecryptfs-don-t-allow-mmap-when-the-lower-fs-doesn-t-support-it.patch]
-3.2-upstream-stable: pending (3.2.82) [fs-limit-filesystem-stacking-depth.patch, proc-prevent-stacking-filesystems-on-top.patch, ecryptfs-don-t-allow-mmap-when-the-lower-fs-doesn-t-support-it.patch]
+3.16-upstream-stable: released (3.16.37) [fs-limit-filesystem-stacking-depth.patch, proc-prevent-stacking-filesystems-on-top.patch, ecryptfs-don-t-allow-mmap-when-the-lower-fs-doesn-t-support-it.patch]
+3.2-upstream-stable: released (3.2.82) [fs-limit-filesystem-stacking-depth.patch, proc-prevent-stacking-filesystems-on-top.patch, ecryptfs-don-t-allow-mmap-when-the-lower-fs-doesn-t-support-it.patch]
sid: released (4.6.2-1) [bugfix/all/proc-prevent-stacking-filesystems-on-top.patch, bugfix/all/ecryptfs-forbid-opening-files-without-mmap-handler.patch, bugfix/all/sched-panic-on-corrupted-stack-end.patch]
3.16-jessie-security: released (3.16.7-ckt25-2+deb8u1) [bugfix/all/ecryptfs-fix-handling-of-directory-opening.patch, bugfix/all/ecryptfs-forbid-opening-files-without-mmap-handler.patch]
3.2-wheezy-security: released (3.2.81-1) [bugfix/all/ecryptfs-fix-handling-of-directory-opening.patch, bugfix/all/ecryptfs-forbid-opening-files-without-mmap-handler.patch]
Modified: active/CVE-2016-4470
===================================================================
--- active/CVE-2016-4470 2016-08-19 07:32:20 UTC (rev 4585)
+++ active/CVE-2016-4470 2016-08-23 22:52:19 UTC (rev 4586)
@@ -3,8 +3,8 @@
Notes:
Bugs:
upstream: released (4.7-rc4) [38327424b40bcebe2de92d07312c89360ac9229a]
-3.16-upstream-stable: pending (3.16.37) [keys-potential-uninitialized-variable.patch]
-3.2-upstream-stable: pending (3.2.82) [keys-potential-uninitialized-variable.patch]
+3.16-upstream-stable: released (3.16.37) [keys-potential-uninitialized-variable.patch]
+3.2-upstream-stable: released (3.2.82) [keys-potential-uninitialized-variable.patch]
sid: released (4.6.2-2) [bugfix/all/keys-potential-uninitialized-variable.patch]
3.16-jessie-security: released (3.16.7-ckt25-2+deb8u1) [bugfix/all/keys-potential-uninitialized-variable.patch]
3.2-wheezy-security: pending (3.2.81-2) [bugfix/all/keys-potential-uninitialized-variable.patch]
Modified: active/CVE-2016-4482
===================================================================
--- active/CVE-2016-4482 2016-08-19 07:32:20 UTC (rev 4585)
+++ active/CVE-2016-4482 2016-08-23 22:52:19 UTC (rev 4586)
@@ -7,8 +7,8 @@
bwh> initialisation.
Bugs:
upstream: released (4.7-rc1) [681fef8380eb818c0b845fca5d2ab1dcbab114ee]
-3.16-upstream-stable: pending (3.16.37) [usb-usbfs-fix-potential-infoleak-in-devio.patch]
-3.2-upstream-stable: pending (3.2.82) [usb-usbfs-fix-potential-infoleak-in-devio.patch]
+3.16-upstream-stable: released (3.16.37) [usb-usbfs-fix-potential-infoleak-in-devio.patch]
+3.2-upstream-stable: released (3.2.82) [usb-usbfs-fix-potential-infoleak-in-devio.patch]
sid: released (4.5.5-1) [bugfix/all/usb-usbfs-fix-potential-infoleak-in-devio.patch]
3.16-jessie-security: released (3.16.7-ckt25-2+deb8u1) [bugfix/all/usb-usbfs-fix-potential-infoleak-in-devio.patch]
3.2-wheezy-security: released (3.2.81-1) [bugfix/all/usb-usbfs-fix-potential-infoleak-in-devio.patch]
Modified: active/CVE-2016-4569
===================================================================
--- active/CVE-2016-4569 2016-08-19 07:32:20 UTC (rev 4585)
+++ active/CVE-2016-4569 2016-08-23 22:52:19 UTC (rev 4586)
@@ -6,8 +6,8 @@
bwh> struct snd_timer_tread on 32-bit architectures.
