[kernel-sec-discuss] r4826 - active
Salvatore Bonaccorso
carnil at moszumanska.debian.org
Sun Jan 1 08:07:51 UTC 2017
Author: carnil
Date: 2017-01-01 08:07:50 +0000 (Sun, 01 Jan 2017)
New Revision: 4826
Modified:
active/CVE-2012-6704
active/CVE-2015-1350
active/CVE-2015-8962
active/CVE-2015-8963
active/CVE-2015-8964
active/CVE-2016-10088
active/CVE-2016-7097
active/CVE-2016-7910
active/CVE-2016-7911
active/CVE-2016-7915
active/CVE-2016-8399
active/CVE-2016-8633
active/CVE-2016-8655
active/CVE-2016-9178
active/CVE-2016-9555
active/CVE-2016-9576
active/CVE-2016-9756
active/CVE-2016-9793
active/CVE-2016-9794
Log:
mark 3.2.84-1 as released
Note for 3.16.39-1:
Awaiting to do the same for 3.16.39-1 since technically not yet either
in jessie (neither via jessie-security).
Note: Usualy we track the pending CVEs via data/next-point-release.txt
but this time we might afford it to just merge the entries once the
point release is done.
If someone disagrees on the approach, let me know.
Modified: active/CVE-2012-6704
===================================================================
--- active/CVE-2012-6704 2016-12-31 19:35:46 UTC (rev 4825)
+++ active/CVE-2012-6704 2017-01-01 08:07:50 UTC (rev 4826)
@@ -19,4 +19,4 @@
3.2-upstream-stable: needed
sid: released (3.8.11-1)
3.16-jessie-security: N/A "Fixed before initial 3.16 release"
-3.2-wheezy-security: pending (3.2.84-1) [bugfix/all/net-cleanups-in-sock_setsockopt.patch]
+3.2-wheezy-security: released (3.2.84-1) [bugfix/all/net-cleanups-in-sock_setsockopt.patch]
Modified: active/CVE-2015-1350
===================================================================
--- active/CVE-2015-1350 2016-12-31 19:35:46 UTC (rev 4825)
+++ active/CVE-2015-1350 2017-01-01 08:07:50 UTC (rev 4826)
@@ -11,6 +11,6 @@
upstream: released (4.9-rc1) [030b533c4fd4d2ec3402363323de4bb2983c9cee]
sid: released (4.8.11-1) [bugfix/all/xfs-Propagate-dentry-down-to-inode_change_ok.patch, bugfix/all/ceph-Propagate-dentry-down-to-inode_change_ok.patch, bugfix/all/fuse-Propagate-dentry-down-to-inode_change_ok.patch, bugfix/all/fs-Give-dentry-to-inode_change_ok-instead-of-inode.patch, bugfix/all/fs-Avoid-premature-clearing-of-capabilities.patch]
3.16-jessie-security: pending (3.16.39-1)
-3.2-wheezy-security: pending (3.2.84-1)
+3.2-wheezy-security: released (3.2.84-1)
3.16-upstream-stable: released (3.16.39) [fs-give-dentry-to-inode_change_ok-instead-of-inode.patch, fs-avoid-premature-clearing-of-capabilities.patch]
3.2-upstream-stable: released (3.2.84) [fs-give-dentry-to-inode_change_ok-instead-of-inode.patch, fs-avoid-premature-clearing-of-capabilities.patch]
Modified: active/CVE-2015-8962
===================================================================
--- active/CVE-2015-8962 2016-12-31 19:35:46 UTC (rev 4825)
+++ active/CVE-2015-8962 2017-01-01 08:07:50 UTC (rev 4826)
@@ -7,4 +7,4 @@
3.2-upstream-stable: needed
sid: released (4.4.2-1)
3.16-jessie-security: pending (3.16.39-1) [bugfix/all/sg-fix-double-free-when-drives-detach-during-sg_io.patch]
-3.2-wheezy-security: pending (3.2.84-1) [bugfix/all/sg-fix-double-free-when-drives-detach-during-sg_io.patch]
+3.2-wheezy-security: released (3.2.84-1) [bugfix/all/sg-fix-double-free-when-drives-detach-during-sg_io.patch]
Modified: active/CVE-2015-8963
===================================================================
--- active/CVE-2015-8963 2016-12-31 19:35:46 UTC (rev 4825)
+++ active/CVE-2015-8963 2017-01-01 08:07:50 UTC (rev 4826)
@@ -7,4 +7,4 @@
3.2-upstream-stable: needed
sid: released (4.4.2-1)
