[kernel-sec-discuss] r4941 - active
Salvatore Bonaccorso
carnil at moszumanska.debian.org
Fri Feb 17 15:25:55 UTC 2017
Author: carnil
Date: 2017-02-17 15:25:55 +0000 (Fri, 17 Feb 2017)
New Revision: 4941
Modified:
active/CVE-2013-7445
active/CVE-2014-9892
active/CVE-2014-9900
active/CVE-2015-2877
active/CVE-2015-8553
active/CVE-2015-8709
active/CVE-2016-10088
active/CVE-2016-10208
active/CVE-2016-2188
active/CVE-2016-3044
active/CVE-2016-8405
active/CVE-2016-8636
active/CVE-2016-8660
active/CVE-2016-9191
active/CVE-2016-9588
active/CVE-2017-2583
active/CVE-2017-2584
active/CVE-2017-2596
active/CVE-2017-2618
active/CVE-2017-5549
active/CVE-2017-5551
active/CVE-2017-5897
active/CVE-2017-5967
active/CVE-2017-5970
active/CVE-2017-5972
active/CVE-2017-5986
active/CVE-2017-6001
Log:
Reorder entries and add upstream commits where released
Modified: active/CVE-2013-7445
===================================================================
--- active/CVE-2013-7445 2017-02-17 15:13:14 UTC (rev 4940)
+++ active/CVE-2013-7445 2017-02-17 15:25:55 UTC (rev 4941)
@@ -4,9 +4,9 @@
Bugs:
https://bugzilla.kernel.org/show_bug.cgi?id=60533
upstream: needed
+4.9-upstream-stable: needed
3.16-upstream-stable: needed
3.2-upstream-stable: needed
sid: needed
3.16-jessie-security: needed
3.2-wheezy-security: needed
-4.9-upstream-stable: needed
Modified: active/CVE-2014-9892
===================================================================
--- active/CVE-2014-9892 2017-02-17 15:13:14 UTC (rev 4940)
+++ active/CVE-2014-9892 2017-02-17 15:25:55 UTC (rev 4941)
@@ -6,9 +6,9 @@
jmm> Fixed in Android 3.10 kernel, but unfixed in Linux mainline
Bugs:
upstream:
+4.9-upstream-stable:
3.16-upstream-stable:
3.2-upstream-stable:
sid:
3.16-jessie-security:
3.2-wheezy-security:
-4.9-upstream-stable:
Modified: active/CVE-2014-9900
===================================================================
--- active/CVE-2014-9900 2017-02-17 15:13:14 UTC (rev 4940)
+++ active/CVE-2014-9900 2017-02-17 15:25:55 UTC (rev 4941)
@@ -7,9 +7,9 @@
jmm> Fixed in Android 3.10 kernel, but this is still unfixed in current mainline
Bugs:
upstream: needed
+4.9-upstream-stable: needed
3.16-upstream-stable: needed
3.2-upstream-stable: needed
sid: needed
3.16-jessie-security: needed
3.2-wheezy-security: needed
-4.9-upstream-stable: needed
Modified: active/CVE-2015-2877
===================================================================
--- active/CVE-2015-2877 2017-02-17 15:13:14 UTC (rev 4940)
+++ active/CVE-2015-2877 2017-02-17 15:25:55 UTC (rev 4941)
@@ -5,9 +5,9 @@
bwh> Depends on KSM, which needs to be explicitly enabled at run-time
Bugs:
upstream: needed
+4.9-upstream-stable: needed
3.16-upstream-stable: needed
3.2-upstream-stable: needed
sid: needed
3.16-jessie-security: needed
3.2-wheezy-security: needed
-4.9-upstream-stable: needed
Modified: active/CVE-2015-8553
===================================================================
--- active/CVE-2015-8553 2017-02-17 15:13:14 UTC (rev 4940)
+++ active/CVE-2015-8553 2017-02-17 15:25:55 UTC (rev 4941)
@@ -13,9 +13,9 @@
jmm> point
Bugs:
upstream: needed
+4.9-upstream-stable: needed
3.16-upstream-stable: needed
3.2-upstream-stable: needed
sid: needed
3.16-jessie-security: ignored "breaks qemu as used in jessie"
3.2-wheezy-security: ignored "breaks qemu as used in jessie"
-4.9-upstream-stable: needed
Modified: active/CVE-2015-8709
===================================================================
--- active/CVE-2015-8709 2017-02-17 15:13:14 UTC (rev 4940)
+++ active/CVE-2015-8709 2017-02-17 15:25:55 UTC (rev 4941)
@@ -8,9 +8,9 @@
bwh> was eventually fixed upstream as noted below.
