[kernel-sec-discuss] r4700 - active

Ben Hutchings benh at moszumanska.debian.org
Fri Nov 11 07:23:09 UTC 2016 

Author: benh
Date: 2016-11-11 07:23:09 +0000 (Fri, 11 Nov 2016)
New Revision: 4700

Modified:
   active/CVE-2015-1350
   active/CVE-2015-8955
   active/CVE-2015-8956
   active/CVE-2016-7042
   active/CVE-2016-7097
   active/CVE-2016-7425
   active/CVE-2016-8633
   active/CVE-2016-8658
   active/CVE-2016-9083
   active/CVE-2016-9084
Log:
Mark fixes pending in 3.{2,16}-upstream-security

Modified: active/CVE-2015-1350
===================================================================
--- active/CVE-2015-1350	2016-11-11 03:01:31 UTC (rev 4699)
+++ active/CVE-2015-1350	2016-11-11 07:23:09 UTC (rev 4700)
@@ -12,5 +12,5 @@
 sid: needed
 3.16-jessie-security: needed
 3.2-wheezy-security: needed
-3.16-upstream-stable: needed
-3.2-upstream-stable: needed
+3.16-upstream-stable: pending (3.16.39) [fs-give-dentry-to-inode_change_ok-instead-of-inode.patch, fs-avoid-premature-clearing-of-capabilities.patch]
+3.2-upstream-stable: pending (3.2.84) [fs-give-dentry-to-inode_change_ok-instead-of-inode.patch, fs-avoid-premature-clearing-of-capabilities.patch]

Modified: active/CVE-2015-8955
===================================================================
--- active/CVE-2015-8955	2016-11-11 03:01:31 UTC (rev 4699)
+++ active/CVE-2015-8955	2016-11-11 07:23:09 UTC (rev 4700)
@@ -4,7 +4,7 @@
  bwh> Minor issue for Debian since we restrict access to perf_event by default
 Bugs:
 upstream: released (4.1-rc1) [8fff105e13041e49b82f92eef034f363a6b1c071]
-3.16-upstream-stable: needed
+3.16-upstream-stable: pending (3.16.39) [arm64-perf-reject-groups-spanning-multiple-hw-pmus.patch]
 3.2-upstream-stable: N/A "Vulnerable architecture not present"
 sid: released (4.1.3-1)
 3.16-jessie-security: needed

Modified: active/CVE-2015-8956
===================================================================
--- active/CVE-2015-8956	2016-11-11 03:01:31 UTC (rev 4699)
+++ active/CVE-2015-8956	2016-11-11 07:23:09 UTC (rev 4700)
@@ -5,8 +5,8 @@
  bwh> logging statement which is disabled by default.
 Bugs:
 upstream: released (4.2-rc1) [951b6a0717db97ce420547222647bcc40bf1eacd]
-3.16-upstream-stable: needed
-3.2-upstream-stable: needed
+3.16-upstream-stable: pending (3.16.39) [bluetooth-fix-potential-null-dereference-in-rfcomm-bind-callback.patch]
+3.2-upstream-stable: pending (3.2.84) [bluetooth-fix-potential-null-dereference-in-rfcomm-bind-callback.patch]
 sid: released (4.2.1-1)
 3.16-jessie-security: released (3.16.36-1+deb8u2) [bugfix/all/bluetooth-fix-potential-null-dereference-in-rfcomm-b.patch]
 3.2-wheezy-security: released (3.2.82-1) [bugfix/all/bluetooth-fix-potential-null-dereference-in-rfcomm-b.patch]

Modified: active/CVE-2016-7042
===================================================================
--- active/CVE-2016-7042	2016-11-11 03:01:31 UTC (rev 4699)
+++ active/CVE-2016-7042	2016-11-11 07:23:09 UTC (rev 4700)
@@ -5,8 +5,8 @@
 Notes:
 Bugs:
 upstream: released (4.9-rc3) [03dab869b7b239c4e013ec82aea22e181e441cfc]
-3.16-upstream-stable: needed
-3.2-upstream-stable: needed
+3.16-upstream-stable: pending (3.16.39) [keys-fix-short-sprintf-buffer-in-proc-keys-show-function.patch]
+3.2-upstream-stable: pending (3.2.84) [keys-fix-short-sprintf-buffer-in-proc-keys-show-function.patch]
 sid: released (4.7.8-1) [bugfix/all/KEYS-Fix-short-sprintf-buffer-in-proc-keys-show-func.patch]
 3.16-jessie-security: released (3.16.36-1+deb8u2) [bugfix/all/KEYS-Fix-short-sprintf-buffer-in-proc-keys-show-func.patch]
 3.2-wheezy-security: released (3.2.82-1) [bugfix/all/keys-fix-short-sprintf-buffer-in-proc-keys-show-func.patch]

