[kernel-sec-discuss] r4970 - active
Ben Hutchings
benh at moszumanska.debian.org
Tue Feb 21 19:49:15 UTC 2017
Author: benh
Date: 2017-02-21 19:49:15 +0000 (Tue, 21 Feb 2017)
New Revision: 4970
Modified:
active/CVE-2017-2596
active/CVE-2017-5970
Log:
Mark issues pending for jessie
Modified: active/CVE-2017-2596
===================================================================
--- active/CVE-2017-2596 2017-02-21 13:06:38 UTC (rev 4969)
+++ active/CVE-2017-2596 2017-02-21 19:49:15 UTC (rev 4970)
@@ -2,12 +2,14 @@
References:
https://www.spinics.net/lists/kvm/msg144319.html
Notes:
+ bwh> Introduced in 3.16 by 3573e22cfeca "KVM: nVMX: additional checks on vmxon
+ bwh> region"
Bugs:
https://bugzilla.redhat.com/show_bug.cgi?id=1417812
-upstream:
-4.9-upstream-stable:
-3.16-upstream-stable:
-3.2-upstream-stable:
-sid:
-3.16-jessie-security:
-3.2-wheezy-security:
+upstream: needed
+4.9-upstream-stable: needed
+3.16-upstream-stable: needed
+3.2-upstream-stable: N/A "Vulnerable code not present"
+sid: needed
+3.16-jessie-security: pending (3.16.39-1+deb8u1) [bugfix/x86/kvm-fix-page-struct-leak-in-handle_vmon.patch]
+3.2-wheezy-security: N/A "Vulnerable code not present"
Modified: active/CVE-2017-5970
===================================================================
--- active/CVE-2017-5970 2017-02-21 13:06:38 UTC (rev 4969)
+++ active/CVE-2017-5970 2017-02-21 19:49:15 UTC (rev 4970)
@@ -9,5 +9,5 @@
3.16-upstream-stable:
3.2-upstream-stable: N/A "Vulnerable code introduced in 3.3-rc1 with d826eb14ecef3574b6b3be55e5f4329f4a76fbf3"
sid: released (4.9.10-1) [bugfix/all/ipv4-keep-skb-dst-around-in-presence-of-IP-options.patch]
-3.16-jessie-security:
+3.16-jessie-security: pending (3.16.39-1+deb8u1) [bugfix/all/ipv4-keep-skb-dst-around-in-presence-of-ip-options.patch]
3.2-wheezy-security: N/A "Vulnerable code not present"
More information about the kernel-sec-discuss
mailing list