Bugs:
upstream: released (4.10-rc1) [bfedb589252c01fa505ac9f6f2a3d5d68d707ef4]
+4.9-upstream-stable: released (4.9.1) [694a95fa6dae4991f16cda333d897ea063021fed]
3.16-upstream-stable: needed
3.2-upstream-stable: N/A "Vulnerable code not present"
sid: released (4.3.3-3) [bugfix/all/ptrace-being-capable-wrt-a-process-requires-mapped-uids-gids.patch]
3.16-jessie-security: released (3.16.7-ckt20-1+deb8u2) [bugfix/all/ptrace-being-capable-wrt-a-process-requires-mapped-uids-gids.patch]
3.2-wheezy-security: N/A "Vulnerable code not present"
-4.9-upstream-stable: released (4.9.1)
Modified: active/CVE-2016-10088
===================================================================
--- active/CVE-2016-10088 2017-02-17 15:13:14 UTC (rev 4940)
+++ active/CVE-2016-10088 2017-02-17 15:25:55 UTC (rev 4941)
@@ -7,9 +7,9 @@
bwh> This is the vulnerabilbility left after fixing CVE-2016-9576.
Bugs:
upstream: released (4.10-rc1) [128394eff343fc6d2f32172f03e24829539c5835]
+4.9-upstream-stable: released (4.9.2) [3f3a6bbe6f9f5e895d8945494173594ee51632da]
3.16-upstream-stable: pending (3.16.40) [sg_write-bsg_write-is-not-fit-to-be-called-under-kernel_ds.patch]
3.2-upstream-stable: pending (3.2.85) [sg_write-bsg_write-is-not-fit-to-be-called-under-kernel_ds.patch]
sid: released (4.8.15-2) [bugfix/all/sg_write-bsg_write-is-not-fit-to-be-called-under-KER.patch]
3.16-jessie-security: released (3.16.39-1) [bugfix/all/sg_write-bsg_write-is-not-fit-to-be-called-under-ker.patch]
3.2-wheezy-security: released (3.2.84-1) [bugfix/all/sg_write-bsg_write-is-not-fit-to-be-called-under-ker.patch]
-4.9-upstream-stable: released (4.9.2)
Modified: active/CVE-2016-10208
===================================================================
--- active/CVE-2016-10208 2017-02-17 15:13:14 UTC (rev 4940)
+++ active/CVE-2016-10208 2017-02-17 15:25:55 UTC (rev 4941)
@@ -6,9 +6,9 @@
Notes:
Bugs:
upstream: released (4.10-rc1) [3a4b77cd47bb837b8557595ec7425f281f2ca1fe]
+4.9-upstream-stable: released (4.9.9) [13e6ef99d23b05807e7f8a72f45e3d8260b61570]
3.16-upstream-stable: needed
3.2-upstream-stable: N/A "Introduced in 3.6-rc1 with 952fc18ef9ec707ebdc16c0786ec360295e5ff15"
sid: pending (4.9.9-1)
3.16-jessie-security: needed
3.2-wheezy-security: N/A "Introduced in 3.6-rc1 with 952fc18ef9ec707ebdc16c0786ec360295e5ff15"
-4.9-upstream-stable: released (4.9.9)
Modified: active/CVE-2016-2188
===================================================================
--- active/CVE-2016-2188 2017-02-17 15:13:14 UTC (rev 4940)
+++ active/CVE-2016-2188 2017-02-17 15:25:55 UTC (rev 4941)
@@ -12,9 +12,9 @@
bwh> fixed anywhere yet.
