[kernel-sec-discuss] r5177 - active
Ben Hutchings
benh at moszumanska.debian.org
Wed Apr 19 18:04:45 UTC 2017
Author: benh
Date: 2017-04-19 18:04:45 +0000 (Wed, 19 Apr 2017)
New Revision: 5177
Modified:
active/CVE-2016-10044
active/CVE-2016-10200
active/CVE-2016-10208
active/CVE-2016-6213
active/CVE-2017-2596
active/CVE-2017-5967
active/CVE-2017-5970
active/CVE-2017-6353
Log:
Mark issues pending for jessie via point release instead of security update
Modified: active/CVE-2016-10044
===================================================================
--- active/CVE-2016-10044 2017-04-19 18:03:15 UTC (rev 5176)
+++ active/CVE-2016-10044 2017-04-19 18:04:45 UTC (rev 5177)
@@ -18,5 +18,5 @@
3.16-upstream-stable: released (3.16.43) [aio-mark-aio-pseudo-fs-noexec.patch]
3.2-upstream-stable: ignored "changes required are too invasive"
sid: released (4.7.8-1)
-3.16-jessie-security: pending (3.16.39-1+deb8u3) [bugfix/all/aio-mark-aio-pseudo-fs-noexec.patch]
+3.16-jessie-security: pending (3.16.43-1) [bugfix/all/aio-mark-aio-pseudo-fs-noexec.patch]
3.2-wheezy-security: ignored "changes required are too invasive"
Modified: active/CVE-2016-10200
===================================================================
--- active/CVE-2016-10200 2017-04-19 18:03:15 UTC (rev 5176)
+++ active/CVE-2016-10200 2017-04-19 18:04:45 UTC (rev 5177)
@@ -7,5 +7,5 @@
3.16-upstream-stable: released (3.16.40) [7c3ad0d86f80618c00a5d6a267080238185038f6]
3.2-upstream-stable: released (3.2.88) [2147a17048314f069838aace1d08b8c719448b50]
sid: released (4.8.15-1)
-3.16-jessie-security: pending (3.16.39-1+deb8u3) [bugfix/all/l2tp-fix-racy-sock_zapped-flag-check-in-l2tp_ip-6-_b.patch]
+3.16-jessie-security: pending (3.16.43-1) [bugfix/all/l2tp-fix-racy-sock_zapped-flag-check-in-l2tp_ip-6-_b.patch]
3.2-wheezy-security: pending (3.2.86-2) [bugfix/all/l2tp-fix-racy-sock_zapped-flag-check-in-l2tp_ip-6-_b.patch]
Modified: active/CVE-2016-10208
===================================================================
--- active/CVE-2016-10208 2017-04-19 18:03:15 UTC (rev 5176)
+++ active/CVE-2016-10208 2017-04-19 18:04:45 UTC (rev 5177)
@@ -12,5 +12,5 @@
3.16-upstream-stable: released (3.16.41) [cde863587b6809fdf61ea3c5391ecf06884b5516]
3.2-upstream-stable: N/A "Introduced in 3.6-rc1 with 952fc18ef9ec707ebdc16c0786ec360295e5ff15"
sid: released (4.9.10-1)
-3.16-jessie-security: pending (3.16.39-1+deb8u3) [bugfix/all/ext4-validate-s_first_meta_bg-at-mount-time.patch]
+3.16-jessie-security: pending (3.16.43-1) [bugfix/all/ext4-validate-s_first_meta_bg-at-mount-time.patch]
3.2-wheezy-security: N/A "Introduced in 3.6-rc1 with 952fc18ef9ec707ebdc16c0786ec360295e5ff15"
Modified: active/CVE-2016-6213
===================================================================
--- active/CVE-2016-6213 2017-04-19 18:03:15 UTC (rev 5176)
+++ active/CVE-2016-6213 2017-04-19 18:04:45 UTC (rev 5177)
@@ -11,5 +11,5 @@
3.16-upstream-stable: released (3.16.41) [b71f455440fd7ed03f088580b3a117352fc815dd]
3.2-upstream-stable: N/A "Unprivileged users cannot manipulate mounts"
sid: released (4.8.11-1) [bugfix/all/mnt-Add-a-per-mount-namespace-limit-on-the-number-of.patch]
-3.16-jessie-security: pending (3.16.39-1+deb8u3) [bugfix/all/mnt-add-a-per-mount-namespace-limit-on-the-number-of.patch]
+3.16-jessie-security: pending (3.16.43-1) [bugfix/all/mnt-add-a-per-mount-namespace-limit-on-the-number-of.patch]
