[kernel-sec-discuss] r4206 - active

Ben Hutchings benh at moszumanska.debian.org
Mon Feb 29 00:43:38 UTC 2016 

Author: benh
Date: 2016-02-29 00:43:38 +0000 (Mon, 29 Feb 2016)
New Revision: 4206

Modified:
   active/CVE-2015-8816
   active/CVE-2016-2543
   active/CVE-2016-2544
   active/CVE-2016-2545
   active/CVE-2016-2546
   active/CVE-2016-2547
   active/CVE-2016-2548
   active/CVE-2016-2549
   active/CVE-2016-aio-oflow
Log:
Mark issues pending in jessie

Modified: active/CVE-2015-8816
===================================================================
--- active/CVE-2015-8816	2016-02-28 23:14:49 UTC (rev 4205)
+++ active/CVE-2015-8816	2016-02-29 00:43:38 UTC (rev 4206)
@@ -6,7 +6,7 @@
 3.16-upstream-stable: released (3.16.7-ckt23)
 3.2-upstream-stable: released (3.2.76)
 sid: released (4.4.2-1)
-3.16-jessie-security: needed
+3.16-jessie-security: pending (3.16.7-ckt20-1+deb8u4) [bugfix/all/usb-fix-invalid-memory-access-in-hub_activate.patch]
 3.2-wheezy-security: pending (3.2.73-2+deb7u3) [bugfix/all/usb-fix-invalid-memory-access-in-hub_activate.patch]
 2.6.32-upstream-stable: released (2.6.32-48squeeze19)
 2.6.32-squeeze-security: released (2.6.32.70)

Modified: active/CVE-2016-2543
===================================================================
--- active/CVE-2016-2543	2016-02-28 23:14:49 UTC (rev 4205)
+++ active/CVE-2016-2543	2016-02-29 00:43:38 UTC (rev 4206)
@@ -6,5 +6,5 @@
 3.16-upstream-stable: released (3.16.7-ckt24)
 3.2-upstream-stable: released (3.2.77)
 sid: released (4.4.2-1)
-3.16-jessie-security: needed
+3.16-jessie-security: pending (3.16.7-ckt20-1+deb8u4) [bugfix/all/alsa-seq-fix-missing-null-check-at-remove_events-ioctl.patch]
 3.2-wheezy-security: pending (3.2.73-2+deb7u3) [bugfix/all/alsa-seq-fix-missing-null-check-at-remove_events-ioctl.patch]

Modified: active/CVE-2016-2544
===================================================================
--- active/CVE-2016-2544	2016-02-28 23:14:49 UTC (rev 4205)
+++ active/CVE-2016-2544	2016-02-29 00:43:38 UTC (rev 4206)
@@ -6,5 +6,5 @@
 3.16-upstream-stable: released (3.16.7-ckt24)
 3.2-upstream-stable: released (3.2.77)
 sid: released (4.4.2-1)
-3.16-jessie-security: needed
+3.16-jessie-security: pending (3.16.7-ckt20-1+deb8u4) [bugfix/all/alsa-seq-fix-race-at-timer-setup-and-close.patch]
 3.2-wheezy-security: pending (3.2.73-2+deb7u3) [bugfix/all/alsa-seq-fix-race-at-timer-setup-and-close.patch]

Modified: active/CVE-2016-2545
===================================================================
--- active/CVE-2016-2545	2016-02-28 23:14:49 UTC (rev 4205)
+++ active/CVE-2016-2545	2016-02-29 00:43:38 UTC (rev 4206)
@@ -6,5 +6,5 @@
 3.16-upstream-stable: released (3.16.7-ckt24)
 3.2-upstream-stable: released (3.2.77)
 sid: released (4.4.2-1)
-3.16-jessie-security: needed
+3.16-jessie-security: pending (3.16.7-ckt20-1+deb8u4) [bugfix/all/alsa-timer-fix-double-unlink-of-active_list.patch]
 3.2-wheezy-security: pending (3.2.73-2+deb7u3) [bugfix/all/alsa-timer-fix-double-unlink-of-active_list.patch]

