[kernel-sec-discuss] r5238 - active

Ben Hutchings benh at moszumanska.debian.org
Fri Apr 28 00:13:39 UTC 2017 

Author: benh
Date: 2017-04-28 00:13:39 +0000 (Fri, 28 Apr 2017)
New Revision: 5238

Modified:
   active/CVE-2016-10200
   active/CVE-2016-2188
   active/CVE-2016-9604
   active/CVE-2017-2647
   active/CVE-2017-2671
   active/CVE-2017-5967
   active/CVE-2017-5970
   active/CVE-2017-6951
   active/CVE-2017-7184
   active/CVE-2017-7261
   active/CVE-2017-7273
   active/CVE-2017-7294
   active/CVE-2017-7308
   active/CVE-2017-7472
   active/CVE-2017-7616
   active/CVE-2017-7618
Log:
Mark 3.2.88-1 as released

Modified: active/CVE-2016-10200
===================================================================
--- active/CVE-2016-10200	2017-04-27 20:03:23 UTC (rev 5237)
+++ active/CVE-2016-10200	2017-04-28 00:13:39 UTC (rev 5238)
@@ -8,4 +8,4 @@
 3.2-upstream-stable: released (3.2.88) [2147a17048314f069838aace1d08b8c719448b50]
 sid: released (4.8.15-1)
 3.16-jessie-security: pending (3.16.43-1) [bugfix/all/l2tp-fix-racy-sock_zapped-flag-check-in-l2tp_ip-6-_b.patch]
-3.2-wheezy-security: pending (3.2.88-1)
+3.2-wheezy-security: released (3.2.88-1)

Modified: active/CVE-2016-2188
===================================================================
--- active/CVE-2016-2188	2017-04-27 20:03:23 UTC (rev 5237)
+++ active/CVE-2016-2188	2017-04-28 00:13:39 UTC (rev 5238)
@@ -20,4 +20,4 @@
 3.2-upstream-stable: needed
 sid: released (4.9.16-1)
 3.16-jessie-security: pending (3.16.43-1) [bugfix/all/usb-iowarrior-fix-null-deref-at-probe.patch]
-3.2-wheezy-security: pending (3.2.88-1) [bugfix/all/usb-iowarrior-fix-null-deref-at-probe.patch]
+3.2-wheezy-security: released (3.2.88-1) [bugfix/all/usb-iowarrior-fix-null-deref-at-probe.patch]

Modified: active/CVE-2016-9604
===================================================================
--- active/CVE-2016-9604	2017-04-27 20:03:23 UTC (rev 5237)
+++ active/CVE-2016-9604	2017-04-28 00:13:39 UTC (rev 5238)
@@ -12,4 +12,4 @@
 3.2-upstream-stable: needed
 sid: pending (4.9.25-1)
 3.16-jessie-security: pending (3.16.43-1) [bugfix/all/keys-disallow-keyrings-beginning-with-.-to-be-joined.patch]
-3.2-wheezy-security: pending (3.2.88-1) [bugfix/all/keys-disallow-keyrings-beginning-with-.-to-be-joined.patch]
+3.2-wheezy-security: released (3.2.88-1) [bugfix/all/keys-disallow-keyrings-beginning-with-.-to-be-joined.patch]

Modified: active/CVE-2017-2647
===================================================================
--- active/CVE-2017-2647	2017-04-27 20:03:23 UTC (rev 5237)
+++ active/CVE-2017-2647	2017-04-28 00:13:39 UTC (rev 5238)
@@ -17,4 +17,4 @@
 3.2-upstream-stable: released (3.2.88) [e2b41f761b086da2ec43b1cfea14ca0681cd08b0]
 sid: released (4.0.2-1)
 3.16-jessie-security: pending (3.16.43-1)
-3.2-wheezy-security: pending (3.2.88-1)
+3.2-wheezy-security: released (3.2.88-1)

Modified: active/CVE-2017-2671
===================================================================
--- active/CVE-2017-2671	2017-04-27 20:03:23 UTC (rev 5237)
+++ active/CVE-2017-2671	2017-04-28 00:13:39 UTC (rev 5238)
@@ -11,4 +11,4 @@
 3.2-upstream-stable: needed
 sid: pending (4.9.25-1) [bugfix/all/ping-implement-proper-locking.patch]
 3.16-jessie-security: pending (3.16.43-1) [bugfix/all/ping-implement-proper-locking.patch]
-3.2-wheezy-security: pending (3.2.88-1) [bugfix/all/ping-implement-proper-locking.patch]
+3.2-wheezy-security: released (3.2.88-1) [bugfix/all/ping-implement-proper-locking.patch]

Modified: active/CVE-2017-5967
===================================================================
--- active/CVE-2017-5967	2017-04-27 20:03:23 UTC (rev 5237)
+++ active/CVE-2017-5967	2017-04-28 00:13:39 UTC (rev 5238)
@@ -14,4 +14,4 @@
 3.2-upstream-stable: ignored "Upstream fix is not suitable for backporting"
 sid: released (4.9.13-1) [debian/time-mark-timer_stats-as-broken.patch]
 3.16-jessie-security: pending (3.16.43-1) [bugfix/all/timer-restrict-timer_stats-to-initial-pid-namespace.patch]
-3.2-wheezy-security: pending (3.2.88-1) [bugfix/all/timer-restrict-timer_stats-to-initial-pid-namespace.patch]
+3.2-wheezy-security: released (3.2.88-1) [bugfix/all/timer-restrict-timer_stats-to-initial-pid-namespace.patch]