3.2-wheezy-security: N/A "Unprivileged users cannot manipulate mounts"
Modified: active/CVE-2017-2596
===================================================================
--- active/CVE-2017-2596 2017-04-19 18:03:15 UTC (rev 5176)
+++ active/CVE-2017-2596 2017-04-19 18:04:45 UTC (rev 5177)
@@ -11,5 +11,5 @@
3.16-upstream-stable: released (3.16.42) [591fc80b6369a886a1d21cacf11f91b455781df3]
3.2-upstream-stable: N/A "Vulnerable code not present"
sid: released (4.9.13-1) [bugfix/x86/kvm-fix-page-struct-leak-in-handle_vmon.patch]
-3.16-jessie-security: released (3.16.39-1+deb8u1) [bugfix/x86/kvm-fix-page-struct-leak-in-handle_vmon.patch]
+3.16-jessie-security: released (3.16.43-1) [bugfix/x86/kvm-fix-page-struct-leak-in-handle_vmon.patch]
3.2-wheezy-security: N/A "Vulnerable code not present"
Modified: active/CVE-2017-5967
===================================================================
--- active/CVE-2017-5967 2017-04-19 18:03:15 UTC (rev 5176)
+++ active/CVE-2017-5967 2017-04-19 18:04:45 UTC (rev 5177)
@@ -13,5 +13,5 @@
3.16-upstream-stable: ignored "Upstream fix is not suitable for backporting"
3.2-upstream-stable: ignored "Upstream fix is not suitable for backporting"
sid: released (4.9.13-1) [debian/time-mark-timer_stats-as-broken.patch]
-3.16-jessie-security: pending (3.16.39-1+deb8u3) [bugfix/all/timer-restrict-timer_stats-to-initial-pid-namespace.patch]
+3.16-jessie-security: pending (3.16.43-1) [bugfix/all/timer-restrict-timer_stats-to-initial-pid-namespace.patch]
3.2-wheezy-security: pending (3.2.86-2) [bugfix/all/timer-restrict-timer_stats-to-initial-pid-namespace.patch]
Modified: active/CVE-2017-5970
===================================================================
--- active/CVE-2017-5970 2017-04-19 18:03:15 UTC (rev 5176)
+++ active/CVE-2017-5970 2017-04-19 18:04:45 UTC (rev 5177)
@@ -11,5 +11,5 @@
3.16-upstream-stable: released (3.16.41) [ipv4-keep-skb-dst-around-in-presence-of-ip-options.patch]
3.2-upstream-stable: released (3.2.88) [ipv4-keep-skb-dst-around-in-presence-of-ip-options.patch]
sid: released (4.9.10-1) [bugfix/all/ipv4-keep-skb-dst-around-in-presence-of-IP-options.patch]
-3.16-jessie-security: released (3.16.39-1+deb8u1) [bugfix/all/ipv4-keep-skb-dst-around-in-presence-of-ip-options.patch]
+3.16-jessie-security: released (3.16.43-1) [bugfix/all/ipv4-keep-skb-dst-around-in-presence-of-ip-options.patch]
3.2-wheezy-security: needed
Modified: active/CVE-2017-6353
===================================================================
--- active/CVE-2017-6353 2017-04-19 18:03:15 UTC (rev 5176)
+++ active/CVE-2017-6353 2017-04-19 18:04:45 UTC (rev 5177)
@@ -13,5 +13,5 @@
3.16-upstream-stable: released (3.16.42) [sctp-deny-peeloff-operation-on-asocs-with-threads-sleeping-on-it.patch]
3.2-upstream-stable: released (3.2.87) [sctp-deny-peeloff-operation-on-asocs-with-threads-sleeping-on-it.patch]
sid: released (4.9.13-1) [bugfix/all/sctp-deny-peeloff-operation-on-asocs-with-threads-sl.patch]
-3.16-jessie-security: released (3.16.39-1+deb8u2) [bugfix/all/sctp-deny-peeloff-operation-on-asocs-with-threads-sl.patch]
+3.16-jessie-security: released (3.16.43-1) [bugfix/all/sctp-deny-peeloff-operation-on-asocs-with-threads-sl.patch]
3.2-wheezy-security: released (3.2.86-1) [bugfix/all/sctp-deny-peeloff-operation-on-asocs-with-threads-sleeping-on-it.patch]
More information about the kernel-sec-discuss
mailing list