Bugs:
upstream: released (4.7-rc1) [cec8f96e49d9be372fdb0c3836dcf31ec71e457e]
-3.16-upstream-stable: pending (3.16.37) [alsa-timer-fix-leak-in-sndrv_timer_ioctl_params.patch]
-3.2-upstream-stable: pending (3.2.82) [alsa-timer-fix-leak-in-sndrv_timer_ioctl_params.patch]
+3.16-upstream-stable: released (3.16.37) [alsa-timer-fix-leak-in-sndrv_timer_ioctl_params.patch]
+3.2-upstream-stable: released (3.2.82) [alsa-timer-fix-leak-in-sndrv_timer_ioctl_params.patch]
sid: released (4.4.5-1) [bugfix/all/alsa-timer-fix-leak-in-sndrv_timer_ioctl_params.patch]
3.16-jessie-security: released (3.16.7-ckt25-2+deb8u1) [bugfix/all/alsa-timer-fix-leak-in-sndrv_timer_ioctl_params.patch]
3.2-wheezy-security: released (3.2.81-1) [bugfix/all/alsa-timer-fix-leak-in-sndrv_timer_ioctl_params.patch]
Modified: active/CVE-2016-4578
===================================================================
--- active/CVE-2016-4578 2016-08-19 07:32:20 UTC (rev 4585)
+++ active/CVE-2016-4578 2016-08-23 22:52:19 UTC (rev 4586)
@@ -5,8 +5,8 @@
bwh> struct snd_timer_tread on 32-bit architectures.
Bugs:
upstream: released (4.7-rc1) [9a47e9cff994f37f7f0dbd9ae23740d0f64f9fe6, e4ec8cc8039a7063e24204299b462bd1383184a5]
-3.16-upstream-stable: pending (3.16.37) [alsa-timer-fix-leak-in-events-via-snd_timer_user_ccallback.patch, alsa-timer-fix-leak-in-events-via-snd_timer_user_tinterrupt.patch]
-3.2-upstream-stable: pending (3.2.82) [alsa-timer-fix-leak-in-events-via-snd_timer_user_ccallback.patch, alsa-timer-fix-leak-in-events-via-snd_timer_user_tinterrupt.patch]
+3.16-upstream-stable: released (3.16.37) [alsa-timer-fix-leak-in-events-via-snd_timer_user_ccallback.patch, alsa-timer-fix-leak-in-events-via-snd_timer_user_tinterrupt.patch]
+3.2-upstream-stable: released (3.2.82) [alsa-timer-fix-leak-in-events-via-snd_timer_user_ccallback.patch, alsa-timer-fix-leak-in-events-via-snd_timer_user_tinterrupt.patch]
sid: released (4.5.5-1) [bugfix/all/alsa-timer-fix-leak-in-events-via-snd_timer_user_cca.patch, bugfix/all/alsa-timer-fix-leak-in-events-via-snd_timer_user_tin.patch]
3.16-jessie-security: released (3.16.7-ckt25-2+deb8u1) [bugfix/all/alsa-timer-fix-leak-in-events-via-snd_timer_user_cca.patch, bugfix/all/alsa-timer-fix-leak-in-events-via-snd_timer_user_tin.patch]
3.2-wheezy-security: released (3.2.81-1) [bugfix/all/alsa-timer-fix-leak-in-events-via-snd_timer_user_cca.patch, bugfix/all/alsa-timer-fix-leak-in-events-via-snd_timer_user_tin.patch]
Modified: active/CVE-2016-4997
===================================================================
--- active/CVE-2016-4997 2016-08-19 07:32:20 UTC (rev 4585)
+++ active/CVE-2016-4997 2016-08-23 22:52:19 UTC (rev 4586)
@@ -3,7 +3,7 @@
Notes:
Bugs:
upstream: released (4.7-rc1) [fc1221b3a163d1386d1052184202d5dc50d302d1, ce683e5f9d045e5d67d1312a42b359cb2ab2a13c]
-3.16-upstream-stable: pending (3.16.37) [netfilter-x_tables-add-compat-version-of-xt_check_entry_offsets.patch, netfilter-x_tables-check-for-bogus-target-offset.patch]
