[kernel-sec-discuss] r4755 - active

Ben Hutchings benh at moszumanska.debian.org
Thu Dec 1 00:25:04 UTC 2016 

Author: benh
Date: 2016-12-01 00:25:01 +0000 (Thu, 01 Dec 2016)
New Revision: 4755

Modified:
   active/CVE-2015-1350
   active/CVE-2015-8955
   active/CVE-2016-5412
   active/CVE-2016-7097
   active/CVE-2016-7910
   active/CVE-2016-7911
   active/CVE-2016-8633
   active/CVE-2016-8658
   active/CVE-2016-9083
   active/CVE-2016-9084
Log:
Mark issues pending for jessie

Modified: active/CVE-2015-1350
===================================================================
--- active/CVE-2015-1350	2016-11-30 17:23:50 UTC (rev 4754)
+++ active/CVE-2015-1350	2016-12-01 00:25:01 UTC (rev 4755)
@@ -10,7 +10,7 @@
 Bugs: 770492
 upstream: released (4.9-rc1) [030b533c4fd4d2ec3402363323de4bb2983c9cee]
 sid: pending (4.8.11-1) [bugfix/all/xfs-Propagate-dentry-down-to-inode_change_ok.patch, bugfix/all/ceph-Propagate-dentry-down-to-inode_change_ok.patch, bugfix/all/fuse-Propagate-dentry-down-to-inode_change_ok.patch, bugfix/all/fs-Give-dentry-to-inode_change_ok-instead-of-inode.patch, bugfix/all/fs-Avoid-premature-clearing-of-capabilities.patch]
-3.16-jessie-security: needed
+3.16-jessie-security: pending (3.16.36-1+deb8u3) [bugfix/all/xfs-propagate-dentry-down-to-inode_change_ok.patch, bugfix/all/fuse-propagate-dentry-down-to-inode_change_ok.patch, bugfix/all/fs-give-dentry-to-inode_change_ok-instead-of-inode.patch, bugfix/all/fs-avoid-premature-clearing-of-capabilities.patch]
 3.2-wheezy-security: pending (3.2.84-1)
 3.16-upstream-stable: released (3.16.39) [fs-give-dentry-to-inode_change_ok-instead-of-inode.patch, fs-avoid-premature-clearing-of-capabilities.patch]
 3.2-upstream-stable: released (3.2.84) [fs-give-dentry-to-inode_change_ok-instead-of-inode.patch, fs-avoid-premature-clearing-of-capabilities.patch]

Modified: active/CVE-2015-8955
===================================================================
--- active/CVE-2015-8955	2016-11-30 17:23:50 UTC (rev 4754)
+++ active/CVE-2015-8955	2016-12-01 00:25:01 UTC (rev 4755)
@@ -7,5 +7,5 @@
 3.16-upstream-stable: released (3.16.39) [arm64-perf-reject-groups-spanning-multiple-hw-pmus.patch]
 3.2-upstream-stable: N/A "Vulnerable architecture not present"
 sid: released (4.1.3-1)
-3.16-jessie-security: needed
+3.16-jessie-security: pending (3.16.36-1+deb8u3) [bugfix/arm64/arm64-perf-reject-groups-spanning-multiple-hw-pmus.patch]
 3.2-wheezy-security: N/A "Vulnerable architecture not present"

Modified: active/CVE-2016-5412
===================================================================
--- active/CVE-2016-5412	2016-11-30 17:23:50 UTC (rev 4754)
+++ active/CVE-2016-5412	2016-12-01 00:25:01 UTC (rev 4755)
@@ -10,5 +10,5 @@
 3.16-upstream-stable: released (3.16.37) [kvm-ppc-book3s-hv-pull-out-tm-state-save-restore-into-separate.patch, kvm-ppc-book3s-hv-save-restore-tm-state-in-h_cede.patch]
 3.2-upstream-stable: N/A "Transactional memory is not supported"
 sid: released (4.7.2-1)
-3.16-jessie-security: needed
+3.16-jessie-security: pending (3.16.36-1+deb8u3) [bugfix/powerpc/kvm-ppc-book3s-hv-pull-out-tm-state-save-restore-into-separate.patch, bugfix/powerpc/kvm-ppc-book3s-hv-save-restore-tm-state-in-h_cede.patch]
 3.2-wheezy-security: N/A "Transactional memory is not supported"

Modified: active/CVE-2016-7097
===================================================================
--- active/CVE-2016-7097	2016-11-30 17:23:50 UTC (rev 4754)
+++ active/CVE-2016-7097	2016-12-01 00:25:01 UTC (rev 4755)
@@ -9,5 +9,5 @@
 3.16-upstream-stable: released (3.16.39) [posix_acl-clear-sgid-bit-when-setting-file-permissions.patch]
 3.2-upstream-stable: released (3.2.84) [posix_acl-clear-sgid-bit-when-setting-file-permissions.patch]
 sid: released (4.7.8-1) [bugfix/all/posix_acl-clear-sgid-bit-when-setting-file-permissio.patch]
-3.16-jessie-security: needed
+3.16-jessie-security: pending (3.16.36-1+deb8u3) [bugfix/all/posix_acl-clear-sgid-bit-when-setting-file-permissions.patch]
 3.2-wheezy-security: pending (3.2.84-1)

