[kernel-sec-discuss] r4458 - active

Salvatore Bonaccorso carnil at moszumanska.debian.org
Fri Jun 17 04:40:36 UTC 2016 

Author: carnil
Date: 2016-06-17 04:40:36 +0000 (Fri, 17 Jun 2016)
New Revision: 4458

Modified:
   active/CVE-2015-7515
   active/CVE-2016-0821
   active/CVE-2016-1583
   active/CVE-2016-2143
   active/CVE-2016-2184
   active/CVE-2016-2185
   active/CVE-2016-2186
   active/CVE-2016-2187
   active/CVE-2016-3134
   active/CVE-2016-3136
   active/CVE-2016-3137
   active/CVE-2016-3138
   active/CVE-2016-3140
   active/CVE-2016-3157
   active/CVE-2016-3672
   active/CVE-2016-3951
   active/CVE-2016-3955
   active/CVE-2016-3961
   active/CVE-2016-4482
   active/CVE-2016-4485
   active/CVE-2016-4486
   active/CVE-2016-4565
   active/CVE-2016-4569
   active/CVE-2016-4578
   active/CVE-2016-4580
   active/CVE-2016-4805
   active/CVE-2016-4913
   active/CVE-2016-5243
   active/CVE-2016-5244
Log:
Mark 3.2.81-1 as released for wheezy-security

Modified: active/CVE-2015-7515
===================================================================
--- active/CVE-2015-7515	2016-06-17 00:39:56 UTC (rev 4457)
+++ active/CVE-2015-7515	2016-06-17 04:40:36 UTC (rev 4458)
@@ -10,4 +10,4 @@
 3.2-upstream-stable: released (3.2.79) [input-aiptek-fix-crash-on-detecting-device-without-endpoints.patch]
 sid: released (4.4.2-1)
 3.16-jessie-security: needed
-3.2-wheezy-security: pending (3.2.81-1)
+3.2-wheezy-security: released (3.2.81-1)

Modified: active/CVE-2016-0821
===================================================================
--- active/CVE-2016-0821	2016-06-17 00:39:56 UTC (rev 4457)
+++ active/CVE-2016-0821	2016-06-17 04:40:36 UTC (rev 4458)
@@ -7,4 +7,4 @@
 3.2-upstream-stable: released (3.2.79) [include-linux-poison.h-fix-list_poison-1-2-offset.patch]
 sid: released (4.3.1-1)
 3.16-jessie-security: pending (3.16.7-ckt25-2+deb8u1) [bugfix/all/include-linux-poison.h-fix-list_poison-1-2-offset.patch]
-3.2-wheezy-security: pending (3.2.81-1)
+3.2-wheezy-security: released (3.2.81-1)

Modified: active/CVE-2016-1583
===================================================================
--- active/CVE-2016-1583	2016-06-17 00:39:56 UTC (rev 4457)
+++ active/CVE-2016-1583	2016-06-17 04:40:36 UTC (rev 4458)
@@ -24,4 +24,4 @@
 3.2-upstream-stable: needed
 sid: released (4.6.2-1) [bugfix/all/proc-prevent-stacking-filesystems-on-top.patch, bugfix/all/ecryptfs-forbid-opening-files-without-mmap-handler.patch, bugfix/all/sched-panic-on-corrupted-stack-end.patch]
 3.16-jessie-security: needed
-3.2-wheezy-security: pending (3.2.81-1) [bugfix/all/ecryptfs-fix-handling-of-directory-opening.patch, bugfix/all/ecryptfs-forbid-opening-files-without-mmap-handler.patch]
+3.2-wheezy-security: released (3.2.81-1) [bugfix/all/ecryptfs-fix-handling-of-directory-opening.patch, bugfix/all/ecryptfs-forbid-opening-files-without-mmap-handler.patch]