Bugs:
upstream: needed
+4.9-upstream-stable: needed
3.16-upstream-stable: needed
3.2-upstream-stable: needed
sid: needed
3.16-jessie-security: needed
3.2-wheezy-security: needed
-4.9-upstream-stable: needed
Modified: active/CVE-2016-3044
===================================================================
--- active/CVE-2016-3044 2017-02-17 15:13:14 UTC (rev 4940)
+++ active/CVE-2016-3044 2017-02-17 15:25:55 UTC (rev 4941)
@@ -18,9 +18,9 @@
sbeattie> happens to be the exact date of the aforementioned git commit.
Bugs:
upstream:
+4.9-upstream-stable:
3.16-upstream-stable:
3.2-upstream-stable:
sid:
3.16-jessie-security:
3.2-wheezy-security:
-4.9-upstream-stable:
Modified: active/CVE-2016-8405
===================================================================
--- active/CVE-2016-8405 2017-02-17 15:13:14 UTC (rev 4940)
+++ active/CVE-2016-8405 2017-02-17 15:25:55 UTC (rev 4941)
@@ -3,9 +3,9 @@
Notes:
Bugs:
upstream: released (4.10-rc6) [2dc705a9930b4806250fbf5a76e55266e59389f2]
+4.9-upstream-stable: released (4.9.7) [544160b6ea18670196d1173c099f2cced5075132]
3.16-upstream-stable: pending (3.16.40) [fbdev-color-map-copying-bounds-checking.patch]
3.2-upstream-stable: pending (3.2.85) [fbdev-color-map-copying-bounds-checking.patch]
sid: released (4.9.6-1) [bugfix/all/fbdev-color-map-coying-bounds-checking.patch]
3.16-jessie-security: needed
3.2-wheezy-security: needed
-4.9-upstream-stable: released (4.9.7)
Modified: active/CVE-2016-8636
===================================================================
--- active/CVE-2016-8636 2017-02-17 15:13:14 UTC (rev 4940)
+++ active/CVE-2016-8636 2017-02-17 15:25:55 UTC (rev 4941)
@@ -4,9 +4,9 @@
Notes:
Bugs:
upstream: released (4.10-rc8) [647bf3d8a8e5777319da92af672289b2a6c4dc66]
+4.9-upstream-stable: released (4.9.10) [b7dd5edc3dd9191f2cb1bd508279b0ff7274c5aa]
3.16-upstream-stable: N/A "Vulnerable code not present, introduced in 4.8"
3.2-upstream-stable: N/A "Vulnerable code not present, introduced in 4.8"
sid: pending (4.9.10-1)
3.16-jessie-security: N/A "Vulnerable code not present, introduced in 4.8"
3.2-wheezy-security: N/A "Vulnerable code not present, introduced in 4.8"
-4.9-upstream-stable: released (4.9.10)
Modified: active/CVE-2016-8660
===================================================================
--- active/CVE-2016-8660 2017-02-17 15:13:14 UTC (rev 4940)
+++ active/CVE-2016-8660 2017-02-17 15:25:55 UTC (rev 4941)
@@ -6,9 +6,9 @@
Cf. http://www.openwall.com/lists/oss-security/2016/10/13/8
Bugs:
upstream: needed
+4.9-upstream-stable: needed
3.16-upstream-stable: N/A "Vulnerable code introduced in (4.4-rc1) [fc0561cefc04e7803c0f6501ca4f310a502f65b8]"
3.2-upstream-stable: N/A "Vulnerable code introduced in (4.4-rc1) [fc0561cefc04e7803c0f6501ca4f310a502f65b8]"
sid: needed
3.16-jessie-security: N/A "Vulnerable code not present"
3.2-wheezy-security: N/A "Vulnerable code not present"
