[kernel-sec-discuss] r4639 - active
Ben Hutchings
benh at moszumanska.debian.org
Tue Oct 11 23:03:45 UTC 2016
Author: benh
Date: 2016-10-11 23:03:38 +0000 (Tue, 11 Oct 2016)
New Revision: 4639
Modified:
active/CVE-2016-3699
active/CVE-2016-6213
active/CVE-2016-7097
active/CVE-2016-7425
active/CVE-2016-8601
Log:
Update status of various issues
Modified: active/CVE-2016-3699
===================================================================
--- active/CVE-2016-3699 2016-10-11 19:00:41 UTC (rev 4638)
+++ active/CVE-2016-3699 2016-10-11 23:03:38 UTC (rev 4639)
@@ -6,6 +6,6 @@
upstream: N/A "Vulnerable code introduced by securelevel patchset"
3.16-upstream-stable: N/A "Vulnerable code introduced by securelevel patchset"
3.2-upstream-stable: N/A "Vulnerable code introduced by securelevel patchset"
-sid: needed
+sid: N/A "Fixed before we first included the securelevel patchset"
3.16-jessie-security: N/A "Vulnerable code not present"
3.2-wheezy-security: N/A "Vulnerable code not present"
Modified: active/CVE-2016-6213
===================================================================
--- active/CVE-2016-6213 2016-10-11 19:00:41 UTC (rev 4638)
+++ active/CVE-2016-6213 2016-10-11 23:03:38 UTC (rev 4639)
@@ -7,8 +7,8 @@
carnil> particular beeing assinged to src:linux
Bugs:
upstream: pending [d29216842a85c7970c536108e093963f02714498]
-3.16-upstream-stable:
-3.2-upstream-stable:
-sid:
-3.16-jessie-security:
-3.2-wheezy-security:
+3.16-upstream-stable: needed
+3.2-upstream-stable: N/A "Unprivileged users cannot manipulate mounts"
+sid: needed
+3.16-jessie-security: needed
+3.2-wheezy-security: N/A "Unprivileged users cannot manipulate mounts"
Modified: active/CVE-2016-7097
===================================================================
--- active/CVE-2016-7097 2016-10-11 19:00:41 UTC (rev 4638)
+++ active/CVE-2016-7097 2016-10-11 23:03:38 UTC (rev 4639)
@@ -6,8 +6,8 @@
Notes:
Bugs:
upstream: pending [073931017b49d9458aa351605b43a7e34598caef]
-3.16-upstream-stable:
-3.2-upstream-stable:
+3.16-upstream-stable: needed
+3.2-upstream-stable: needed
sid: needed
-3.16-jessie-security:
-3.2-wheezy-security:
+3.16-jessie-security: needed
+3.2-wheezy-security: needed
Modified: active/CVE-2016-7425
===================================================================
--- active/CVE-2016-7425 2016-10-11 19:00:41 UTC (rev 4638)
+++ active/CVE-2016-7425 2016-10-11 23:03:38 UTC (rev 4639)
@@ -4,9 +4,9 @@
http://marc.info/?l=linux-scsi&m=147394796228991&w=2
Notes:
Bugs:
-upstream:
-3.16-upstream-stable:
-3.2-upstream-stable:
-sid:
-3.16-jessie-security:
-3.2-wheezy-security:
+upstream: pending [7bc2b55a5c030685b399bb65b6baa9ccc3d1f167]
+3.16-upstream-stable: needed
+3.2-upstream-stable: needed
+sid: needed
+3.16-jessie-security: needed
+3.2-wheezy-security: needed
Modified: active/CVE-2016-8601
===================================================================
--- active/CVE-2016-8601 2016-10-11 19:00:41 UTC (rev 4638)
+++ active/CVE-2016-8601 2016-10-11 23:03:38 UTC (rev 4639)
@@ -2,10 +2,11 @@
References:
https://gist.github.com/marcograss/40850adb3c599ac38e0beac31617d56b
Notes:
+ bwh> Introduced by commits 241699cd72a8, 82c156f85384, 523ac9afc73a
Bugs:
-upstream:
-3.16-upstream-stable:
-3.2-upstream-stable:
-sid:
-3.16-jessie-security:
-3.2-wheezy-security:
+upstream: pending [1689c73a739d094b544c680b0dfdebe52ffee8fb]
+3.16-upstream-stable: N/A "Vulnerable code is not present"
+3.2-upstream-stable: N/A "Vulnerable code is not present"
+sid: N/A "Vulnerable code is not present"
+3.16-jessie-security: N/A "Vulnerable code is not present"
+3.2-wheezy-security: N/A "Vulnerable code is not present"
More information about the kernel-sec-discuss
mailing list