Modified: active/CVE-2016-2143
===================================================================
--- active/CVE-2016-2143	2016-06-17 00:39:56 UTC (rev 4457)
+++ active/CVE-2016-2143	2016-06-17 04:40:36 UTC (rev 4458)
@@ -8,4 +8,4 @@
 3.2-upstream-stable: released (3.2.79) [s390-mm-four-page-table-levels-vs.-fork.patch]
 sid: released (4.4.6-1)
 3.16-jessie-security: pending (3.16.7-ckt25-2+deb8u1) [bugfix/s390/s390-mm-four-page-table-levels-vs.-fork.patch]
-3.2-wheezy-security: pending (3.2.81-1)
+3.2-wheezy-security: released (3.2.81-1)

Modified: active/CVE-2016-2184
===================================================================
--- active/CVE-2016-2184	2016-06-17 00:39:56 UTC (rev 4457)
+++ active/CVE-2016-2184	2016-06-17 04:40:36 UTC (rev 4458)
@@ -10,4 +10,4 @@
 3.2-upstream-stable: released (3.2.80) [alsa-usb-audio-fix-null-dereference-in-create_fixed_stream_quirk.patch, alsa-usb-audio-add-sanity-checks-for-endpoint-accesses.patch]
 sid: released (4.5.1-1)
 3.16-jessie-security: needed
-3.2-wheezy-security: pending (3.2.81-1)
+3.2-wheezy-security: released (3.2.81-1)

Modified: active/CVE-2016-2185
===================================================================
--- active/CVE-2016-2185	2016-06-17 00:39:56 UTC (rev 4457)
+++ active/CVE-2016-2185	2016-06-17 04:40:36 UTC (rev 4458)
@@ -10,4 +10,4 @@
 3.2-upstream-stable: released (3.2.80) [input-ati_remote2-fix-crashes-on-detecting-device-with-invalid.patch]
 sid: released (4.5.1-1)
 3.16-jessie-security: needed
-3.2-wheezy-security: pending (3.2.81-1)
+3.2-wheezy-security: released (3.2.81-1)

Modified: active/CVE-2016-2186
===================================================================
--- active/CVE-2016-2186	2016-06-17 00:39:56 UTC (rev 4457)
+++ active/CVE-2016-2186	2016-06-17 04:40:36 UTC (rev 4458)
@@ -10,4 +10,4 @@
 3.2-upstream-stable: released (3.2.80) [input-powermate-fix-oops-with-malicious-usb-descriptors.patch]
 sid: released (4.5.1-1)
 3.16-jessie-security: needed
-3.2-wheezy-security: pending (3.2.81-1)
+3.2-wheezy-security: released (3.2.81-1)

Modified: active/CVE-2016-2187
===================================================================
--- active/CVE-2016-2187	2016-06-17 00:39:56 UTC (rev 4457)
+++ active/CVE-2016-2187	2016-06-17 04:40:36 UTC (rev 4458)
@@ -8,4 +8,4 @@
 3.2-upstream-stable: released (3.2.81) [input-gtco-fix-crash-on-detecting-device-without-endpoints.patch]
 sid: released (4.5.2-1) [bugfix/all/input-gtco-fix-crash-on-detecting-device-without-end.patch]
 3.16-jessie-security: needed
-3.2-wheezy-security: pending (3.2.81-1)
+3.2-wheezy-security: released (3.2.81-1)

Modified: active/CVE-2016-3134
===================================================================
--- active/CVE-2016-3134	2016-06-17 00:39:56 UTC (rev 4457)
+++ active/CVE-2016-3134	2016-06-17 04:40:36 UTC (rev 4458)
@@ -16,4 +16,4 @@
 3.2-upstream-stable: released (3.2.80) [netfilter-x_tables-validate-e-target_offset-early.patch, netfilter-x_tables-make-sure-e-next_offset-covers-remaining-blob.patch]
 sid: released (4.5.1-1) [bugfix/all/netfilter-x_tables-validate-e-target_offset-early.patch, bugfix/all/netfilter-x_tables-make-sure-e-next_offset-covers-re.patch]
 3.16-jessie-security: pending (3.16.7-ckt25-2+deb8u1) [bugfix/all/netfilter-x_tables-validate-e-target_offset-early.patch, bugfix/all/netfilter-x_tables-make-sure-e-next_offset-covers-remaining-blob.patch]
-3.2-wheezy-security: pending (3.2.81-1)
+3.2-wheezy-security: released (3.2.81-1)

