[kernel-sec-discuss] r4698 - active
Ben Hutchings
benh at moszumanska.debian.org
Fri Nov 11 03:01:00 UTC 2016
Author: benh
Date: 2016-11-11 03:01:00 +0000 (Fri, 11 Nov 2016)
New Revision: 4698
Modified:
active/CVE-2016-3857
active/CVE-2016-6327
active/CVE-2016-6480
active/CVE-2016-6828
Log:
Update status of issues in 3.{2,16}-stable
Modified: active/CVE-2016-3857
===================================================================
--- active/CVE-2016-3857 2016-11-10 07:42:18 UTC (rev 4697)
+++ active/CVE-2016-3857 2016-11-11 03:01:00 UTC (rev 4698)
@@ -4,8 +4,8 @@
CONFIG_OABI_COMPAT disabled in 3.13.4-1, cf. #728975
Bugs:
upstream: released (4.8-rc2) [7de249964f5578e67b99699c5f0b405738d820a2]
-3.16-upstream-stable: needed
-3.2-upstream-stable: needed
+3.16-upstream-stable: pending (3.16.39) [arm-oabi-compat-add-missing-access-checks.patch]
+3.2-upstream-stable: pending (3.2.84) [arm-oabi-compat-add-missing-access-checks.patch]
sid: released (4.7.2-1)
3.16-jessie-security: ignored "Feature is disabled and unlikely to be enabled in custom kernels"
3.2-wheezy-security: released (3.2.81-2) [bugfix/arm/arm-oabi-compat-add-missing-access-checks.patch]
Modified: active/CVE-2016-6327
===================================================================
--- active/CVE-2016-6327 2016-11-10 07:42:18 UTC (rev 4697)
+++ active/CVE-2016-6327 2016-11-11 03:01:00 UTC (rev 4698)
@@ -3,8 +3,8 @@
Notes:
Bugs:
upstream: released (4.6-rc1) [51093254bf879bc9ce96590400a87897c7498463]
-3.16-upstream-stable: needed
+3.16-upstream-stable: released (3.16.35)
3.2-upstream-stable: N/A "Vulnerable code introduced in 3.8-rc1 with 3e4f574857eebce60bb56d7524f3f9eaa2a126d0"
sid: released (4.6.1-1)
-3.16-jessie-security: needed
+3.16-jessie-security: released (3.16.36-1+deb8u1)
3.2-wheezy-security: N/A "Vulnerable code not present"
Modified: active/CVE-2016-6480
===================================================================
--- active/CVE-2016-6480 2016-11-10 07:42:18 UTC (rev 4697)
+++ active/CVE-2016-6480 2016-11-11 03:01:00 UTC (rev 4698)
@@ -6,8 +6,8 @@
Notes:
Bugs:
upstream: released (4.8-rc3) [fa00c437eef8dc2e7b25f8cd868cfa405fcc2bb3]
-3.16-upstream-stable: needed
-3.2-upstream-stable: needed
+3.16-upstream-stable: pending (3.16.39) [aacraid-check-size-values-after-double-fetch-from-user.patch]
+3.2-upstream-stable: pending (3.2.84) [aacraid-check-size-values-after-double-fetch-from-user.patch]
sid: released (4.7.2-1) [bugfix/all/aacraid-check-size-values-after-double-fetch-from-us.patch]
3.16-jessie-security: released (3.16.36-1+deb8u1) [bugfix/all/aacraid-Check-size-values-after-double-fetch-from-us.patch]
3.2-wheezy-security: released (3.2.81-2) [bugfix/all/aacraid-check-size-values-after-double-fetch-from-us.patch]
Modified: active/CVE-2016-6828
===================================================================
--- active/CVE-2016-6828 2016-11-10 07:42:18 UTC (rev 4697)
+++ active/CVE-2016-6828 2016-11-11 03:01:00 UTC (rev 4698)
@@ -5,8 +5,8 @@
Notes:
Bugs:
upstream: released (4.8-rc5) [bb1fceca22492109be12640d49f5ea5a544c6bb4]
-3.16-upstream-stable: needed
-3.2-upstream-stable: needed
+3.16-upstream-stable: pending (3.16.39) [tcp-fix-use-after-free-in-tcp_xmit_retransmit_queue.patch]
+3.2-upstream-stable: pending (3.2.84) [tcp-fix-use-after-free-in-tcp_xmit_retransmit_queue.patch]
sid: released (4.7.2-1) [bugfix/all/tcp-fix-use-after-free-in-tcp_xmit_retransmit_queue.patch]
3.16-jessie-security: released (3.16.36-1+deb8u1) [bugfix/all/tcp-fix-use-after-free-in-tcp_xmit_retransmit_queue.patch]
3.2-wheezy-security: released (3.2.81-2) [bugfix/all/tcp-fix-use-after-free-in-tcp_xmit_retransmit_queue.patch]
More information about the kernel-sec-discuss
mailing list