[kernel-sec-discuss] r5831 - active
Salvatore Bonaccorso
carnil at moszumanska.debian.org
Sat Dec 23 19:58:00 UTC 2017
Author: carnil
Date: 2017-12-23 19:58:00 +0000 (Sat, 23 Dec 2017)
New Revision: 5831
Modified:
active/CVE-2017-1000407
active/CVE-2017-1000410
active/CVE-2017-16538
active/CVE-2017-16644
active/CVE-2017-16995
active/CVE-2017-17448
active/CVE-2017-17449
active/CVE-2017-17450
active/CVE-2017-17558
active/CVE-2017-17712
active/CVE-2017-17741
active/CVE-2017-17805
active/CVE-2017-17806
active/CVE-2017-17807
active/CVE-2017-17862
active/CVE-2017-17863
active/CVE-2017-17864
active/CVE-2017-8824
Log:
Mark 4.9.65-3+deb9u1 as released
Modified: active/CVE-2017-1000407
===================================================================
--- active/CVE-2017-1000407 2017-12-23 17:00:12 UTC (rev 5830)
+++ active/CVE-2017-1000407 2017-12-23 19:58:00 UTC (rev 5831)
@@ -9,6 +9,6 @@
3.16-upstream-stable: pending (3.16.52) [kvm-vmx-remove-i-o-port-0x80-bypass-on-intel-hosts.patch]
3.2-upstream-stable: pending (3.2.97) [kvm-vmx-remove-i-o-port-0x80-bypass-on-intel-hosts.patch]
sid: released (4.14.7-1)
-4.9-stretch-security: pending (4.9.65-3+deb9u1) [bugfix/x86/kvm-vmx-remove-i-o-port-0x80-bypass-on-intel-hosts.patch]
+4.9-stretch-security: released (4.9.65-3+deb9u1) [bugfix/x86/kvm-vmx-remove-i-o-port-0x80-bypass-on-intel-hosts.patch]
3.16-jessie-security: needed
3.2-wheezy-security: released (3.2.96-1) [bugfix/x86/kvm-vmx-remove-i-o-port-0x80-bypass-on-intel-hosts.patch]
Modified: active/CVE-2017-1000410
===================================================================
--- active/CVE-2017-1000410 2017-12-23 17:00:12 UTC (rev 5830)
+++ active/CVE-2017-1000410 2017-12-23 19:58:00 UTC (rev 5831)
@@ -10,6 +10,6 @@
3.16-upstream-stable: needed
3.2-upstream-stable: N/A "Vulnerable code not present"
sid: released (4.14.7-1) [bugfix/all/bluetooth-prevent-stack-info-leak-from-the-efs-element.patch]
-4.9-stretch-security: pending (4.9.65-3+deb9u1) [bugfix/all/bluetooth-prevent-stack-info-leak-from-the-efs-element.patch]
+4.9-stretch-security: released (4.9.65-3+deb9u1) [bugfix/all/bluetooth-prevent-stack-info-leak-from-the-efs-element.patch]
3.16-jessie-security: needed
3.2-wheezy-security: N/A "Vulnerable code not present"
Modified: active/CVE-2017-16538
===================================================================
--- active/CVE-2017-16538 2017-12-23 17:00:12 UTC (rev 5830)
+++ active/CVE-2017-16538 2017-12-23 19:58:00 UTC (rev 5831)
@@ -11,6 +11,6 @@
3.16-upstream-stable: needed
3.2-upstream-stable: N/A "Vulnerable code not present"
sid: released (4.14.7-1) [bugfix/all/media-dvb-usb-v2-lmedm04-Improve-logic-checking-of-w.patch, bugfix/all/media-dvb-usb-v2-lmedm04-move-ts2020-attach-to-dm04_.patch]
-4.9-stretch-security: pending (4.9.65-3+deb9u1) [bugfix/all/media-dvb-usb-v2-lmedm04-Improve-logic-checking-of-w.patch, bugfix/all/media-dvb-usb-v2-lmedm04-move-ts2020-attach-to-dm04_.patch]
+4.9-stretch-security: released (4.9.65-3+deb9u1) [bugfix/all/media-dvb-usb-v2-lmedm04-Improve-logic-checking-of-w.patch, bugfix/all/media-dvb-usb-v2-lmedm04-move-ts2020-attach-to-dm04_.patch]
3.16-jessie-security: needed
3.2-wheezy-security: N/A "Vulnerable code not present"
Modified: active/CVE-2017-16644
===================================================================
--- active/CVE-2017-16644 2017-12-23 17:00:12 UTC (rev 5830)
+++ active/CVE-2017-16644 2017-12-23 19:58:00 UTC (rev 5831)
@@ -14,6 +14,6 @@
3.16-upstream-stable: N/A "Vulnerable code not present"
3.2-upstream-stable: N/A "Vulnerable code not present"
sid: released (4.14.7-1) [bugfix/all/media-hdpvr-fix-an-error-handling-path-in-hdpvr_prob.patch]