Modified: active/CVE-2017-5970
===================================================================
--- active/CVE-2017-5970	2017-04-27 20:03:23 UTC (rev 5237)
+++ active/CVE-2017-5970	2017-04-28 00:13:39 UTC (rev 5238)
@@ -12,4 +12,4 @@
 3.2-upstream-stable: released (3.2.88) [ipv4-keep-skb-dst-around-in-presence-of-ip-options.patch]
 sid: released (4.9.10-1) [bugfix/all/ipv4-keep-skb-dst-around-in-presence-of-IP-options.patch]
 3.16-jessie-security: released (3.16.39-1+deb8u1) [bugfix/all/ipv4-keep-skb-dst-around-in-presence-of-ip-options.patch]
-3.2-wheezy-security: pending (3.2.88-1)
+3.2-wheezy-security: released (3.2.88-1)

Modified: active/CVE-2017-6951
===================================================================
--- active/CVE-2017-6951	2017-04-27 20:03:23 UTC (rev 5237)
+++ active/CVE-2017-6951	2017-04-28 00:13:39 UTC (rev 5238)
@@ -20,4 +20,4 @@
 3.2-upstream-stable: released (3.2.88) [e2b41f761b086da2ec43b1cfea14ca0681cd08b0]
 sid: released (4.0.2-1)
 3.16-jessie-security: pending (3.16.43-1)
-3.2-wheezy-security: pending (3.2.88-1)
+3.2-wheezy-security: released (3.2.88-1)

Modified: active/CVE-2017-7184
===================================================================
--- active/CVE-2017-7184	2017-04-27 20:03:23 UTC (rev 5237)
+++ active/CVE-2017-7184	2017-04-28 00:13:39 UTC (rev 5238)
@@ -12,4 +12,4 @@
 3.2-upstream-stable: needed
 sid: released (4.9.18-1) [bugfix/all/xfrm_user-validate-xfrm_msg_newae-xfrma_replay_esn_val-replay_window.patch, bugfix/all/xfrm_user-validate-xfrm_msg_newae-incoming-esn-size-harder.patch]
 3.16-jessie-security: pending (3.16.43-1) [bugfix/all/xfrm_user-validate-xfrm_msg_newae-xfrma_replay_esn_val-replay_window.patch, bugfix/all/xfrm_user-validate-xfrm_msg_newae-incoming-esn-size-harder.patch]
-3.2-wheezy-security: pending (3.2.88-1) [bugfix/all/xfrm_user-validate-xfrm_msg_newae-xfrma_replay_esn_val-replay_window.patch, bugfix/all/xfrm_user-validate-xfrm_msg_newae-incoming-esn-size-harder.patch]
+3.2-wheezy-security: released (3.2.88-1) [bugfix/all/xfrm_user-validate-xfrm_msg_newae-xfrma_replay_esn_val-replay_window.patch, bugfix/all/xfrm_user-validate-xfrm_msg_newae-incoming-esn-size-harder.patch]

Modified: active/CVE-2017-7261
===================================================================
--- active/CVE-2017-7261	2017-04-27 20:03:23 UTC (rev 5237)
+++ active/CVE-2017-7261	2017-04-28 00:13:39 UTC (rev 5238)
@@ -16,4 +16,4 @@
 3.2-upstream-stable: needed
 sid: released (4.9.18-1) [bugfix/x86/vmwgfx-null-pointer-dereference-in-vmw_surface_define_ioctl.patch]
 3.16-jessie-security: pending (3.16.43-1) [bugfix/x86/vmwgfx-null-pointer-dereference-in-vmw_surface_define_ioctl.patch]
-3.2-wheezy-security: pending (3.2.88-1) [bugfix/x86/vmwgfx-null-pointer-dereference-in-vmw_surface_define_ioctl.patch]
+3.2-wheezy-security: released (3.2.88-1) [bugfix/x86/vmwgfx-null-pointer-dereference-in-vmw_surface_define_ioctl.patch]

Modified: active/CVE-2017-7273
===================================================================
--- active/CVE-2017-7273	2017-04-27 20:03:23 UTC (rev 5237)
+++ active/CVE-2017-7273	2017-04-28 00:13:39 UTC (rev 5238)
@@ -8,4 +8,4 @@
 3.2-upstream-stable: released (3.2.87) [4faec4a2ef5dd481682cc155cb9ea14ba2534b76]
 sid: released (4.9.6-1)
 3.16-jessie-security: pending (3.16.43-1)
-3.2-wheezy-security: pending (3.2.88-1)
+3.2-wheezy-security: released (3.2.88-1)