-4.9-upstream-stable: needed
Modified: active/CVE-2016-9191
===================================================================
--- active/CVE-2016-9191 2017-02-17 15:13:14 UTC (rev 4940)
+++ active/CVE-2016-9191 2017-02-17 15:25:55 UTC (rev 4941)
@@ -5,9 +5,9 @@
Introduced with f0c3b5093addc8bfe9fe3a5b01acb7ec7969eafa in 3.11-rc1
Bugs:
upstream: released (4.10-rc4) [93362fa47fe98b62e4a34ab408c4a418432e7939]
+4.9-upstream-stable: released (4.9.5) [00cf64fbaa1e99d0420f2934f301c671ba298342]
3.16-upstream-stable: pending (3.16.40) [sysctl-drop-reference-added-by-grab_header-in-proc_sys_readdir.patch]
3.2-upstream-stable: N/A "Vulnerable code introduced in 3.11-rc1"
sid: released (4.9.6-1)
3.16-jessie-security: needed
3.2-wheezy-security: N/A "Vulnerable code not present"
-4.9-upstream-stable: released (4.9.5)
Modified: active/CVE-2016-9588
===================================================================
--- active/CVE-2016-9588 2017-02-17 15:13:14 UTC (rev 4940)
+++ active/CVE-2016-9588 2017-02-17 15:25:55 UTC (rev 4941)
@@ -4,9 +4,9 @@
Notes:
Bugs:
upstream: released (4.10-rc1) [ef85b67385436ddc1998f45f1d6a210f935b3388]
+4.9-upstream-stable: released (4.9.2) [3f618a0b872fea38c7d1d1f79eda40f88c6466c2]
3.16-upstream-stable: needed
3.2-upstream-stable: needed
sid: released (4.8.15-2) [bugfix/all/kvm-nVMX-Allow-L1-to-intercept-software-exceptions-B.patch]
3.16-jessie-security: needed
3.2-wheezy-security: needed
-4.9-upstream-stable: released (4.9.2)
Modified: active/CVE-2017-2583
===================================================================
--- active/CVE-2017-2583 2017-02-17 15:13:14 UTC (rev 4940)
+++ active/CVE-2017-2583 2017-02-17 15:25:55 UTC (rev 4941)
@@ -4,9 +4,9 @@
Introduced in 3.6-rc1 with 79d5b4c3cd809c770d4bf9812635647016c56011
Bugs:
upstream: released (4.10-rc4) [33ab91103b3415e12457e3104f0e4517ce12d0f3]
+4.9-upstream-stable: released (4.9.5) [7718ffcf9a64830bbae148432f625346cde2f2d6]
3.16-upstream-stable: needed
3.2-upstream-stable: N/A "Vulnerable code introduced in 3.6-rc1 with 79d5b4c3cd809c770d4bf9812635647016c56011"
sid: released (4.9.6-1)
3.16-jessie-security: needed
3.2-wheezy-security: N/A "Vulnerable code not present"
-4.9-upstream-stable: released (4.9.5)
Modified: active/CVE-2017-2584
===================================================================
--- active/CVE-2017-2584 2017-02-17 15:13:14 UTC (rev 4940)
+++ active/CVE-2017-2584 2017-02-17 15:25:55 UTC (rev 4941)
@@ -8,9 +8,9 @@
Bugs:
https://bugzilla.redhat.com/show_bug.cgi?id=1413001
upstream: released (4.10-rc4) [129a72a0d3c8e139a04512325384fe5ac119e74d]
+4.9-upstream-stable: released (4.9.5) [736e77c07fba8b49cead504b885a82ce52c0ff10]
3.16-upstream-stable: needed
3.2-upstream-stable: N/A "Vulnerable code introduced in 3.6-rc1 with 96051572c819194c37a8367624b285be10297eca"
sid: released (4.9.6-1)
3.16-jessie-security: needed
