[kernel-sec-discuss] r5449 - active

Salvatore Bonaccorso carnil at moszumanska.debian.org
Thu Aug 3 19:07:10 UTC 2017


Author: carnil
Date: 2017-08-03 19:07:09 +0000 (Thu, 03 Aug 2017)
New Revision: 5449

Modified:
   active/CVE-2017-7533
   active/CVE-2017-7542
   active/CVE-2017-8831
Log:
Mark three CVEs as pending for sid

This is not the standard way to track those. Currently the patches are
applied in the master branch of the packaging repository, whereas sid is
in 'sid' branch. Hopefully though this version can go to unstable
without turnaround via experimental.

Modified: active/CVE-2017-7533
===================================================================
--- active/CVE-2017-7533	2017-08-03 17:32:23 UTC (rev 5448)
+++ active/CVE-2017-7533	2017-08-03 19:07:09 UTC (rev 5449)
@@ -11,7 +11,7 @@
 4.9-upstream-stable: needed
 3.16-upstream-stable: needed
 3.2-upstream-stable: N/A "Vulnerable code introduced in (3.14-rc1) [7053aee26a3548ebaba046ae2e52396ccf56ac6c]"
-sid: needed
+sid: pending (4.12.3-1) [bugfix/all/dentry-name-snapshots.patch]
 4.9-stretch-security: pending (4.9.30-2+deb9u3) [bugfix/all/dentry-name-snapshots.patch]
 3.16-jessie-security: needed
 3.2-wheezy-security: N/A "Vulnerable code not present"

Modified: active/CVE-2017-7542
===================================================================
--- active/CVE-2017-7542	2017-08-03 17:32:23 UTC (rev 5448)
+++ active/CVE-2017-7542	2017-08-03 19:07:09 UTC (rev 5449)
@@ -6,7 +6,7 @@
 4.9-upstream-stable: needed
 3.16-upstream-stable: needed
 3.2-upstream-stable: needed
-sid: needed
+sid: pending (4.12.3-1) [bugfix/all/ipv6-avoid-overflow-of-offset-in-ip6_find_1stfragopt.patch]
 4.9-stretch-security: pending (4.9.30-2+deb9u3) [bugfix/all/ipv6-avoid-overflow-of-offset-in-ip6_find_1stfragopt.patch]
 3.16-jessie-security: pending (3.16.43-2+deb8u3) [bugfix/all/ipv6-avoid-overflow-of-offset-in-ip6_find_1stfragopt.patch]
 3.2-wheezy-security: needed

Modified: active/CVE-2017-8831
===================================================================
--- active/CVE-2017-8831	2017-08-03 17:32:23 UTC (rev 5448)
+++ active/CVE-2017-8831	2017-08-03 19:07:09 UTC (rev 5449)
@@ -9,7 +9,7 @@
 4.9-upstream-stable: needed
 3.16-upstream-stable: needed
 3.2-upstream-stable: needed
-sid: needed
+sid: pending (4.12.3-1) [bugfix/all/media-saa7164-fix-double-fetch-PCIe-access-condition.patch]
 4.9-stretch-security: needed
 3.16-jessie-security: needed
 3.2-wheezy-security: needed




More information about the kernel-sec-discuss mailing list