Modified: active/CVE-2016-3136
===================================================================
--- active/CVE-2016-3136	2016-06-17 00:39:56 UTC (rev 4457)
+++ active/CVE-2016-3136	2016-06-17 04:40:36 UTC (rev 4458)
@@ -9,4 +9,4 @@
 3.2-upstream-stable: released (3.2.80) [usb-mct_u232-add-sanity-checking-in-probe.patch]
 sid: released (4.5.1-1)
 3.16-jessie-security: needed
-3.2-wheezy-security: pending (3.2.81-1)
+3.2-wheezy-security: released (3.2.81-1)

Modified: active/CVE-2016-3137
===================================================================
--- active/CVE-2016-3137	2016-06-17 00:39:56 UTC (rev 4457)
+++ active/CVE-2016-3137	2016-06-17 04:40:36 UTC (rev 4458)
@@ -9,4 +9,4 @@
 3.2-upstream-stable: released (3.2.80) [usb-cypress_m8-add-endpoint-sanity-check.patch]
 sid: released (4.5.1-1)
 3.16-jessie-security: needed
-3.2-wheezy-security: pending (3.2.81-1)
+3.2-wheezy-security: released (3.2.81-1)

Modified: active/CVE-2016-3138
===================================================================
--- active/CVE-2016-3138	2016-06-17 00:39:56 UTC (rev 4457)
+++ active/CVE-2016-3138	2016-06-17 04:40:36 UTC (rev 4458)
@@ -9,4 +9,4 @@
 3.2-upstream-stable: released (3.2.80) [usb-cdc-acm-more-sanity-checking.patch]
 sid: released (4.5.1-1)
 3.16-jessie-security: needed
-3.2-wheezy-security: pending (3.2.81-1)
+3.2-wheezy-security: released (3.2.81-1)

Modified: active/CVE-2016-3140
===================================================================
--- active/CVE-2016-3140	2016-06-17 00:39:56 UTC (rev 4457)
+++ active/CVE-2016-3140	2016-06-17 04:40:36 UTC (rev 4458)
@@ -10,4 +10,4 @@
 3.2-upstream-stable: released (3.2.80) [usb-digi_acceleport-do-sanity-checking-for-the-number-of-ports.patch]
 sid: released (4.5.1-1)
 3.16-jessie-security: needed
-3.2-wheezy-security: pending (3.2.81-1)
+3.2-wheezy-security: released (3.2.81-1)

Modified: active/CVE-2016-3157
===================================================================
--- active/CVE-2016-3157	2016-06-17 00:39:56 UTC (rev 4457)
+++ active/CVE-2016-3157	2016-06-17 04:40:36 UTC (rev 4458)
@@ -8,4 +8,4 @@
 3.2-upstream-stable: released (3.2.80) [x86-iopl-64-properly-context-switch-iopl-on-xen-pv.patch]
 sid: released (4.5.1-1)
 3.16-jessie-security: pending (3.16.7-ckt25-2+deb8u1) [bugfix/x86/x86-iopl-64-properly-context-switch-iopl-on-xen-pv.patch]
-3.2-wheezy-security: pending (3.2.81-1)
+3.2-wheezy-security: released (3.2.81-1)

Modified: active/CVE-2016-3672
===================================================================
--- active/CVE-2016-3672	2016-06-17 00:39:56 UTC (rev 4457)
+++ active/CVE-2016-3672	2016-06-17 04:40:36 UTC (rev 4458)
@@ -11,4 +11,4 @@
 3.2-upstream-stable: released (3.2.80) [x86-standardize-mmap_rnd-usage.patch, x86-mm-32-enable-full-randomization-on-i386-and-x86_32.patch]
 sid: released (4.5.1-1) [bugfix/all/x86-mm-32-enable-full-randomization-on-i386-and-x86_.patch]
 3.16-jessie-security: pending (3.16.7-ckt25-2+deb8u1) [bugfix/x86/x86-standardize-mmap_rnd-usage.patch, bugfix/x86/x86-mm-32-enable-full-randomization-on-i386-and-x86_32.patch]
-3.2-wheezy-security: pending (3.2.81-1)
+3.2-wheezy-security: released (3.2.81-1)

