[kernel-sec-discuss] r4220 - active retired
Salvatore Bonaccorso
carnil at moszumanska.debian.org
Thu Mar 3 19:51:24 UTC 2016
Author: carnil
Date: 2016-03-03 19:51:24 +0000 (Thu, 03 Mar 2016)
New Revision: 4220
Added:
retired/CVE-2016-2543
retired/CVE-2016-2544
retired/CVE-2016-2545
retired/CVE-2016-2546
retired/CVE-2016-2547
retired/CVE-2016-2548
retired/CVE-2016-2549
Removed:
active/CVE-2016-2543
active/CVE-2016-2544
active/CVE-2016-2545
active/CVE-2016-2546
active/CVE-2016-2547
active/CVE-2016-2548
active/CVE-2016-2549
Log:
Retire CVE-2016-254{3,4,5,6,7,8,9}
Deleted: active/CVE-2016-2543
===================================================================
--- active/CVE-2016-2543 2016-03-03 19:43:36 UTC (rev 4219)
+++ active/CVE-2016-2543 2016-03-03 19:51:24 UTC (rev 4220)
@@ -1,10 +0,0 @@
-Description: ALSA: seq: Fix missing NULL check at remove_events ioctl
-References:
-Notes:
-Bugs:
-upstream: released (v4.5-rc1) [030e2c78d3a91dd0d27fef37e91950dde333eba1]
-3.16-upstream-stable: released (3.16.7-ckt24)
-3.2-upstream-stable: released (3.2.77)
-sid: released (4.4.2-1)
-3.16-jessie-security: released (3.16.7-ckt20-1+deb8u4) [bugfix/all/alsa-seq-fix-missing-null-check-at-remove_events-ioctl.patch]
-3.2-wheezy-security: released (3.2.73-2+deb7u3) [bugfix/all/alsa-seq-fix-missing-null-check-at-remove_events-ioctl.patch]
Deleted: active/CVE-2016-2544
===================================================================
--- active/CVE-2016-2544 2016-03-03 19:43:36 UTC (rev 4219)
+++ active/CVE-2016-2544 2016-03-03 19:51:24 UTC (rev 4220)
@@ -1,10 +0,0 @@
-Description: ALSA: seq: Fix race at timer setup and close
-References:
-Notes:
-Bugs:
-upstream: released (v4.5-rc1) [3567eb6af614dac436c4b16a8d426f9faed639b3]
-3.16-upstream-stable: released (3.16.7-ckt24)
-3.2-upstream-stable: released (3.2.77)
-sid: released (4.4.2-1)
-3.16-jessie-security: released (3.16.7-ckt20-1+deb8u4) [bugfix/all/alsa-seq-fix-race-at-timer-setup-and-close.patch]
-3.2-wheezy-security: released (3.2.73-2+deb7u3) [bugfix/all/alsa-seq-fix-race-at-timer-setup-and-close.patch]
Deleted: active/CVE-2016-2545
===================================================================
--- active/CVE-2016-2545 2016-03-03 19:43:36 UTC (rev 4219)
+++ active/CVE-2016-2545 2016-03-03 19:51:24 UTC (rev 4220)
@@ -1,10 +0,0 @@
-Description: ALSA: timer: Fix double unlink of active_list
-References:
-Notes:
-Bugs:
-upstream: released (v4.5-rc1) [ee8413b01045c74340aa13ad5bdf905de32be736]
-3.16-upstream-stable: released (3.16.7-ckt24)
-3.2-upstream-stable: released (3.2.77)
-sid: released (4.4.2-1)
-3.16-jessie-security: released (3.16.7-ckt20-1+deb8u4) [bugfix/all/alsa-timer-fix-double-unlink-of-active_list.patch]
-3.2-wheezy-security: released (3.2.73-2+deb7u3) [bugfix/all/alsa-timer-fix-double-unlink-of-active_list.patch]
Deleted: active/CVE-2016-2546
===================================================================
--- active/CVE-2016-2546 2016-03-03 19:43:36 UTC (rev 4219)
+++ active/CVE-2016-2546 2016-03-03 19:51:24 UTC (rev 4220)
@@ -1,10 +0,0 @@
-Description: ALSA: timer: Fix race among timer ioctls
-References:
-Notes:
-Bugs:
-upstream: released (v4.5-rc1) [af368027a49a751d6ff4ee9e3f9961f35bb4fede]
-3.16-upstream-stable: released (3.16.7-ckt24)
-3.2-upstream-stable: released (3.2.77)
-sid: released (4.4.2-1)
-3.16-jessie-security: released (3.16.7-ckt20-1+deb8u4) [bugfix/all/alsa-timer-fix-race-among-timer-ioctls.patch]
-3.2-wheezy-security: released (3.2.73-2+deb7u3) [bugfix/all/alsa-timer-fix-race-among-timer-ioctls.patch]
Deleted: active/CVE-2016-2547
===================================================================
--- active/CVE-2016-2547 2016-03-03 19:43:36 UTC (rev 4219)