Modified: active/CVE-2017-7294
===================================================================
--- active/CVE-2017-7294	2017-04-27 20:03:23 UTC (rev 5237)
+++ active/CVE-2017-7294	2017-04-28 00:13:39 UTC (rev 5238)
@@ -10,4 +10,4 @@
 3.2-upstream-stable: needed
 sid: released (4.9.18-1) [bugfix/x86/drm-vmwgfx-fix-integer-overflow-in-vmw_surface_define_ioctl.patch]
 3.16-jessie-security: pending (3.16.43-1) [bugfix/x86/drm-vmwgfx-fix-integer-overflow-in-vmw_surface_define_ioctl.patch]
-3.2-wheezy-security: pending (3.2.88-1) [bugfix/x86/drm-vmwgfx-fix-integer-overflow-in-vmw_surface_define_ioctl.patch]
+3.2-wheezy-security: released (3.2.88-1) [bugfix/x86/drm-vmwgfx-fix-integer-overflow-in-vmw_surface_define_ioctl.patch]

Modified: active/CVE-2017-7308
===================================================================
--- active/CVE-2017-7308	2017-04-27 20:03:23 UTC (rev 5237)
+++ active/CVE-2017-7308	2017-04-28 00:13:39 UTC (rev 5238)
@@ -15,4 +15,4 @@
 3.2-upstream-stable: needed
 sid: released (4.9.18-1) [bugfix/all/net-packet-fix-overflow-in-check-for-priv-area-size.patch, bugfix/all/net-packet-fix-overflow-in-check-for-tp_frame_nr.patch, bugfix/all/net-packet-fix-overflow-in-check-for-tp_reserve.patch]
 3.16-jessie-security: pending (3.16.43-1) [bugfix/all/net-packet-fix-overflow-in-check-for-priv-area-size.patch, bugfix/all/net-packet-fix-overflow-in-check-for-tp_frame_nr.patch, bugfix/all/net-packet-fix-overflow-in-check-for-tp_reserve.patch]
-3.2-wheezy-security: pending (3.2.88-1) [bugfix/all/net-packet-fix-overflow-in-check-for-priv-area-size.patch, bugfix/all/net-packet-fix-overflow-in-check-for-tp_frame_nr.patch, bugfix/all/net-packet-fix-overflow-in-check-for-tp_reserve.patch]
+3.2-wheezy-security: released (3.2.88-1) [bugfix/all/net-packet-fix-overflow-in-check-for-priv-area-size.patch, bugfix/all/net-packet-fix-overflow-in-check-for-tp_frame_nr.patch, bugfix/all/net-packet-fix-overflow-in-check-for-tp_reserve.patch]

Modified: active/CVE-2017-7472
===================================================================
--- active/CVE-2017-7472	2017-04-27 20:03:23 UTC (rev 5237)
+++ active/CVE-2017-7472	2017-04-28 00:13:39 UTC (rev 5238)
@@ -13,4 +13,4 @@
 3.2-upstream-stable: needed
 sid: pending (4.9.25-1)
 3.16-jessie-security: pending (3.16.43-1) [bugfix/all/keys-fix-keyctl_set_reqkey_keyring-to-not-leak-threa.patch]
-3.2-wheezy-security: pending (3.2.88-1) [bugfix/all/keys-fix-keyctl_set_reqkey_keyring-to-not-leak-threa.patch]
+3.2-wheezy-security: released (3.2.88-1) [bugfix/all/keys-fix-keyctl_set_reqkey_keyring-to-not-leak-threa.patch]

Modified: active/CVE-2017-7616
===================================================================
--- active/CVE-2017-7616	2017-04-27 20:03:23 UTC (rev 5237)
+++ active/CVE-2017-7616	2017-04-28 00:13:39 UTC (rev 5238)
@@ -9,4 +9,4 @@
 3.2-upstream-stable: needed
 sid: pending (4.9.25-1)
 3.16-jessie-security: pending (3.16.43-1) [bugfix/all/mm-mempolicy.c-fix-error-handling-in-set_mempolicy-a.patch]
-3.2-wheezy-security: pending (3.2.88-1) [bugfix/all/mm-mempolicy.c-fix-error-handling-in-set_mempolicy-a.patch]
+3.2-wheezy-security: released (3.2.88-1) [bugfix/all/mm-mempolicy.c-fix-error-handling-in-set_mempolicy-a.patch]

Modified: active/CVE-2017-7618
===================================================================
--- active/CVE-2017-7618	2017-04-27 20:03:23 UTC (rev 5237)
+++ active/CVE-2017-7618	2017-04-28 00:13:39 UTC (rev 5238)
@@ -14,4 +14,4 @@
 3.2-upstream-stable: needed
 sid: pending (4.9.25-1)
 3.16-jessie-security: pending (3.16.43-1) [bugfix/all/crypto-ahash-fix-einprogress-notification-callback.patch]
-3.2-wheezy-security: pending (3.2.88-1) [bugfix/all/crypto-ahash-fix-einprogress-notification-callback.patch]
+3.2-wheezy-security: released (3.2.88-1) [bugfix/all/crypto-ahash-fix-einprogress-notification-callback.patch]

More information about the kernel-sec-discuss mailing list