[kernel-sec-discuss] r4285 - active

Mon Mar 28 21:49:20 UTC 2016

Author: benh
Date: 2016-03-28 21:49:20 +0000 (Mon, 28 Mar 2016)
New Revision: 4285

Modified:
   active/CVE-2016-2185
   active/CVE-2016-3134
Log:
Update upstream status for a couple of issues

Modified: active/CVE-2016-2185
===================================================================

--- active/CVE-2016-2185	2016-03-28 20:57:28 UTC (rev 4284)
+++ active/CVE-2016-2185	2016-03-28 21:49:20 UTC (rev 4285)
@@ -4,9 +4,8 @@
  https://bugzilla.redhat.com/show_bug.cgi?id=1283362
  https://bugzilla.redhat.com/show_bug.cgi?id=1283363
 Notes:
- proposed patch: http://marc.info/?l=linux-input&m=145874841024379&w=2
 Bugs:
-upstream: needed
+upstream: released (4.6-rc1) [950336ba3e4a1ffd2ca60d29f6ef386dd2c7351d]
 3.16-upstream-stable: needed
 3.2-upstream-stable: needed
 sid: needed

Modified: active/CVE-2016-3134
===================================================================
--- active/CVE-2016-3134	2016-03-28 20:57:28 UTC (rev 4284)
+++ active/CVE-2016-3134	2016-03-28 21:49:20 UTC (rev 4285)
@@ -4,12 +4,12 @@
  https://patchwork.ozlabs.org/patch/595575/
  https://patchwork.ozlabs.org/patch/599721/
  http://marc.info/?l=netfilter-devel&m=145757134822741&w=2
+ https://git.kernel.org/cgit/linux/kernel/git/davem/net.git/commit?id=bdf533de6968e9686df777dc178486f600c6e617
+ https://git.kernel.org/cgit/linux/kernel/git/davem/net.git/commit?id=6e94e0cfb0887e4013b3b930fa6ab1fe6bb6ba91
 Notes:
- Can be triggered by an unprivileged user on PF_INET sockets when
- unprivileged user namespaces are available (CONFIG_USER_NS=y)
- .
- Initial patch is debated, new patch proposal:
- https://patchwork.ozlabs.org/patch/599721/
+ carnil> Can be triggered by an unprivileged user on PF_INET sockets when
+ carnil> unprivileged user namespaces are available (CONFIG_USER_NS=y)
+ bwh> The upstream fixes (in davem/net.git) are the last two listed above
 Bugs:
 upstream: needed
 3.16-upstream-stable: needed