+++ active/CVE-2016-2547 2016-03-03 19:51:24 UTC (rev 4220)
@@ -1,10 +0,0 @@
-Description: Use-after-free in ALSA timer subsystem
-References:
-Notes:
-Bugs:
-upstream: released (v4.5-rc1) [b5a663aa426f4884c71cd8580adae73f33570f0d]
-3.16-upstream-stable: released (3.16.7-ckt24)
-3.2-upstream-stable: released (3.2.77)
-sid: released (4.4.2-1)
-3.16-jessie-security: released (3.16.7-ckt20-1+deb8u4) [bugfix/all/alsa-timer-harden-slave-timer-list-handling.patch]
-3.2-wheezy-security: released (3.2.73-2+deb7u3) [bugfix/all/alsa-timer-harden-slave-timer-list-handling.patch]
Deleted: active/CVE-2016-2548
===================================================================
--- active/CVE-2016-2548 2016-03-03 19:43:36 UTC (rev 4219)
+++ active/CVE-2016-2548 2016-03-03 19:51:24 UTC (rev 4220)
@@ -1,10 +0,0 @@
-Description: Use-after-free in ALSA timer subsystem
-References:
-Notes:
-Bugs:
-upstream: released (v4.5-rc1) [b5a663aa426f4884c71cd8580adae73f33570f0d]
-3.16-upstream-stable: released (3.16.7-ckt24)
-3.2-upstream-stable: released (3.2.77)
-sid: released (4.4.2-1)
-3.16-jessie-security: released (3.16.7-ckt20-1+deb8u4) [bugfix/all/alsa-timer-harden-slave-timer-list-handling.patch]
-3.2-wheezy-security: released (3.2.73-2+deb7u3) [bugfix/all/alsa-timer-harden-slave-timer-list-handling.patch]
Deleted: active/CVE-2016-2549
===================================================================
--- active/CVE-2016-2549 2016-03-03 19:43:36 UTC (rev 4219)
+++ active/CVE-2016-2549 2016-03-03 19:51:24 UTC (rev 4220)
@@ -1,10 +0,0 @@
-Description: ALSA: hrtimer: Fix stall by hrtimer_cancel()
-References:
-Notes:
-Bugs:
-upstream: released (v4.5-rc1) [2ba1fe7a06d3624f9a7586d672b55f08f7c670f3]
-3.16-upstream-stable: released (3.16.7-ckt24)
-3.2-upstream-stable: released (3.2.77)
-sid: released (4.4.2-1)
-3.16-jessie-security: released (3.16.7-ckt20-1+deb8u4) [bugfix/all/alsa-hrtimer-fix-stall-by-hrtimer_cancel.patch]
-3.2-wheezy-security: released (3.2.73-2+deb7u3) [bugfix/all/alsa-hrtimer-fix-stall-by-hrtimer_cancel.patch]
Copied: retired/CVE-2016-2543 (from rev 4219, active/CVE-2016-2543)
===================================================================
--- retired/CVE-2016-2543 (rev 0)
+++ retired/CVE-2016-2543 2016-03-03 19:51:24 UTC (rev 4220)
@@ -0,0 +1,10 @@
+Description: ALSA: seq: Fix missing NULL check at remove_events ioctl
+References:
+Notes:
+Bugs:
+upstream: released (v4.5-rc1) [030e2c78d3a91dd0d27fef37e91950dde333eba1]
+3.16-upstream-stable: released (3.16.7-ckt24)
+3.2-upstream-stable: released (3.2.77)
+sid: released (4.4.2-1)
+3.16-jessie-security: released (3.16.7-ckt20-1+deb8u4) [bugfix/all/alsa-seq-fix-missing-null-check-at-remove_events-ioctl.patch]
+3.2-wheezy-security: released (3.2.73-2+deb7u3) [bugfix/all/alsa-seq-fix-missing-null-check-at-remove_events-ioctl.patch]
Copied: retired/CVE-2016-2544 (from rev 4219, active/CVE-2016-2544)
===================================================================
--- retired/CVE-2016-2544 (rev 0)
+++ retired/CVE-2016-2544 2016-03-03 19:51:24 UTC (rev 4220)
@@ -0,0 +1,10 @@
+Description: ALSA: seq: Fix race at timer setup and close
+References:
+Notes:
+Bugs:
+upstream: released (v4.5-rc1) [3567eb6af614dac436c4b16a8d426f9faed639b3]
+3.16-upstream-stable: released (3.16.7-ckt24)
+3.2-upstream-stable: released (3.2.77)
+sid: released (4.4.2-1)
+3.16-jessie-security: released (3.16.7-ckt20-1+deb8u4) [bugfix/all/alsa-seq-fix-race-at-timer-setup-and-close.patch]
+3.2-wheezy-security: released (3.2.73-2+deb7u3) [bugfix/all/alsa-seq-fix-race-at-timer-setup-and-close.patch]
Copied: retired/CVE-2016-2545 (from rev 4219, active/CVE-2016-2545)
