[kernel-sec-discuss] r4229 - active retired
Moritz Muehlenhoff
jmm at moszumanska.debian.org
Tue Mar 8 10:16:46 UTC 2016
Author: jmm
Date: 2016-03-08 10:16:46 +0000 (Tue, 08 Mar 2016)
New Revision: 4229
Added:
retired/CVE-2013-4312
Removed:
active/CVE-2013-4312
Log:
retire
Deleted: active/CVE-2013-4312
===================================================================
--- active/CVE-2013-4312 2016-03-08 10:16:24 UTC (rev 4228)
+++ active/CVE-2013-4312 2016-03-08 10:16:46 UTC (rev 4229)
@@ -1,21 +0,0 @@
-Description: unix: properly account for FDs passed over unix sockets
-References:
- https://lkml.org/lkml/2015/12/31/15
-Notes:
- carnil> 712f4aad406bb1ed67f3f98d04c044191f0ff593 according to the commit
- carnil> message mitigated the issue.
- bwh> This was applied in 3.16.7-ckt20-1+deb8u3, 4.3.3-6, and 4.3.5.
- carnil> There is a second commit [759c01142a5d0f364a462346168a56de28a80f52] to
- carnil> mitigate CVE-2013-4312, but this is slightly more involving. Ben
- carnil> suggested to wait before starting to backport this as well and look
- carnil> for possible regressions/problems.
-Bugs:
- https://bugzilla.kernel.org/show_bug.cgi?id=20402
-upstream: released (4.5-rc1) [712f4aad406bb1ed67f3f98d04c044191f0ff593]
-3.16-upstream-stable: released (3.16.7-ckt24)
-3.2-upstream-stable: released (v3.2.78) [a5a6cf8c405e826ff7ed1308dde72560c0ed4854]
-2.6.32-upstream-stable: ignored
-sid: released (4.3.3-6) [bugfix/all/unix-properly-account-for-FDs-passed-over-unix-socke.patch]
-3.16-jessie-security: released (3.16.7-ckt20-1+deb8u3) [bugfix/all/unix-properly-account-for-FDs-passed-over-unix-socke.patch]
-3.2-wheezy-security: released (3.2.73-2+deb7u3) [bugfix/all/unix-properly-account-for-FDs-passed-over-unix-socke.patch]
-2.6.32-squeeze-security: ignored "Too risky to backport at EOL"
Copied: retired/CVE-2013-4312 (from rev 4228, active/CVE-2013-4312)
===================================================================
--- retired/CVE-2013-4312 (rev 0)
+++ retired/CVE-2013-4312 2016-03-08 10:16:46 UTC (rev 4229)
@@ -0,0 +1,21 @@
+Description: unix: properly account for FDs passed over unix sockets
+References:
+ https://lkml.org/lkml/2015/12/31/15
+Notes:
+ carnil> 712f4aad406bb1ed67f3f98d04c044191f0ff593 according to the commit
+ carnil> message mitigated the issue.
+ bwh> This was applied in 3.16.7-ckt20-1+deb8u3, 4.3.3-6, and 4.3.5.
+ carnil> There is a second commit [759c01142a5d0f364a462346168a56de28a80f52] to
+ carnil> mitigate CVE-2013-4312, but this is slightly more involving. Ben
+ carnil> suggested to wait before starting to backport this as well and look
+ carnil> for possible regressions/problems.
+Bugs:
+ https://bugzilla.kernel.org/show_bug.cgi?id=20402
+upstream: released (4.5-rc1) [712f4aad406bb1ed67f3f98d04c044191f0ff593]
+3.16-upstream-stable: released (3.16.7-ckt24)
+3.2-upstream-stable: released (v3.2.78) [a5a6cf8c405e826ff7ed1308dde72560c0ed4854]
+2.6.32-upstream-stable: ignored
+sid: released (4.3.3-6) [bugfix/all/unix-properly-account-for-FDs-passed-over-unix-socke.patch]
+3.16-jessie-security: released (3.16.7-ckt20-1+deb8u3) [bugfix/all/unix-properly-account-for-FDs-passed-over-unix-socke.patch]
+3.2-wheezy-security: released (3.2.73-2+deb7u3) [bugfix/all/unix-properly-account-for-FDs-passed-over-unix-socke.patch]
+2.6.32-squeeze-security: ignored "Too risky to backport at EOL"
More information about the kernel-sec-discuss
mailing list