[kernel-sec-discuss] r4755 - active
Ben Hutchings
benh at moszumanska.debian.org
Thu Dec 1 00:25:04 UTC 2016
Author: benh
Date: 2016-12-01 00:25:01 +0000 (Thu, 01 Dec 2016)
New Revision: 4755
Modified:
active/CVE-2015-1350
active/CVE-2015-8955
active/CVE-2016-5412
active/CVE-2016-7097
active/CVE-2016-7910
active/CVE-2016-7911
active/CVE-2016-8633
active/CVE-2016-8658
active/CVE-2016-9083
active/CVE-2016-9084
Log:
Mark issues pending for jessie
Modified: active/CVE-2015-1350
===================================================================
--- active/CVE-2015-1350 2016-11-30 17:23:50 UTC (rev 4754)
+++ active/CVE-2015-1350 2016-12-01 00:25:01 UTC (rev 4755)
@@ -10,7 +10,7 @@
Bugs: 770492
upstream: released (4.9-rc1) [030b533c4fd4d2ec3402363323de4bb2983c9cee]
sid: pending (4.8.11-1) [bugfix/all/xfs-Propagate-dentry-down-to-inode_change_ok.patch, bugfix/all/ceph-Propagate-dentry-down-to-inode_change_ok.patch, bugfix/all/fuse-Propagate-dentry-down-to-inode_change_ok.patch, bugfix/all/fs-Give-dentry-to-inode_change_ok-instead-of-inode.patch, bugfix/all/fs-Avoid-premature-clearing-of-capabilities.patch]
-3.16-jessie-security: needed
+3.16-jessie-security: pending (3.16.36-1+deb8u3) [bugfix/all/xfs-propagate-dentry-down-to-inode_change_ok.patch, bugfix/all/fuse-propagate-dentry-down-to-inode_change_ok.patch, bugfix/all/fs-give-dentry-to-inode_change_ok-instead-of-inode.patch, bugfix/all/fs-avoid-premature-clearing-of-capabilities.patch]
3.2-wheezy-security: pending (3.2.84-1)
3.16-upstream-stable: released (3.16.39) [fs-give-dentry-to-inode_change_ok-instead-of-inode.patch, fs-avoid-premature-clearing-of-capabilities.patch]
3.2-upstream-stable: released (3.2.84) [fs-give-dentry-to-inode_change_ok-instead-of-inode.patch, fs-avoid-premature-clearing-of-capabilities.patch]
Modified: active/CVE-2015-8955
===================================================================
--- active/CVE-2015-8955 2016-11-30 17:23:50 UTC (rev 4754)
+++ active/CVE-2015-8955 2016-12-01 00:25:01 UTC (rev 4755)
@@ -7,5 +7,5 @@
3.16-upstream-stable: released (3.16.39) [arm64-perf-reject-groups-spanning-multiple-hw-pmus.patch]
3.2-upstream-stable: N/A "Vulnerable architecture not present"
sid: released (4.1.3-1)
-3.16-jessie-security: needed
+3.16-jessie-security: pending (3.16.36-1+deb8u3) [bugfix/arm64/arm64-perf-reject-groups-spanning-multiple-hw-pmus.patch]
3.2-wheezy-security: N/A "Vulnerable architecture not present"
Modified: active/CVE-2016-5412
===================================================================
--- active/CVE-2016-5412 2016-11-30 17:23:50 UTC (rev 4754)
+++ active/CVE-2016-5412 2016-12-01 00:25:01 UTC (rev 4755)
@@ -10,5 +10,5 @@
3.16-upstream-stable: released (3.16.37) [kvm-ppc-book3s-hv-pull-out-tm-state-save-restore-into-separate.patch, kvm-ppc-book3s-hv-save-restore-tm-state-in-h_cede.patch]
3.2-upstream-stable: N/A "Transactional memory is not supported"
sid: released (4.7.2-1)
-3.16-jessie-security: needed
+3.16-jessie-security: pending (3.16.36-1+deb8u3) [bugfix/powerpc/kvm-ppc-book3s-hv-pull-out-tm-state-save-restore-into-separate.patch, bugfix/powerpc/kvm-ppc-book3s-hv-save-restore-tm-state-in-h_cede.patch]
3.2-wheezy-security: N/A "Transactional memory is not supported"
Modified: active/CVE-2016-7097
===================================================================
--- active/CVE-2016-7097 2016-11-30 17:23:50 UTC (rev 4754)
+++ active/CVE-2016-7097 2016-12-01 00:25:01 UTC (rev 4755)
@@ -9,5 +9,5 @@
3.16-upstream-stable: released (3.16.39) [posix_acl-clear-sgid-bit-when-setting-file-permissions.patch]
3.2-upstream-stable: released (3.2.84) [posix_acl-clear-sgid-bit-when-setting-file-permissions.patch]
sid: released (4.7.8-1) [bugfix/all/posix_acl-clear-sgid-bit-when-setting-file-permissio.patch]
-3.16-jessie-security: needed