-4.9-stretch-security: pending (4.9.65-3+deb9u1) [bugfix/all/media-hdpvr-fix-an-error-handling-path-in-hdpvr_prob.patch]
+4.9-stretch-security: released (4.9.65-3+deb9u1) [bugfix/all/media-hdpvr-fix-an-error-handling-path-in-hdpvr_prob.patch]
3.16-jessie-security: N/A "Vulnerable code not present"
3.2-wheezy-security: N/A "Vulnerable code not present"
Modified: active/CVE-2017-16995
===================================================================
--- active/CVE-2017-16995 2017-12-23 17:00:12 UTC (rev 5830)
+++ active/CVE-2017-16995 2017-12-23 19:58:00 UTC (rev 5831)
@@ -11,6 +11,6 @@
3.16-upstream-stable: N/A "Vulnerable code introduced in 4.9-rc1"
3.2-upstream-stable: N/A "Vulnerable code introduced in 4.9-rc1"
sid: released (4.14.7-1) [bugfix/all/bpf-fix-incorrect-sign-extension-in-check_alu_op.patch]
-4.9-stretch-security: pending (4.9.65-3+deb9u1) [bugfix/all/bpf-fix-incorrect-sign-extension-in-check_alu_op.patch]
+4.9-stretch-security: released (4.9.65-3+deb9u1) [bugfix/all/bpf-fix-incorrect-sign-extension-in-check_alu_op.patch]
3.16-jessie-security: N/A "Vulnerable code introduced later"
3.2-wheezy-security: N/A "Vulnerable code introduced later"
Modified: active/CVE-2017-17448
===================================================================
--- active/CVE-2017-17448 2017-12-23 17:00:12 UTC (rev 5830)
+++ active/CVE-2017-17448 2017-12-23 19:58:00 UTC (rev 5831)
@@ -10,6 +10,6 @@
3.16-upstream-stable: pending (3.16.52) [netfilter-nfnetlink_cthelper-add-missing-permission-checks.patch]
3.2-upstream-stable: N/A "User namespaces not supported"
sid: released (4.14.7-1) [bugfix/all/netfilter-nfnetlink_cthelper-add-missing-permission-.patch]
-4.9-stretch-security: pending (4.9.65-3+deb9u1) [bugfix/all/netfilter-nfnetlink_cthelper-add-missing-permission-.patch]
+4.9-stretch-security: released (4.9.65-3+deb9u1) [bugfix/all/netfilter-nfnetlink_cthelper-add-missing-permission-.patch]
3.16-jessie-security: needed
3.2-wheezy-security: N/A "User namespaces not supported"
Modified: active/CVE-2017-17449
===================================================================
--- active/CVE-2017-17449 2017-12-23 17:00:12 UTC (rev 5830)
+++ active/CVE-2017-17449 2017-12-23 19:58:00 UTC (rev 5831)
@@ -13,6 +13,6 @@
3.16-upstream-stable: pending (3.16.52) [netlink-add-netns-check-on-taps.patch]
3.2-upstream-stable: N/A "Vulnerable code not present"
sid: released (4.14.7-1) [bugfix/all/netlink-add-netns-check-on-taps.patch]
-4.9-stretch-security: pending (4.9.65-3+deb9u1) [bugfix/all/netlink-add-netns-check-on-taps.patch]
+4.9-stretch-security: released (4.9.65-3+deb9u1) [bugfix/all/netlink-add-netns-check-on-taps.patch]
3.16-jessie-security: needed
3.2-wheezy-security: N/A "Vulnerable code not present"
Modified: active/CVE-2017-17450
===================================================================
--- active/CVE-2017-17450 2017-12-23 17:00:12 UTC (rev 5830)
+++ active/CVE-2017-17450 2017-12-23 19:58:00 UTC (rev 5831)
@@ -8,6 +8,6 @@
3.16-upstream-stable: pending (3.16.52) [netfilter-xt_osf-add-missing-permission-checks.patch]
3.2-upstream-stable: N/A "User namespaces not supported"
sid: released (4.14.7-1) [bugfix/all/netfilter-xt_osf-add-missing-permission-checks.patch]
-4.9-stretch-security: pending (4.9.65-3+deb9u1) [bugfix/all/netfilter-xt_osf-add-missing-permission-checks.patch]]
+4.9-stretch-security: released (4.9.65-3+deb9u1) [bugfix/all/netfilter-xt_osf-add-missing-permission-checks.patch]]
3.16-jessie-security: needed
3.2-wheezy-security: N/A "User namespaces not supported"
Modified: active/CVE-2017-17558
===================================================================