Modified: active/CVE-2016-7910
===================================================================
--- active/CVE-2016-7910	2016-11-30 17:23:50 UTC (rev 4754)
+++ active/CVE-2016-7910	2016-12-01 00:25:01 UTC (rev 4755)
@@ -6,5 +6,5 @@
 3.16-upstream-stable: released (3.16.39)
 3.2-upstream-stable: released (3.2.84)
 sid: released (4.7.2-1)
-3.16-jessie-security: needed
+3.16-jessie-security: pending (3.16.36-1+deb8u3) [bugfix/all/block-fix-use-after-free-in-seq-file.patch]
 3.2-wheezy-security: pending (3.2.84-1)

Modified: active/CVE-2016-7911
===================================================================
--- active/CVE-2016-7911	2016-11-30 17:23:50 UTC (rev 4754)
+++ active/CVE-2016-7911	2016-12-01 00:25:01 UTC (rev 4755)
@@ -7,5 +7,5 @@
 3.16-upstream-stable: released (3.16.37)
 3.2-upstream-stable: needed
 sid: released (4.7.2-1)
-3.16-jessie-security: needed
+3.16-jessie-security: pending (3.16.36-1+deb8u3) [bugfix/all/block-fix-use-after-free-in-sys_ioprio_get.patch]
 3.2-wheezy-security: needed

Modified: active/CVE-2016-8633
===================================================================
--- active/CVE-2016-8633	2016-11-30 17:23:50 UTC (rev 4754)
+++ active/CVE-2016-8633	2016-12-01 00:25:01 UTC (rev 4755)
@@ -7,5 +7,5 @@
 3.16-upstream-stable: released (3.16.39) [firewire-net-guard-against-rx-buffer-overflows.patch]
 3.2-upstream-stable: released (3.2.84) [firewire-net-guard-against-rx-buffer-overflows.patch]
 sid: released (4.8.7-1)
-3.16-jessie-security: needed
+3.16-jessie-security: pending (3.16.36-1+deb8u3) [bugfix/all/firewire-net-guard-against-rx-buffer-overflows.patch]
 3.2-wheezy-security: pending (3.2.84-1)

Modified: active/CVE-2016-8658
===================================================================
--- active/CVE-2016-8658	2016-11-30 17:23:50 UTC (rev 4754)
+++ active/CVE-2016-8658	2016-12-01 00:25:01 UTC (rev 4755)
@@ -11,5 +11,5 @@
 3.16-upstream-stable: released (3.16.39) [brcmfmac-avoid-potential-stack-overflow-in-brcmf_cfg80211_start_ap.patch]
 3.2-upstream-stable: N/A "Vulnerable code not present"
 sid: released (4.7.5-1)
-3.16-jessie-security: needed
+3.16-jessie-security: pending (3.16.36-1+deb8u3) [bugfix/all/brcmfmac-avoid-potential-stack-overflow-in-brcmf_cfg80211_start_ap.patch]
 3.2-wheezy-security: N/A "Vulnerable code not present"

Modified: active/CVE-2016-9083
===================================================================
--- active/CVE-2016-9083	2016-11-30 17:23:50 UTC (rev 4754)
+++ active/CVE-2016-9083	2016-12-01 00:25:01 UTC (rev 4755)
@@ -7,5 +7,5 @@
 3.16-upstream-stable: released (3.16.39) [vfio-pci-fix-integer-overflows-bitmask-check.patch]
 3.2-upstream-stable: N/A "Vulnerable code not present"
 sid: pending (4.8.11-1) [bugfix/all/vfio-pci-Fix-integer-overflows-bitmask-check.patch]
-3.16-jessie-security: needed
+3.16-jessie-security: pending (3.16.36-1+deb8u3) [bugfix/all/vfio-pci-fix-integer-overflows-bitmask-check.patch]
 3.2-wheezy-security: N/A "Vulnerable code not present"

Modified: active/CVE-2016-9084
===================================================================
--- active/CVE-2016-9084	2016-11-30 17:23:50 UTC (rev 4754)
+++ active/CVE-2016-9084	2016-12-01 00:25:01 UTC (rev 4755)
@@ -7,5 +7,5 @@
 3.16-upstream-stable: released (3.16.39) [vfio-pci-fix-integer-overflows-bitmask-check.patch]
 3.2-upstream-stable: N/A "Vulnerable code not present"
 sid: pending (4.8.11-1) [bugfix/all/vfio-pci-Fix-integer-overflows-bitmask-check.patch]
-3.16-jessie-security: needed
+3.16-jessie-security: pending (3.16.36-1+deb8u3) [bugfix/all/vfio-pci-fix-integer-overflows-bitmask-check.patch]
 3.2-wheezy-security: N/A "Vulnerable code not present"

More information about the kernel-sec-discuss mailing list