3.2-wheezy-security: N/A "Vulnerable code not present"
-4.9-upstream-stable: released (4.9.5)
Modified: active/CVE-2017-2596
===================================================================
--- active/CVE-2017-2596 2017-02-17 15:13:14 UTC (rev 4940)
+++ active/CVE-2017-2596 2017-02-17 15:25:55 UTC (rev 4941)
@@ -5,9 +5,9 @@
Bugs:
https://bugzilla.redhat.com/show_bug.cgi?id=1417812
upstream:
+4.9-upstream-stable:
3.16-upstream-stable:
3.2-upstream-stable:
sid:
3.16-jessie-security:
3.2-wheezy-security:
-4.9-upstream-stable:
Modified: active/CVE-2017-2618
===================================================================
--- active/CVE-2017-2618 2017-02-17 15:13:14 UTC (rev 4940)
+++ active/CVE-2017-2618 2017-02-17 15:25:55 UTC (rev 4941)
@@ -4,9 +4,9 @@
Possibly introduced in 3.5-rc1 with d6ea83ec6864e9297fa8b00ec3dae183413a90e3
Bugs:
upstream: released (4.10-rc8) [0c461cb727d146c9ef2d3e86214f498b78b7d125]
+4.9-upstream-stable: released (4.9.10) [6cbaf7b94373743deb42fd410173aab81f8945fe]
3.16-upstream-stable:
3.2-upstream-stable:
sid: pending (4.9.10-1)
3.16-jessie-security:
3.2-wheezy-security:
-4.9-upstream-stable: released (4.9.10)
Modified: active/CVE-2017-5549
===================================================================
--- active/CVE-2017-5549 2017-02-17 15:13:14 UTC (rev 4940)
+++ active/CVE-2017-5549 2017-02-17 15:25:55 UTC (rev 4941)
@@ -3,9 +3,9 @@
Notes:
Bugs:
upstream: released (4.10-rc4) [146cc8a17a3b4996f6805ee5c080e7101277c410]
+4.9-upstream-stable: released (4.9.5) [58ede4beda662c4e1681fee4fae2174028a1a841]
3.16-upstream-stable:
3.2-upstream-stable:
sid: released (4.9.6-1)
3.16-jessie-security:
3.2-wheezy-security:
-4.9-upstream-stable: released (4.9.5)
Modified: active/CVE-2017-5551
===================================================================
--- active/CVE-2017-5551 2017-02-17 15:13:14 UTC (rev 4940)
+++ active/CVE-2017-5551 2017-02-17 15:25:55 UTC (rev 4941)
@@ -3,9 +3,9 @@
Notes:
Bugs:
upstream: released (4.10-rc4) [497de07d89c1410d76a15bec2bb41f24a2a89f31]
+4.9-upstream-stable: released (4.9.6) [782b361c93062f083bbc9a78928498218f950399]
3.16-upstream-stable:
3.2-upstream-stable:
sid: released (4.9.6-1)
3.16-jessie-security:
3.2-wheezy-security:
-4.9-upstream-stable: released (4.9.6)
Modified: active/CVE-2017-5897
===================================================================
--- active/CVE-2017-5897 2017-02-17 15:13:14 UTC (rev 4940)
+++ active/CVE-2017-5897 2017-02-17 15:25:55 UTC (rev 4941)
@@ -3,9 +3,9 @@
Notes:
Bugs:
upstream: released (4.10-rc8) [7892032cfe67f4bde6fc2ee967e45a8fbaf33756]
+4.9-upstream-stable: needed
3.16-upstream-stable:
3.2-upstream-stable: N/A "Vulnerable code introduced in 3.7-rc1 with c12b395a46646bab69089ce7016ac78177f6001f"
sid:
3.16-jessie-security:
3.2-wheezy-security: N/A "Vulnerable code not present"
-4.9-upstream-stable: needed