+3.16-upstream-stable: released (3.16.37) [netfilter-x_tables-add-compat-version-of-xt_check_entry_offsets.patch, netfilter-x_tables-check-for-bogus-target-offset.patch]
3.2-upstream-stable: ignored "too many changes required, and netfilter is not exposed to unprivileged users"
sid: released (4.6.2-2) [bugfix/all/netfilter-x_tables-add-compat-version-of-xt_check_en.patch, bugfix/all/netfilter-x_tables-check-for-bogus-target-offset.patch]
3.16-jessie-security: released (3.16.7-ckt25-2+deb8u1) [bugfix/all/netfilter-x_tables-add-compat-version-of-xt_check_en.patch, bugfix/all/netfilter-x_tables-check-for-bogus-target-offset.patch]
Modified: active/CVE-2016-4998
===================================================================
--- active/CVE-2016-4998 2016-08-19 07:32:20 UTC (rev 4585)
+++ active/CVE-2016-4998 2016-08-23 22:52:19 UTC (rev 4586)
@@ -3,7 +3,7 @@
Notes:
Bugs:
upstream: released (4.7-rc1) [7d35812c3214afa5b37a675113555259cfd67b98, a08e4e190b866579896c09af59b3bdca821da2cd, 7ed2abddd20cf8f6bd27f65bd218f26fa5bf7f44, 13631bfc604161a9d69cd68991dff8603edd66f9, b7eba0f3515fca3296b8881d583f7c1042f5226]
-3.16-upstream-stable: pending (3.16.37) [netfilter-x_tables-add-and-use-xt_check_entry_offsets.patch, netfilter-x_tables-assert-minimum-target-size.patch, netfilter-x_tables-check-standard-target-size-too.patch, netfilter-x_tables-validate-all-offsets-and-sizes-in-a-rule.patch, netfilter-x_tables-don-t-reject-valid-target-size-on-some.patch]
+3.16-upstream-stable: released (3.16.37) [netfilter-x_tables-add-and-use-xt_check_entry_offsets.patch, netfilter-x_tables-assert-minimum-target-size.patch, netfilter-x_tables-check-standard-target-size-too.patch, netfilter-x_tables-validate-all-offsets-and-sizes-in-a-rule.patch, netfilter-x_tables-don-t-reject-valid-target-size-on-some.patch]
3.2-upstream-stable: ignored "too many changes required, and netfilter is not exposed to unprivileged users"
sid: released (4.6.2-2) [bugfix/all/netfilter-x_tables-add-and-use-xt_check_entry_offset.patch, bugfix/all/netfilter-x_tables-assert-minimum-target-size.patch, bugfix/all/netfilter-x_tables-check-standard-target-size-too.patch, bugfix/all/netfilter-x_tables-validate-all-offsets-and-sizes-in.patch, bugfix/all/netfilter-x_tables-don-t-reject-valid-target-size-on.patch]
3.16-jessie-security: released (3.16.7-ckt25-2+deb8u1) [bugfix/all/netfilter-x_tables-add-and-use-xt_check_entry_offset.patch, bugfix/all/netfilter-x_tables-assert-minimum-target-size.patch, bugfix/all/netfilter-x_tables-check-standard-target-size-too.patch, bugfix/all/netfilter-x_tables-validate-all-offsets-and-sizes-in.patch, bugfix/all/netfilter-x_tables-don-t-reject-valid-target-size-on.patch]
Modified: active/CVE-2016-5243
===================================================================
--- active/CVE-2016-5243 2016-08-19 07:32:20 UTC (rev 4585)
+++ active/CVE-2016-5243 2016-08-23 22:52:19 UTC (rev 4586)
@@ -5,8 +5,8 @@
bwh> In kernel versions older than 4.0 the bug is in tipc_node_get_links()
Bugs:
upstream: released (4.7-rc3) [5d2be1422e02ccd697ccfcd45c85b4a26e6178e2]
-3.16-upstream-stable: pending (3.16.37) [tipc-fix-an-infoleak-in-tipc_nl_compat_link_dump.patch]
-3.2-upstream-stable: pending (3.2.82) [tipc-fix-an-infoleak-in-tipc_nl_compat_link_dump.patch]
+3.16-upstream-stable: released (3.16.37) [tipc-fix-an-infoleak-in-tipc_nl_compat_link_dump.patch]
+3.2-upstream-stable: released (3.2.82) [tipc-fix-an-infoleak-in-tipc_nl_compat_link_dump.patch]
sid: released (4.6.2-1) [bugfix/all/tipc-fix-an-infoleak-in-tipc_nl_compat_link_dump.patch]
3.16-jessie-security: released (3.16.7-ckt25-2+deb8u1) [bugfix/all/tipc-fix-an-infoleak-in-tipc_nl_compat_link_dump.patch]
3.2-wheezy-security: released (3.2.81-1) [bugfix/all/tipc-fix-an-infoleak-in-tipc_nl_compat_link_dump.patch]
Modified: active/CVE-2016-5244
===================================================================
--- active/CVE-2016-5244 2016-08-19 07:32:20 UTC (rev 4585)
+++ active/CVE-2016-5244 2016-08-23 22:52:19 UTC (rev 4586)
@@ -4,8 +4,8 @@
Notes:
Bugs:
upstream: released (4.7-rc3) [4116def2337991b39919f3b448326e21c40e0dbb]
-3.16-upstream-stable: pending (3.16.37) [rds-fix-an-infoleak-in-rds_inc_info_copy.patch]
-3.2-upstream-stable: pending (3.2.82) [rds-fix-an-infoleak-in-rds_inc_info_copy.patch]
+3.16-upstream-stable: released (3.16.37) [rds-fix-an-infoleak-in-rds_inc_info_copy.patch]
+3.2-upstream-stable: released (3.2.82) [rds-fix-an-infoleak-in-rds_inc_info_copy.patch]
sid: released (4.6.2-1) [bugfix/all/rds-fix-an-infoleak-in-rds_inc_info_copy.patch]
3.16-jessie-security: released (3.16.7-ckt25-2+deb8u1) [bugfix/all/rds-fix-an-infoleak-in-rds_inc_info_copy.patch]
3.2-wheezy-security: released (3.2.81-1) [bugfix/all/rds-fix-an-infoleak-in-rds_inc_info_copy.patch]
Modified: active/CVE-2016-5412
===================================================================
--- active/CVE-2016-5412 2016-08-19 07:32:20 UTC (rev 4585)
+++ active/CVE-2016-5412 2016-08-23 22:52:19 UTC (rev 4586)
@@ -7,7 +7,7 @@
Notes:
Bugs:
upstream: released (4.8-rc1) [f024ee098476a3e620232e4a78cfac505f121245, 93d17397e4e2182fdaad503e2f9da46202c0f1c3]
-3.16-upstream-stable: pending (3.16.37) [kvm-ppc-book3s-hv-pull-out-tm-state-save-restore-into-separate.patch, kvm-ppc-book3s-hv-save-restore-tm-state-in-h_cede.patch]
+3.16-upstream-stable: released (3.16.37) [kvm-ppc-book3s-hv-pull-out-tm-state-save-restore-into-separate.patch, kvm-ppc-book3s-hv-save-restore-tm-state-in-h_cede.patch]
3.2-upstream-stable: N/A "Transactional memory is not supported"
sid: pending (4.6.7-1) [bugfix/powerpc/kvm-ppc-book3s-hv-pull-out-tm-state-save-restore-int.patch, bugfix/powerpc/kvm-ppc-book3s-hv-save-restore-tm-state-in-h_cede.patch]
3.16-jessie-security: needed
Modified: active/CVE-2016-5696
===================================================================
--- active/CVE-2016-5696 2016-08-19 07:32:20 UTC (rev 4585)
+++ active/CVE-2016-5696 2016-08-23 22:52:19 UTC (rev 4586)
@@ -11,8 +11,8 @@
083ae308280d13d187512b9babe3454342a7987e might be added as well.
