[kernel-sec-discuss] r4446 - active retired

Salvatore Bonaccorso carnil at moszumanska.debian.org
Thu Jun 16 04:58:04 UTC 2016 

Author: carnil
Date: 2016-06-16 04:58:04 +0000 (Thu, 16 Jun 2016)
New Revision: 4446

Added:
   retired/CVE-2016-0758
Removed:
   active/CVE-2016-0758
Log:
Retire CVE-2016-0758

Deleted: active/CVE-2016-0758
===================================================================
--- active/CVE-2016-0758	2016-06-15 22:22:50 UTC (rev 4445)
+++ active/CVE-2016-0758	2016-06-16 04:58:04 UTC (rev 4446)
@@ -1,12 +0,0 @@
-Description: tags with indefinite length can corrupt pointers in asn1_find_indefinite_length()
-References:
- https://lkml.org/lkml/2016/5/12/270
-Notes:
-Bugs:
- https://bugzilla.redhat.com/show_bug.cgi?id=1300257
-upstream: released (4.6) [23c8a812dc3c621009e4f0e5342aa4e2ede1ceaa]
-3.16-upstream-stable: released (3.16.36) [keys-fix-asn.1-indefinite-length-object-parsing.patch]
-3.2-upstream-stable: N/A "Vulnerable code introduced by 42d5ec27f873c654a68f7f865dcd7737513e9508 (3.10-rc1)
-sid: released (4.5.4-1) [bugfix/all/KEYS-Fix-ASN.1-indefinite-length-object-parsing.patch]
-3.16-jessie-security: N/A "Vulnerable code is not built"
-3.2-wheezy-security: N/A "Vulnerable code not present"

Copied: retired/CVE-2016-0758 (from rev 4445, active/CVE-2016-0758)
===================================================================
--- retired/CVE-2016-0758	                        (rev 0)
+++ retired/CVE-2016-0758	2016-06-16 04:58:04 UTC (rev 4446)
@@ -0,0 +1,12 @@
+Description: tags with indefinite length can corrupt pointers in asn1_find_indefinite_length()
+References:
+ https://lkml.org/lkml/2016/5/12/270
+Notes:
+Bugs:
+ https://bugzilla.redhat.com/show_bug.cgi?id=1300257
+upstream: released (4.6) [23c8a812dc3c621009e4f0e5342aa4e2ede1ceaa]
+3.16-upstream-stable: released (3.16.36) [keys-fix-asn.1-indefinite-length-object-parsing.patch]
+3.2-upstream-stable: N/A "Vulnerable code introduced by 42d5ec27f873c654a68f7f865dcd7737513e9508 (3.10-rc1)
+sid: released (4.5.4-1) [bugfix/all/KEYS-Fix-ASN.1-indefinite-length-object-parsing.patch]
+3.16-jessie-security: N/A "Vulnerable code is not built"
+3.2-wheezy-security: N/A "Vulnerable code not present"

More information about the kernel-sec-discuss mailing list