===================================================================
--- retired/CVE-2016-2545 (rev 0)
+++ retired/CVE-2016-2545 2016-03-03 19:51:24 UTC (rev 4220)
@@ -0,0 +1,10 @@
+Description: ALSA: timer: Fix double unlink of active_list
+References:
+Notes:
+Bugs:
+upstream: released (v4.5-rc1) [ee8413b01045c74340aa13ad5bdf905de32be736]
+3.16-upstream-stable: released (3.16.7-ckt24)
+3.2-upstream-stable: released (3.2.77)
+sid: released (4.4.2-1)
+3.16-jessie-security: released (3.16.7-ckt20-1+deb8u4) [bugfix/all/alsa-timer-fix-double-unlink-of-active_list.patch]
+3.2-wheezy-security: released (3.2.73-2+deb7u3) [bugfix/all/alsa-timer-fix-double-unlink-of-active_list.patch]
Copied: retired/CVE-2016-2546 (from rev 4219, active/CVE-2016-2546)
===================================================================
--- retired/CVE-2016-2546 (rev 0)
+++ retired/CVE-2016-2546 2016-03-03 19:51:24 UTC (rev 4220)
@@ -0,0 +1,10 @@
+Description: ALSA: timer: Fix race among timer ioctls
+References:
+Notes:
+Bugs:
+upstream: released (v4.5-rc1) [af368027a49a751d6ff4ee9e3f9961f35bb4fede]
+3.16-upstream-stable: released (3.16.7-ckt24)
+3.2-upstream-stable: released (3.2.77)
+sid: released (4.4.2-1)
+3.16-jessie-security: released (3.16.7-ckt20-1+deb8u4) [bugfix/all/alsa-timer-fix-race-among-timer-ioctls.patch]
+3.2-wheezy-security: released (3.2.73-2+deb7u3) [bugfix/all/alsa-timer-fix-race-among-timer-ioctls.patch]
Copied: retired/CVE-2016-2547 (from rev 4219, active/CVE-2016-2547)
===================================================================
--- retired/CVE-2016-2547 (rev 0)
+++ retired/CVE-2016-2547 2016-03-03 19:51:24 UTC (rev 4220)
@@ -0,0 +1,10 @@
+Description: Use-after-free in ALSA timer subsystem
+References:
+Notes:
+Bugs:
+upstream: released (v4.5-rc1) [b5a663aa426f4884c71cd8580adae73f33570f0d]
+3.16-upstream-stable: released (3.16.7-ckt24)
+3.2-upstream-stable: released (3.2.77)
+sid: released (4.4.2-1)
+3.16-jessie-security: released (3.16.7-ckt20-1+deb8u4) [bugfix/all/alsa-timer-harden-slave-timer-list-handling.patch]
+3.2-wheezy-security: released (3.2.73-2+deb7u3) [bugfix/all/alsa-timer-harden-slave-timer-list-handling.patch]
Copied: retired/CVE-2016-2548 (from rev 4219, active/CVE-2016-2548)
===================================================================
--- retired/CVE-2016-2548 (rev 0)
+++ retired/CVE-2016-2548 2016-03-03 19:51:24 UTC (rev 4220)
@@ -0,0 +1,10 @@
+Description: Use-after-free in ALSA timer subsystem
+References:
+Notes:
+Bugs:
+upstream: released (v4.5-rc1) [b5a663aa426f4884c71cd8580adae73f33570f0d]
+3.16-upstream-stable: released (3.16.7-ckt24)
+3.2-upstream-stable: released (3.2.77)
+sid: released (4.4.2-1)
+3.16-jessie-security: released (3.16.7-ckt20-1+deb8u4) [bugfix/all/alsa-timer-harden-slave-timer-list-handling.patch]
+3.2-wheezy-security: released (3.2.73-2+deb7u3) [bugfix/all/alsa-timer-harden-slave-timer-list-handling.patch]
Copied: retired/CVE-2016-2549 (from rev 4219, active/CVE-2016-2549)
===================================================================
--- retired/CVE-2016-2549 (rev 0)
+++ retired/CVE-2016-2549 2016-03-03 19:51:24 UTC (rev 4220)
@@ -0,0 +1,10 @@
+Description: ALSA: hrtimer: Fix stall by hrtimer_cancel()
+References:
+Notes:
+Bugs:
+upstream: released (v4.5-rc1) [2ba1fe7a06d3624f9a7586d672b55f08f7c670f3]
+3.16-upstream-stable: released (3.16.7-ckt24)
+3.2-upstream-stable: released (3.2.77)
+sid: released (4.4.2-1)
+3.16-jessie-security: released (3.16.7-ckt20-1+deb8u4) [bugfix/all/alsa-hrtimer-fix-stall-by-hrtimer_cancel.patch]
+3.2-wheezy-security: released (3.2.73-2+deb7u3) [bugfix/all/alsa-hrtimer-fix-stall-by-hrtimer_cancel.patch]
More information about the kernel-sec-discuss
mailing list