Bugs:
upstream: released (4.7) [75ff39ccc1bd5d3c455b6822ab09e533c551f758]
-3.16-upstream-stable: pending (3.16.37) [tcp-make-challenge-acks-less-predictable.patch]
-3.2-upstream-stable: pending (3.2.82) [tcp-make-challenge-acks-less-predictable.patch]
+3.16-upstream-stable: released (3.16.37) [tcp-make-challenge-acks-less-predictable.patch]
+3.2-upstream-stable: released (3.2.82) [tcp-make-challenge-acks-less-predictable.patch]
sid: pending (4.6.7-1)
3.16-jessie-security: pending (3.16.36-1+deb8u1) [bugfix/all/tcp-make-challenge-acks-less-predictable.patch]
3.2-wheezy-security: pending (3.2.81-2) [bugfix/all/tcp-make-challenge-acks-less-predictable.patch]
Modified: active/CVE-2016-5728
===================================================================
--- active/CVE-2016-5728 2016-08-19 07:32:20 UTC (rev 4585)
+++ active/CVE-2016-5728 2016-08-23 22:52:19 UTC (rev 4586)
@@ -17,7 +17,7 @@
Bugs:
https://bugzilla.kernel.org/show_bug.cgi?id=116651
upstream: released (v4.7-rc1) [9bf292bfca94694a721449e3fd752493856710f6]
-3.16-upstream-stable: pending (3.16.37) [misc-mic-fix-for-double-fetch-security-bug-in-vop-driver.patch]
+3.16-upstream-stable: released (3.16.37) [misc-mic-fix-for-double-fetch-security-bug-in-vop-driver.patch]
3.2-upstream-stable: N/A "Vulnerable code introduced in 3.13-rc1 with f69bcbf3b4c4b333dcd7a48eaf868bf0c88edab5"
sid: released (4.6.1-1) [2a9369456a384d84c521c8ebb48d247e8738f84f]
3.16-jessie-security: released (3.16.7-ckt25-2+deb8u3) [bugfix/x86/misc-mic-fix-for-double-fetch-security-bug-in-vop-dr.patch]
Modified: active/CVE-2016-5828
===================================================================
--- active/CVE-2016-5828 2016-08-19 07:32:20 UTC (rev 4585)
+++ active/CVE-2016-5828 2016-08-23 22:52:19 UTC (rev 4586)
@@ -5,7 +5,7 @@
not yet merged in Linus' tree.