Modified: active/CVE-2016-7097
===================================================================
--- active/CVE-2016-7097	2016-11-11 03:01:31 UTC (rev 4699)
+++ active/CVE-2016-7097	2016-11-11 07:23:09 UTC (rev 4700)
@@ -6,7 +6,7 @@
 Notes:
 Bugs:
 upstream: released (4.9-rc1) [073931017b49d9458aa351605b43a7e34598caef]
-3.16-upstream-stable: needed
+3.16-upstream-stable: pending (3.16.39) [posix_acl-clear-sgid-bit-when-setting-file-permissions.patch]
 3.2-upstream-stable: needed
 sid: released (4.7.8-1) [bugfix/all/posix_acl-clear-sgid-bit-when-setting-file-permissio.patch]
 3.16-jessie-security: needed

Modified: active/CVE-2016-7425
===================================================================
--- active/CVE-2016-7425	2016-11-11 03:01:31 UTC (rev 4699)
+++ active/CVE-2016-7425	2016-11-11 07:23:09 UTC (rev 4700)
@@ -5,8 +5,8 @@
 Notes:
 Bugs:
 upstream: released (4.9-rc1) [7bc2b55a5c030685b399bb65b6baa9ccc3d1f167]
-3.16-upstream-stable: needed
-3.2-upstream-stable: needed
+3.16-upstream-stable: pending (3.16.39) [scsi-arcmsr-buffer-overflow-in-arcmsr_iop_message_xfer.patch]
+3.2-upstream-stable: pending (3.2.84) [scsi-arcmsr-buffer-overflow-in-arcmsr_iop_message_xfer.patch]
 sid: released (4.7.8-1) [bugfix/all/scsi-arcmsr-buffer-overflow-in-arcmsr_iop_message_xf.patch]
 3.16-jessie-security: released (3.16.36-1+deb8u2) [bugfix/all/scsi-arcmsr-Buffer-overflow-in-arcmsr_iop_message_xf.patch]
 3.2-wheezy-security: released (3.2.82-1) [bugfix/all/scsi-arcmsr-buffer-overflow-in-arcmsr_iop_message_xf.patch]

Modified: active/CVE-2016-8633
===================================================================
--- active/CVE-2016-8633	2016-11-11 03:01:31 UTC (rev 4699)
+++ active/CVE-2016-8633	2016-11-11 07:23:09 UTC (rev 4700)
@@ -4,8 +4,8 @@
 Notes:
 Bugs:
 upstream: released (4.9-rc4) [667121ace9dbafb368618dbabcf07901c962ddac]
-3.16-upstream-stable: needed
-3.2-upstream-stable: needed
+3.16-upstream-stable: pending (3.16.39) [firewire-net-guard-against-rx-buffer-overflows.patch]
+3.2-upstream-stable: pending (3.2.84) [firewire-net-guard-against-rx-buffer-overflows.patch]
 sid: needed
 3.16-jessie-security: needed
 3.2-wheezy-security: needed

Modified: active/CVE-2016-8658
===================================================================
--- active/CVE-2016-8658	2016-11-11 03:01:31 UTC (rev 4699)
+++ active/CVE-2016-8658	2016-11-11 07:23:09 UTC (rev 4700)
@@ -8,7 +8,7 @@
  bwh> drivers/net/wireless/broadcom/brcm80211/brcmfmac/cfg80211.c
 Bugs:
 upstream: released (v4.8-rc8) [ded89912156b1a47d940a0c954c43afbabd0c42c]
-3.16-upstream-stable: needed
+3.16-upstream-stable: pending (3.16.39) [brcmfmac-avoid-potential-stack-overflow-in-brcmf_cfg80211_start_ap.patch]
 3.2-upstream-stable: N/A "Vulnerable code not present"
 sid: released (4.7.5-1)
 3.16-jessie-security: needed

Modified: active/CVE-2016-9083
===================================================================
--- active/CVE-2016-9083	2016-11-11 03:01:31 UTC (rev 4699)
+++ active/CVE-2016-9083	2016-11-11 07:23:09 UTC (rev 4700)
@@ -4,7 +4,7 @@
  https://patchwork.kernel.org/patch/9373631/
 Bugs:
 upstream: released (4.9-rc4) [05692d7005a364add85c6e25a6c4447ce08f913a]
-3.16-upstream-stable: needed
+3.16-upstream-stable: pending (3.16.39) [vfio-pci-fix-integer-overflows-bitmask-check.patch]
 3.2-upstream-stable: N/A "Vulnerable code not present"
 sid: needed
 3.16-jessie-security: needed

Modified: active/CVE-2016-9084
===================================================================
--- active/CVE-2016-9084	2016-11-11 03:01:31 UTC (rev 4699)
+++ active/CVE-2016-9084	2016-11-11 07:23:09 UTC (rev 4700)
@@ -4,7 +4,7 @@
  https://patchwork.kernel.org/patch/9373631/
 Bugs:
 upstream: released (4.9-rc4) [05692d7005a364add85c6e25a6c4447ce08f913a]
-3.16-upstream-stable: needed
+3.16-upstream-stable: pending (3.16.39) [vfio-pci-fix-integer-overflows-bitmask-check.patch]
 3.2-upstream-stable: N/A "Vulnerable code not present"
 sid: needed
 3.16-jessie-security: needed

More information about the kernel-sec-discuss mailing list