+3.16-jessie-security: pending (3.16.36-1+deb8u3) [bugfix/all/posix_acl-clear-sgid-bit-when-setting-file-permissions.patch]
3.2-wheezy-security: pending (3.2.84-1)
Modified: active/CVE-2016-7910
===================================================================
--- active/CVE-2016-7910 2016-11-30 17:23:50 UTC (rev 4754)
+++ active/CVE-2016-7910 2016-12-01 00:25:01 UTC (rev 4755)
@@ -6,5 +6,5 @@
3.16-upstream-stable: released (3.16.39)
3.2-upstream-stable: released (3.2.84)
sid: released (4.7.2-1)
-3.16-jessie-security: needed
+3.16-jessie-security: pending (3.16.36-1+deb8u3) [bugfix/all/block-fix-use-after-free-in-seq-file.patch]
3.2-wheezy-security: pending (3.2.84-1)
Modified: active/CVE-2016-7911
===================================================================
--- active/CVE-2016-7911 2016-11-30 17:23:50 UTC (rev 4754)
+++ active/CVE-2016-7911 2016-12-01 00:25:01 UTC (rev 4755)
@@ -7,5 +7,5 @@
3.16-upstream-stable: released (3.16.37)
3.2-upstream-stable: needed
sid: released (4.7.2-1)
-3.16-jessie-security: needed
+3.16-jessie-security: pending (3.16.36-1+deb8u3) [bugfix/all/block-fix-use-after-free-in-sys_ioprio_get.patch]
3.2-wheezy-security: needed
Modified: active/CVE-2016-8633
===================================================================
--- active/CVE-2016-8633 2016-11-30 17:23:50 UTC (rev 4754)
+++ active/CVE-2016-8633 2016-12-01 00:25:01 UTC (rev 4755)
@@ -7,5 +7,5 @@
3.16-upstream-stable: released (3.16.39) [firewire-net-guard-against-rx-buffer-overflows.patch]
3.2-upstream-stable: released (3.2.84) [firewire-net-guard-against-rx-buffer-overflows.patch]
sid: released (4.8.7-1)
-3.16-jessie-security: needed
+3.16-jessie-security: pending (3.16.36-1+deb8u3) [bugfix/all/firewire-net-guard-against-rx-buffer-overflows.patch]
3.2-wheezy-security: pending (3.2.84-1)
Modified: active/CVE-2016-8658
===================================================================
--- active/CVE-2016-8658 2016-11-30 17:23:50 UTC (rev 4754)
+++ active/CVE-2016-8658 2016-12-01 00:25:01 UTC (rev 4755)
@@ -11,5 +11,5 @@
3.16-upstream-stable: released (3.16.39) [brcmfmac-avoid-potential-stack-overflow-in-brcmf_cfg80211_start_ap.patch]
3.2-upstream-stable: N/A "Vulnerable code not present"
sid: released (4.7.5-1)
-3.16-jessie-security: needed
+3.16-jessie-security: pending (3.16.36-1+deb8u3) [bugfix/all/brcmfmac-avoid-potential-stack-overflow-in-brcmf_cfg80211_start_ap.patch]
3.2-wheezy-security: N/A "Vulnerable code not present"
Modified: active/CVE-2016-9083
===================================================================
--- active/CVE-2016-9083 2016-11-30 17:23:50 UTC (rev 4754)
+++ active/CVE-2016-9083 2016-12-01 00:25:01 UTC (rev 4755)
@@ -7,5 +7,5 @@
3.16-upstream-stable: released (3.16.39) [vfio-pci-fix-integer-overflows-bitmask-check.patch]
3.2-upstream-stable: N/A "Vulnerable code not present"
sid: pending (4.8.11-1) [bugfix/all/vfio-pci-Fix-integer-overflows-bitmask-check.patch]
-3.16-jessie-security: needed
+3.16-jessie-security: pending (3.16.36-1+deb8u3) [bugfix/all/vfio-pci-fix-integer-overflows-bitmask-check.patch]
3.2-wheezy-security: N/A "Vulnerable code not present"
Modified: active/CVE-2016-9084
===================================================================
--- active/CVE-2016-9084 2016-11-30 17:23:50 UTC (rev 4754)
+++ active/CVE-2016-9084 2016-12-01 00:25:01 UTC (rev 4755)
@@ -7,5 +7,5 @@
3.16-upstream-stable: released (3.16.39) [vfio-pci-fix-integer-overflows-bitmask-check.patch]
3.2-upstream-stable: N/A "Vulnerable code not present"
sid: pending (4.8.11-1) [bugfix/all/vfio-pci-Fix-integer-overflows-bitmask-check.patch]
-3.16-jessie-security: needed
+3.16-jessie-security: pending (3.16.36-1+deb8u3) [bugfix/all/vfio-pci-fix-integer-overflows-bitmask-check.patch]
3.2-wheezy-security: N/A "Vulnerable code not present"
More information about the kernel-sec-discuss
mailing list