Bugs:
upstream: released (4.7-rc6) [8e96a87c5431c256feb65bcfc5aec92d9f7839b6]
-3.16-upstream-stable: pending (3.16.37) [powerpc-tm-always-reclaim-in-start_thread-for-exec-class.patch]
+3.16-upstream-stable: released (3.16.37) [powerpc-tm-always-reclaim-in-start_thread-for-exec-class.patch]
3.2-upstream-stable: N/A "Introduced in 3.10-rc1 with bc2a9408fa65195288b41751016c36fd00a75a85"
sid: released (4.6.3-1) [bugfix/powerpc/powerpc-tm-always-reclaim-in-start_thread-for-exec-c.patch]
3.16-jessie-security: released (3.16.7-ckt25-2+deb8u3) [bugfix/powerpc/powerpc-tm-always-reclaim-in-start_thread-for-exec-c.patch]
Modified: active/CVE-2016-5829
===================================================================
--- active/CVE-2016-5829 2016-08-19 07:32:20 UTC (rev 4585)
+++ active/CVE-2016-5829 2016-08-23 22:52:19 UTC (rev 4586)
@@ -3,8 +3,8 @@
Notes:
Bugs:
upstream: released (4.7-rc5) [93a2001bdfd5376c3dc2158653034c20392d15c5]
-3.16-upstream-stable: pending (3.16.37) [hid-hiddev-validate-num_values-for-hidiocgusages-hidiocsusages.patch]
-3.2-upstream-stable: pending (3.2.82) [hid-hiddev-validate-num_values-for-hidiocgusages-hidiocsusages.patch]
+3.16-upstream-stable: released (3.16.37) [hid-hiddev-validate-num_values-for-hidiocgusages-hidiocsusages.patch]
+3.2-upstream-stable: released (3.2.82) [hid-hiddev-validate-num_values-for-hidiocgusages-hidiocsusages.patch]
sid: released (4.6.3-1) [bugfix/all/HID-hiddev-validate-num_values-for-HIDIOCGUSAGES-HID.patch]
3.16-jessie-security: released (3.16.7-ckt25-2+deb8u3) [bugfix/all/hid-hiddev-validate-num_values-for-hidiocgusages-hid.patch]
3.2-wheezy-security: pending (3.2.81-2) [bugfix/all/hid-hiddev-validate-num_values-for-hidiocgusages-hid.patch]
Modified: active/CVE-2016-6130
===================================================================
--- active/CVE-2016-6130 2016-08-19 07:32:20 UTC (rev 4585)
+++ active/CVE-2016-6130 2016-08-23 22:52:19 UTC (rev 4586)
@@ -4,7 +4,7 @@
Bugs:
https://bugzilla.kernel.org/show_bug.cgi?id=116741
upstream: released (4.6-rc6) [532c34b5fbf1687df63b3fcd5b2846312ac943c6]
-3.16-upstream-stable: pending (3.16.37) [s390-sclp_ctl-fix-potential-information-leak-with-dev-sclp.patch]
+3.16-upstream-stable: released (3.16.37) [s390-sclp_ctl-fix-potential-information-leak-with-dev-sclp.patch]
3.2-upstream-stable: N/A "Vulnerable code introduced in 3.11 with d475f942b1dd6a897dac3ad4ed98d6994b275378"
sid: released (4.6.1-1)
3.16-jessie-security: released (3.16.7-ckt25-2+deb8u3) [bugfix/s390/s390-sclp_ctl-fix-potential-information-leak-with-de.patch]
Modified: active/CVE-2016-6136
===================================================================
--- active/CVE-2016-6136 2016-08-19 07:32:20 UTC (rev 4585)
+++ active/CVE-2016-6136 2016-08-23 22:52:19 UTC (rev 4586)
@@ -6,8 +6,8 @@
Notes:
Bugs:
upstream: released (4.8-rc1) [43761473c254b45883a64441dd0bc85a42f3645c]
-3.16-upstream-stable: pending (3.16.37) [audit-fix-a-double-fetch-in-audit_log_single_execve_arg.patch]
-3.2-upstream-stable: pending (3.2.82) [audit-fix-a-double-fetch-in-audit_log_single_execve_arg.patch]
+3.16-upstream-stable: released (3.16.37) [audit-fix-a-double-fetch-in-audit_log_single_execve_arg.patch]
+3.2-upstream-stable: released (3.2.82) [audit-fix-a-double-fetch-in-audit_log_single_execve_arg.patch]
sid: pending (4.6.7-1) [bugfix/all/audit-fix-a-double-fetch-in-audit_log_single_execve_arg.patch]
3.16-jessie-security: pending (3.16.36-1+deb8u1) [bugfix/all/audit-fix-a-double-fetch-in-audit_log_single_execve_arg.patch]
3.2-wheezy-security: pending (3.2.81-2) [bugfix/all/audit-fix-a-double-fetch-in-audit_log_single_execve_arg.patch]
More information about the kernel-sec-discuss
mailing list