Modified: active/CVE-2017-5967
===================================================================
--- active/CVE-2017-5967 2017-02-17 15:13:14 UTC (rev 4940)
+++ active/CVE-2017-5967 2017-02-17 15:25:55 UTC (rev 4941)
@@ -5,9 +5,9 @@
Notes:
Bugs:
upstream: pending
+4.9-upstream-stable:
3.16-upstream-stable:
3.2-upstream-stable:
sid:
3.16-jessie-security:
3.2-wheezy-security:
-4.9-upstream-stable:
Modified: active/CVE-2017-5970
===================================================================
--- active/CVE-2017-5970 2017-02-17 15:13:14 UTC (rev 4940)
+++ active/CVE-2017-5970 2017-02-17 15:25:55 UTC (rev 4941)
@@ -5,9 +5,9 @@
Notes:
Bugs:
upstream: released (4.10-rc8) [34b2cef20f19c87999fff3da4071e66937db9644]
+4.9-upstream-stable: needed
3.16-upstream-stable:
3.2-upstream-stable: N/A "Vulnerable code introduced in 3.3-rc1 with d826eb14ecef3574b6b3be55e5f4329f4a76fbf3"
sid: pending (4.9.10-1) [bugfix/all/ipv4-keep-skb-dst-around-in-presence-of-IP-options.patch]
3.16-jessie-security:
3.2-wheezy-security: N/A "Vulnerable code not present"
-4.9-upstream-stable: needed
Modified: active/CVE-2017-5972
===================================================================
--- active/CVE-2017-5972 2017-02-17 15:13:14 UTC (rev 4940)
+++ active/CVE-2017-5972 2017-02-17 15:25:55 UTC (rev 4941)
@@ -6,9 +6,9 @@
Bugs:
https://bugzilla.redhat.com/show_bug.cgi?id=1422081
upstream:
+4.9-upstream-stable:
3.16-upstream-stable:
3.2-upstream-stable:
sid:
3.16-jessie-security:
3.2-wheezy-security:
-4.9-upstream-stable:
Modified: active/CVE-2017-5986
===================================================================
--- active/CVE-2017-5986 2017-02-17 15:13:14 UTC (rev 4940)
+++ active/CVE-2017-5986 2017-02-17 15:25:55 UTC (rev 4941)
@@ -3,9 +3,9 @@
Notes:
Bugs:
upstream: released (4.10-rc8) [2dcab598484185dea7ec22219c76dcdd59e3cb90]
+4.9-upstream-stable: needed
3.16-upstream-stable:
3.2-upstream-stable:
sid: pending (4.9.10-1) [bugfix/all/sctp-avoid-BUG_ON-on-sctp_wait_for_sndbuf.patch]
3.16-jessie-security:
3.2-wheezy-security:
-4.9-upstream-stable: needed
Modified: active/CVE-2017-6001
===================================================================
--- active/CVE-2017-6001 2017-02-17 15:13:14 UTC (rev 4940)
+++ active/CVE-2017-6001 2017-02-17 15:25:55 UTC (rev 4941)
@@ -4,9 +4,9 @@
bwh> This is left over from an incomplete fix for CVE-2016-6786
Bugs:
upstream: released (4.10-rc4) [f321027c1fe77f892f4ea07846aeae08cefbbb290]
+4.9-upstream-stable: needed
3.16-upstream-stable: pending (3.16.40) [perf-core-fix-concurrent-sys_perf_event_open-vs.-move_group-race.patch]
3.2-upstream-stable: pending (3.2.85) [perf-core-fix-concurrent-sys_perf_event_open-vs.-move_group-race.patch]
sid: pending (4.9.9-1)
3.16-jessie-security: needed
3.2-wheezy-security: needed
-4.9-upstream-stable: needed
More information about the kernel-sec-discuss
mailing list