--- active/CVE-2017-17558 2017-12-23 17:00:12 UTC (rev 5830)
+++ active/CVE-2017-17558 2017-12-23 19:58:00 UTC (rev 5831)
@@ -10,6 +10,6 @@
3.16-upstream-stable: pending (3.16.52) [usb-core-prevent-malicious-bnuminterfaces-overflow.patch]
3.2-upstream-stable: pending (3.2.97) [usb-core-prevent-malicious-bnuminterfaces-overflow.patch]
sid: released (4.14.7-1) [bugfix/all/usb-core-prevent-malicious-bnuminterfaces-overflow.patch]
-4.9-stretch-security: pending (4.9.65-3+deb9u1) [bugfix/all/usb-core-prevent-malicious-bnuminterfaces-overflow.patch]
+4.9-stretch-security: released (4.9.65-3+deb9u1) [bugfix/all/usb-core-prevent-malicious-bnuminterfaces-overflow.patch]
3.16-jessie-security: needed
3.2-wheezy-security: needed
Modified: active/CVE-2017-17712
===================================================================
--- active/CVE-2017-17712 2017-12-23 17:00:12 UTC (rev 5830)
+++ active/CVE-2017-17712 2017-12-23 19:58:00 UTC (rev 5831)
@@ -7,6 +7,6 @@
3.16-upstream-stable: N/A "Vulnerable code introduced in 3.19-rc1 with c008ba5bdc9fa830e1a349b20b0be5a137bdef7a"
3.2-upstream-stable: N/A "Vulnerable code introduced in 3.19-rc1 with c008ba5bdc9fa830e1a349b20b0be5a137bdef7a"
sid: released (4.14.7-1) [bugfix/all/net-ipv4-fix-for-a-race-condition-in-raw_sendmsg.patch]
-4.9-stretch-security: pending (4.9.65-3+deb9u1) [bugfix/all/net-ipv4-fix-for-a-race-condition-in-raw_sendmsg.patch]
+4.9-stretch-security: released (4.9.65-3+deb9u1) [bugfix/all/net-ipv4-fix-for-a-race-condition-in-raw_sendmsg.patch]
3.16-jessie-security: N/A "Vulnerable code not present"
3.2-wheezy-security: N/A "Vulnerable code not present"
Modified: active/CVE-2017-17741
===================================================================
--- active/CVE-2017-17741 2017-12-23 17:00:12 UTC (rev 5830)
+++ active/CVE-2017-17741 2017-12-23 19:58:00 UTC (rev 5831)
@@ -12,6 +12,6 @@
3.16-upstream-stable: needed
3.2-upstream-stable: needed
sid: released (4.14.7-1) [bugfix/all/kvm-fix-stack-out-of-bounds-read-in-write_mmio.patch]
-4.9-stretch-security: pending (4.9.65-3+deb9u1) [bugfix/all/kvm-fix-stack-out-of-bounds-read-in-write_mmio.patch]
+4.9-stretch-security: released (4.9.65-3+deb9u1) [bugfix/all/kvm-fix-stack-out-of-bounds-read-in-write_mmio.patch]
3.16-jessie-security: needed
3.2-wheezy-security: needed
Modified: active/CVE-2017-17805
===================================================================
--- active/CVE-2017-17805 2017-12-23 17:00:12 UTC (rev 5830)
+++ active/CVE-2017-17805 2017-12-23 19:58:00 UTC (rev 5831)
@@ -9,6 +9,6 @@
3.16-upstream-stable: needed
3.2-upstream-stable: needed
sid: released (4.14.7-1) [bugfix/all/crypto-salsa20-fix-blkcipher_walk-API-usage.patch]
-4.9-stretch-security: pending (4.9.65-3+deb9u1) [bugfix/all/crypto-salsa20-fix-blkcipher_walk-API-usage.patch]
+4.9-stretch-security: released (4.9.65-3+deb9u1) [bugfix/all/crypto-salsa20-fix-blkcipher_walk-API-usage.patch]
3.16-jessie-security: needed
3.2-wheezy-security: needed
Modified: active/CVE-2017-17806
===================================================================
--- active/CVE-2017-17806 2017-12-23 17:00:12 UTC (rev 5830)
+++ active/CVE-2017-17806 2017-12-23 19:58:00 UTC (rev 5831)
@@ -8,6 +8,6 @@
3.16-upstream-stable:
3.2-upstream-stable:
sid: released (4.14.7-1) [bugfix/all/crypto-hmac-require-that-the-underlying-hash-algorit.patch]
-4.9-stretch-security: pending (4.9.65-3+deb9u1) [bugfix/all/crypto-hmac-require-that-the-underlying-hash-algorit.patch]
+4.9-stretch-security: released (4.9.65-3+deb9u1) [bugfix/all/crypto-hmac-require-that-the-underlying-hash-algorit.patch]
3.16-jessie-security:
3.2-wheezy-security:
Modified: active/CVE-2017-17807