Modified: active/CVE-2016-3951
===================================================================
--- active/CVE-2016-3951	2016-06-17 00:39:56 UTC (rev 4457)
+++ active/CVE-2016-3951	2016-06-17 04:40:36 UTC (rev 4458)
@@ -8,4 +8,4 @@
 3.2-upstream-stable: released (3.2.80) [usbnet-cleanup-after-bind-in-probe.patch]
 sid: released (4.5.1-1)
 3.16-jessie-security: pending (3.16.7-ckt25-2+deb8u1) [bugfix/all/cdc_ncm-do-not-call-usbnet_link_change-from-cdc_ncm_.patch, bugfix/all/usbnet-cleanup-after-bind-in-probe.patch]
-3.2-wheezy-security: pending (3.2.81-1)
+3.2-wheezy-security: released (3.2.81-1)

Modified: active/CVE-2016-3955
===================================================================
--- active/CVE-2016-3955	2016-06-17 00:39:56 UTC (rev 4457)
+++ active/CVE-2016-3955	2016-06-17 04:40:36 UTC (rev 4458)
@@ -7,4 +7,4 @@
 3.2-upstream-stable: released (3.2.80) [usb-usbip-fix-potential-out-of-bounds-write.patch]
 sid: released (4.5.2-1) [bugfix/all/USB-usbip-fix-potential-out-of-bounds-write.patch]
 3.16-jessie-security: pending (3.16.7-ckt25-2+deb8u1) [bugfix/all/USB-usbip-fix-potential-out-of-bounds-write.patch]
-3.2-wheezy-security: pending (3.2.81-1)
+3.2-wheezy-security: released (3.2.81-1)

Modified: active/CVE-2016-3961
===================================================================
--- active/CVE-2016-3961	2016-06-17 00:39:56 UTC (rev 4457)
+++ active/CVE-2016-3961	2016-06-17 04:40:36 UTC (rev 4458)
@@ -8,4 +8,4 @@
 3.2-upstream-stable: released (3.2.81) [hugetlb-ensure-hugepage-access-is-denied-if-hugepages-are-not.patch, mm-hugetlb-allow-hugepages_supported-to-be-architecture-specific.patch, x86-mm-xen-suppress-hugetlbfs-in-pv-guests.patch]
 sid: released (4.5.2-1) [bugfix/x86/x86-xen-suppress-hugetlbfs-in-PV-guests.patch]
 3.16-jessie-security: pending (3.16.7-ckt25-2+deb8u1) [bugfix/all/mm-hugetlb-allow-hugepages_supported-to-be-architect.patch, bugfix/x86/x86-mm-xen-Suppress-hugetlbfs-in-PV-guests.patch]
-3.2-wheezy-security: pending (3.2.81-1) [bugfix/all/hugetlb-ensure-hugepage-access-is-denied-if-hugepages-are-not.patch, bugfix/all/mm-hugetlb-allow-hugepages_supported-to-be-architect.patch, bugfix/x86/x86-mm-xen-Suppress-hugetlbfs-in-PV-guests.patch]
+3.2-wheezy-security: released (3.2.81-1) [bugfix/all/hugetlb-ensure-hugepage-access-is-denied-if-hugepages-are-not.patch, bugfix/all/mm-hugetlb-allow-hugepages_supported-to-be-architect.patch, bugfix/x86/x86-mm-xen-Suppress-hugetlbfs-in-PV-guests.patch]

Modified: active/CVE-2016-4482
===================================================================
--- active/CVE-2016-4482	2016-06-17 00:39:56 UTC (rev 4457)
+++ active/CVE-2016-4482	2016-06-17 04:40:36 UTC (rev 4458)
@@ -11,4 +11,4 @@
 3.2-upstream-stable: needed
 sid: released (4.5.5-1) [bugfix/all/usb-usbfs-fix-potential-infoleak-in-devio.patch]
 3.16-jessie-security: needed
-3.2-wheezy-security: pending (3.2.81-1) [bugfix/all/usb-usbfs-fix-potential-infoleak-in-devio.patch]
+3.2-wheezy-security: released (3.2.81-1) [bugfix/all/usb-usbfs-fix-potential-infoleak-in-devio.patch]