Modified: active/CVE-2016-2546
===================================================================
--- active/CVE-2016-2546	2016-02-28 23:14:49 UTC (rev 4205)
+++ active/CVE-2016-2546	2016-02-29 00:43:38 UTC (rev 4206)
@@ -6,5 +6,5 @@
 3.16-upstream-stable: released (3.16.7-ckt24)
 3.2-upstream-stable: released (3.2.77)
 sid: released (4.4.2-1)
-3.16-jessie-security: needed
+3.16-jessie-security: pending (3.16.7-ckt20-1+deb8u4) [bugfix/all/alsa-timer-fix-race-among-timer-ioctls.patch]
 3.2-wheezy-security: pending (3.2.73-2+deb7u3) [bugfix/all/alsa-timer-fix-race-among-timer-ioctls.patch]

Modified: active/CVE-2016-2547
===================================================================
--- active/CVE-2016-2547	2016-02-28 23:14:49 UTC (rev 4205)
+++ active/CVE-2016-2547	2016-02-29 00:43:38 UTC (rev 4206)
@@ -6,5 +6,5 @@
 3.16-upstream-stable: released (3.16.7-ckt24)
 3.2-upstream-stable: released (3.2.77)
 sid: released (4.4.2-1)
-3.16-jessie-security: needed
+3.16-jessie-security: pending (3.16.7-ckt20-1+deb8u4) [bugfix/all/alsa-timer-harden-slave-timer-list-handling.patch]
 3.2-wheezy-security: pending (3.2.73-2+deb7u3) [bugfix/all/alsa-timer-harden-slave-timer-list-handling.patch]

Modified: active/CVE-2016-2548
===================================================================
--- active/CVE-2016-2548	2016-02-28 23:14:49 UTC (rev 4205)
+++ active/CVE-2016-2548	2016-02-29 00:43:38 UTC (rev 4206)
@@ -6,5 +6,5 @@
 3.16-upstream-stable: released (3.16.7-ckt24)
 3.2-upstream-stable: released (3.2.77)
 sid: released (4.4.2-1)
-3.16-jessie-security: needed
+3.16-jessie-security: pending (3.16.7-ckt20-1+deb8u4) [bugfix/all/alsa-timer-harden-slave-timer-list-handling.patch]
 3.2-wheezy-security: pending (3.2.73-2+deb7u3) [bugfix/all/alsa-timer-harden-slave-timer-list-handling.patch]

Modified: active/CVE-2016-2549
===================================================================
--- active/CVE-2016-2549	2016-02-28 23:14:49 UTC (rev 4205)
+++ active/CVE-2016-2549	2016-02-29 00:43:38 UTC (rev 4206)
@@ -6,5 +6,5 @@
 3.16-upstream-stable: released (3.16.7-ckt24)
 3.2-upstream-stable: released (3.2.77)
 sid: released (4.4.2-1)
-3.16-jessie-security: needed
+3.16-jessie-security: pending (3.16.7-ckt20-1+deb8u4) [bugfix/all/alsa-hrtimer-fix-stall-by-hrtimer_cancel.patch]
 3.2-wheezy-security: pending (3.2.73-2+deb7u3) [bugfix/all/alsa-hrtimer-fix-stall-by-hrtimer_cancel.patch]

Modified: active/CVE-2016-aio-oflow
===================================================================
--- active/CVE-2016-aio-oflow	2016-02-28 23:14:49 UTC (rev 4205)
+++ active/CVE-2016-aio-oflow	2016-02-29 00:43:38 UTC (rev 4206)
@@ -9,5 +9,5 @@
 3.16-upstream-stable: needed
 3.2-upstream-stable: N/A "Includes previous fix and not the regression"
 sid: released (4.1.3-1)
-3.16-jessie-security: needed
+3.16-jessie-security: pending (3.16.7-ckt20-1+deb8u4) [bugfix/all/aio-properly-check-iovec-sizes.patch]
 3.2-wheezy-security: N/A "Includes previous fix and not the regression"

More information about the kernel-sec-discuss mailing list