[kernel-sec-discuss] r5223 - active

Salvatore Bonaccorso carnil at moszumanska.debian.org
Tue Apr 25 11:03:40 UTC 2017 

Author: carnil
Date: 2017-04-25 11:03:40 +0000 (Tue, 25 Apr 2017)
New Revision: 5223

Removed:
   active/CVE-2017-macsec-avoid-heap-overflow-in-skb_to_sgvec
Modified:
   active/CVE-2017-7477
Log:
Merge files for CVE-2017-7477, remove un-cveified

Modified: active/CVE-2017-7477
===================================================================
--- active/CVE-2017-7477	2017-04-25 10:37:29 UTC (rev 5222)
+++ active/CVE-2017-7477	2017-04-25 11:03:40 UTC (rev 5223)
@@ -1,14 +1,14 @@
 Description: net: Heap overflow in skb_to_sgvec in macsec.c
 References:
- http://www.openwall.com/lists/oss-security/2017/04/25/4
- https://git.kernel.org/pub/scm/linux/kernel/git/davem/net.git/commit/?id=4d6fa57b4dab0d77f4d8e9d9c73d1e63f6fe8fee
- https://bugzilla.redhat.com/show_bug.cgi?id=1445207
+ http://www.openwall.com/lists/oss-security/2017/04/24/5
 Notes:
+ carnil> Fixed in https://git.kernel.org/pub/scm/linux/kernel/git/davem/net.git/commit/?id=4d6fa57b4dab0d77f4d8e9d9c73d1e63f6fe8fee
+ carnil> but not yet in Linus' tree.
 Bugs:
 upstream: needed
 4.9-upstream-stable: needed
-3.16-upstream-stable: N/A  "Introduced in 4.6"
-3.2-upstream-stable: N/A "Introduced in 4.6"
+3.16-upstream-stable: N/A  "Introduced in 4.6-rc1"
+3.2-upstream-stable: N/A "Introduced in 4.6-rc1"
 sid: needed
-3.16-jessie-security: N/A  "Introduced in 4.6"
-3.2-wheezy-security: N/A  "Introduced in 4.6"
+3.16-jessie-security: N/A  "Introduced in 4.6-rc1"
+3.2-wheezy-security: N/A  "Introduced in 4.6-rc1"

Deleted: active/CVE-2017-macsec-avoid-heap-overflow-in-skb_to_sgvec
===================================================================
--- active/CVE-2017-macsec-avoid-heap-overflow-in-skb_to_sgvec	2017-04-25 10:37:29 UTC (rev 5222)
+++ active/CVE-2017-macsec-avoid-heap-overflow-in-skb_to_sgvec	2017-04-25 11:03:40 UTC (rev 5223)
@@ -1,14 +0,0 @@
-Description: macsec: avoid heap overflow in skb_to_sgvec
-References:
- http://www.openwall.com/lists/oss-security/2017/04/24/5
-Notes:
- carnil> Fixed in https://git.kernel.org/pub/scm/linux/kernel/git/davem/net.git/commit/?id=4d6fa57b4dab0d77f4d8e9d9c73d1e63f6fe8fee
- carnil> but not yet in Linus' tree.
-Bugs:
-upstream:
-4.9-upstream-stable:
-3.16-upstream-stable:
-3.2-upstream-stable:
-sid:
-3.16-jessie-security:
-3.2-wheezy-security:

More information about the kernel-sec-discuss mailing list