Modified: active/CVE-2016-4485
===================================================================
--- active/CVE-2016-4485	2016-06-17 00:39:56 UTC (rev 4457)
+++ active/CVE-2016-4485	2016-06-17 04:40:36 UTC (rev 4458)
@@ -7,4 +7,4 @@
 3.2-upstream-stable: released (3.2.81) [net-fix-infoleak-in-llc.patch]
 sid: released (4.5.4-1) [bugfix/all/net-fix-infoleak-in-llc.patch]
 3.16-jessie-security: needed
-3.2-wheezy-security: pending (3.2.81-1)
+3.2-wheezy-security: released (3.2.81-1)

Modified: active/CVE-2016-4486
===================================================================
--- active/CVE-2016-4486	2016-06-17 00:39:56 UTC (rev 4457)
+++ active/CVE-2016-4486	2016-06-17 04:40:36 UTC (rev 4458)
@@ -7,4 +7,4 @@
 3.2-upstream-stable: released (3.2.81) [net-fix-infoleak-in-rtnetlink.patch]
 sid: released (4.5.4-1) [bugfix/all/net-fix-infoleak-in-rtnetlink.patch]
 3.16-jessie-security: needed
-3.2-wheezy-security: pending (3.2.81-1)
+3.2-wheezy-security: released (3.2.81-1)

Modified: active/CVE-2016-4565
===================================================================
--- active/CVE-2016-4565	2016-06-17 00:39:56 UTC (rev 4457)
+++ active/CVE-2016-4565	2016-06-17 04:40:36 UTC (rev 4458)
@@ -7,4 +7,4 @@
 3.2-upstream-stable: released (3.2.81) [ib-security-restrict-use-of-the-write-interface.patch]
 sid: released (4.5.3-1)
 3.16-jessie-security: needed
-3.2-wheezy-security: pending (3.2.81-1)
+3.2-wheezy-security: released (3.2.81-1)

Modified: active/CVE-2016-4569
===================================================================
--- active/CVE-2016-4569	2016-06-17 00:39:56 UTC (rev 4457)
+++ active/CVE-2016-4569	2016-06-17 04:40:36 UTC (rev 4458)
@@ -10,4 +10,4 @@
 3.2-upstream-stable: needed
 sid: released (4.4.5-1) [bugfix/all/alsa-timer-fix-leak-in-sndrv_timer_ioctl_params.patch]
 3.16-jessie-security: needed
-3.2-wheezy-security: pending (3.2.81-1) [bugfix/all/alsa-timer-fix-leak-in-sndrv_timer_ioctl_params.patch]
+3.2-wheezy-security: released (3.2.81-1) [bugfix/all/alsa-timer-fix-leak-in-sndrv_timer_ioctl_params.patch]

Modified: active/CVE-2016-4578
===================================================================
--- active/CVE-2016-4578	2016-06-17 00:39:56 UTC (rev 4457)
+++ active/CVE-2016-4578	2016-06-17 04:40:36 UTC (rev 4458)
@@ -9,4 +9,4 @@
 3.2-upstream-stable: needed
 sid: released (4.5.5-1) [bugfix/all/alsa-timer-fix-leak-in-events-via-snd_timer_user_cca.patch, bugfix/all/alsa-timer-fix-leak-in-events-via-snd_timer_user_tin.patch]
 3.16-jessie-security: needed
-3.2-wheezy-security: pending (3.2.81-1) [bugfix/all/alsa-timer-fix-leak-in-events-via-snd_timer_user_cca.patch, bugfix/all/alsa-timer-fix-leak-in-events-via-snd_timer_user_tin.patch]
+3.2-wheezy-security: released (3.2.81-1) [bugfix/all/alsa-timer-fix-leak-in-events-via-snd_timer_user_cca.patch, bugfix/all/alsa-timer-fix-leak-in-events-via-snd_timer_user_tin.patch]