===================================================================
--- active/CVE-2017-17807 2017-12-23 17:00:12 UTC (rev 5830)
+++ active/CVE-2017-17807 2017-12-23 19:58:00 UTC (rev 5831)
@@ -8,6 +8,6 @@
3.16-upstream-stable: needed
3.2-upstream-stable: needed
sid: released (4.14.7-1)
-4.9-stretch-security: pending (4.9.65-3+deb9u1) [bugfix/all/keys-add-missing-permission-check-for-request_key-de.patch]
+4.9-stretch-security: released (4.9.65-3+deb9u1) [bugfix/all/keys-add-missing-permission-check-for-request_key-de.patch]
3.16-jessie-security: needed
3.2-wheezy-security: needed
Modified: active/CVE-2017-17862
===================================================================
--- active/CVE-2017-17862 2017-12-23 17:00:12 UTC (rev 5830)
+++ active/CVE-2017-17862 2017-12-23 19:58:00 UTC (rev 5831)
@@ -9,6 +9,6 @@
3.16-upstream-stable: N/A "Vulnerable code introduced in 3.18-rc1"
3.2-upstream-stable: N/A "Vulnerable code introduced in 3.18-rc1"
sid: needed
-4.9-stretch-security: pending (4.9.65-3+deb9u1) [bugfix/all/bpf-fix-branch-pruning-logic.patch]
+4.9-stretch-security: released (4.9.65-3+deb9u1) [bugfix/all/bpf-fix-branch-pruning-logic.patch]
3.16-jessie-security: N/A "Vulnerable code not present"
3.2-wheezy-security: N/A "Vulnerable code not present"
Modified: active/CVE-2017-17863
===================================================================
--- active/CVE-2017-17863 2017-12-23 17:00:12 UTC (rev 5830)
+++ active/CVE-2017-17863 2017-12-23 19:58:00 UTC (rev 5831)
@@ -13,6 +13,6 @@
3.16-upstream-stable: N/A "Vulnerable code introduced later"
3.2-upstream-stable: N/A "Vulnerable code introduced later"
sid:
-4.9-stretch-security: pending (4.9.65-3+deb9u1) [bugfix/all/bpf-reject-out-of-bounds-stack-pointer-calculation.patch]
+4.9-stretch-security: released (4.9.65-3+deb9u1) [bugfix/all/bpf-reject-out-of-bounds-stack-pointer-calculation.patch]
3.16-jessie-security: N/A "Vulnerable code introduced later"
3.2-wheezy-security: N/A "Vulnerable code introduced later"
Modified: active/CVE-2017-17864
===================================================================
--- active/CVE-2017-17864 2017-12-23 17:00:12 UTC (rev 5830)
+++ active/CVE-2017-17864 2017-12-23 19:58:00 UTC (rev 5831)
@@ -13,6 +13,6 @@
3.16-upstream-stable: N/A "Vulnerable code introduced later"
3.2-upstream-stable: N/A "Vulnerable code introduced later"
sid:
-4.9-stretch-security: pending (4.9.65-3+deb9u1) [bugfix/all/bpf-verifier-fix-states_equal-comparison-of-pointer-and-unknown.patch]
+4.9-stretch-security: released (4.9.65-3+deb9u1) [bugfix/all/bpf-verifier-fix-states_equal-comparison-of-pointer-and-unknown.patch]
3.16-jessie-security: N/A "Vulnerable code introduced later"
3.2-wheezy-security: N/A "Vulnerable code introduced later"
Modified: active/CVE-2017-8824
===================================================================
--- active/CVE-2017-8824 2017-12-23 17:00:12 UTC (rev 5830)
+++ active/CVE-2017-8824 2017-12-23 19:58:00 UTC (rev 5831)
@@ -9,6 +9,6 @@
3.16-upstream-stable: pending (3.16.52) [dccp-cve-2017-8824-use-after-free-in-dccp-code.patch]
3.2-upstream-stable: pending (3.2.97) [dccp-cve-2017-8824-use-after-free-in-dccp-code.patch]
sid: released (4.14.7-1) [bugfix/all/dccp-cve-2017-8824-use-after-free-in-dccp-code.patch]
-4.9-stretch-security: pending (4.9.65-3+deb9u1) [bugfix/all/dccp-cve-2017-8824-use-after-free-in-dccp-code.patch]
+4.9-stretch-security: released (4.9.65-3+deb9u1) [bugfix/all/dccp-cve-2017-8824-use-after-free-in-dccp-code.patch]
3.16-jessie-security: needed
3.2-wheezy-security: released (3.2.96-1) [bugfix/all/dccp-cve-2017-8824-use-after-free-in-dccp-code.patch]
More information about the kernel-sec-discuss
mailing list