Modified: active/CVE-2016-4580
===================================================================
--- active/CVE-2016-4580	2016-06-17 00:39:56 UTC (rev 4457)
+++ active/CVE-2016-4580	2016-06-17 04:40:36 UTC (rev 4458)
@@ -8,4 +8,4 @@
 3.2-upstream-stable: released (3.2.81) [net-fix-a-kernel-infoleak-in-x25-module.patch]
 sid: released (4.5.5-1)
 3.16-jessie-security:
-3.2-wheezy-security: pending (3.2.81-1)
+3.2-wheezy-security: released (3.2.81-1)

Modified: active/CVE-2016-4805
===================================================================
--- active/CVE-2016-4805	2016-06-17 00:39:56 UTC (rev 4457)
+++ active/CVE-2016-4805	2016-06-17 04:40:36 UTC (rev 4458)
@@ -7,4 +7,4 @@
 3.2-upstream-stable: released (3.2.80) [7fda126c5155acc3e61596ce4c5dcf3859e22444]
 sid: released (4.5.2-1)
 3.16-jessie-security: needed
-3.2-wheezy-security: pending (3.2.81-1)
+3.2-wheezy-security: released (3.2.81-1)

Modified: active/CVE-2016-4913
===================================================================
--- active/CVE-2016-4913	2016-06-17 00:39:56 UTC (rev 4457)
+++ active/CVE-2016-4913	2016-06-17 04:40:36 UTC (rev 4458)
@@ -7,4 +7,4 @@
 3.2-upstream-stable: released (3.2.81) [get_rock_ridge_filename-handle-malformed-nm-entries.patch]
 sid: released (4.5.4-1) [bugfix/all/get_rock_ridge_filename-handle-malformed-nm-entries.patch]
 3.16-jessie-security: pending (3.16.7-ckt25-2+deb8u1) [bugfix/all/get_rock_ridge_filename-handle-malformed-NM-entries.patch]
-3.2-wheezy-security: pending (3.2.81-1) [bugfix/all/get_rock_ridge_filename-handle-malformed-NM-entries.patch]
+3.2-wheezy-security: released (3.2.81-1) [bugfix/all/get_rock_ridge_filename-handle-malformed-NM-entries.patch]

Modified: active/CVE-2016-5243
===================================================================
--- active/CVE-2016-5243	2016-06-17 00:39:56 UTC (rev 4457)
+++ active/CVE-2016-5243	2016-06-17 04:40:36 UTC (rev 4458)
@@ -9,4 +9,4 @@
 3.2-upstream-stable: needed
 sid: released (4.6.2-1) [bugfix/all/tipc-fix-an-infoleak-in-tipc_nl_compat_link_dump.patch]
 3.16-jessie-security: needed
-3.2-wheezy-security: pending (3.2.81-1) [bugfix/all/tipc-fix-an-infoleak-in-tipc_nl_compat_link_dump.patch]
+3.2-wheezy-security: released (3.2.81-1) [bugfix/all/tipc-fix-an-infoleak-in-tipc_nl_compat_link_dump.patch]

Modified: active/CVE-2016-5244
===================================================================
--- active/CVE-2016-5244	2016-06-17 00:39:56 UTC (rev 4457)
+++ active/CVE-2016-5244	2016-06-17 04:40:36 UTC (rev 4458)
@@ -8,4 +8,4 @@
 3.2-upstream-stable: needed
 sid: released (4.6.2-1) [bugfix/all/rds-fix-an-infoleak-in-rds_inc_info_copy.patch]
 3.16-jessie-security: needed
-3.2-wheezy-security: pending (3.2.81-1) [bugfix/all/rds-fix-an-infoleak-in-rds_inc_info_copy.patch]
+3.2-wheezy-security: released (3.2.81-1) [bugfix/all/rds-fix-an-infoleak-in-rds_inc_info_copy.patch]

More information about the kernel-sec-discuss mailing list