3.16-jessie-security: pending (3.16.39-1) [bugfix/all/perf-fix-race-in-swevent-hash.patch]
-3.2-wheezy-security: pending (3.2.84-1) [bugfix/all/perf-fix-race-in-swevent-hash.patch]
+3.2-wheezy-security: released (3.2.84-1) [bugfix/all/perf-fix-race-in-swevent-hash.patch]
Modified: active/CVE-2015-8964
===================================================================
--- active/CVE-2015-8964 2016-12-31 19:35:46 UTC (rev 4825)
+++ active/CVE-2015-8964 2017-01-01 08:07:50 UTC (rev 4826)
@@ -15,4 +15,4 @@
3.2-upstream-stable: needed
sid: released (4.5.1-1)
3.16-jessie-security: pending (3.16.39-1) [bugfix/all/tty-prevent-ldisc-drivers-from-re-using-stale-tty-fi.patch]
-3.2-wheezy-security: pending (3.2.84-1) [bugfix/all/tty-prevent-ldisc-drivers-from-re-using-stale-tty-fi.patch]
+3.2-wheezy-security: released (3.2.84-1) [bugfix/all/tty-prevent-ldisc-drivers-from-re-using-stale-tty-fi.patch]
Modified: active/CVE-2016-10088
===================================================================
--- active/CVE-2016-10088 2016-12-31 19:35:46 UTC (rev 4825)
+++ active/CVE-2016-10088 2017-01-01 08:07:50 UTC (rev 4826)
@@ -11,4 +11,4 @@
3.2-upstream-stable: needed
sid: pending (4.8.15-2) [bugfix/all/sg_write-bsg_write-is-not-fit-to-be-called-under-KER.patch]
3.16-jessie-security: pending (3.16.39-1) [bugfix/all/sg_write-bsg_write-is-not-fit-to-be-called-under-ker.patch]
-3.2-wheezy-security: pending (3.2.84-1) [bugfix/all/sg_write-bsg_write-is-not-fit-to-be-called-under-ker.patch]
+3.2-wheezy-security: released (3.2.84-1) [bugfix/all/sg_write-bsg_write-is-not-fit-to-be-called-under-ker.patch]
Modified: active/CVE-2016-7097
===================================================================
--- active/CVE-2016-7097 2016-12-31 19:35:46 UTC (rev 4825)
+++ active/CVE-2016-7097 2017-01-01 08:07:50 UTC (rev 4826)
@@ -10,4 +10,4 @@
3.2-upstream-stable: released (3.2.84) [posix_acl-clear-sgid-bit-when-setting-file-permissions.patch]
sid: released (4.7.8-1) [bugfix/all/posix_acl-clear-sgid-bit-when-setting-file-permissio.patch]
3.16-jessie-security: pending (3.16.39-1)
-3.2-wheezy-security: pending (3.2.84-1)
+3.2-wheezy-security: released (3.2.84-1)
Modified: active/CVE-2016-7910
===================================================================
--- active/CVE-2016-7910 2016-12-31 19:35:46 UTC (rev 4825)
+++ active/CVE-2016-7910 2017-01-01 08:07:50 UTC (rev 4826)
@@ -7,4 +7,4 @@
3.2-upstream-stable: released (3.2.84)
sid: released (4.7.2-1)
3.16-jessie-security: pending (3.16.39-1)
-3.2-wheezy-security: pending (3.2.84-1)
+3.2-wheezy-security: released (3.2.84-1)
Modified: active/CVE-2016-7911
===================================================================
--- active/CVE-2016-7911 2016-12-31 19:35:46 UTC (rev 4825)
+++ active/CVE-2016-7911 2017-01-01 08:07:50 UTC (rev 4826)
@@ -8,4 +8,4 @@
3.2-upstream-stable: needed
sid: released (4.7.2-1)
3.16-jessie-security: pending (3.16.39-1)
-3.2-wheezy-security: pending (3.2.84-1) [bugfix/all/block-fix-use-after-free-in-sys_ioprio_get.patch]
+3.2-wheezy-security: released (3.2.84-1) [bugfix/all/block-fix-use-after-free-in-sys_ioprio_get.patch]
Modified: active/CVE-2016-7915
===================================================================
--- active/CVE-2016-7915 2016-12-31 19:35:46 UTC (rev 4825)
+++ active/CVE-2016-7915 2017-01-01 08:07:50 UTC (rev 4826)
@@ -7,4 +7,4 @@
3.2-upstream-stable: needed
sid: released (4.6.1-1)
3.16-jessie-security: pending (3.16.39-1) [bugfix/all/hid-core-prevent-out-of-bound-readings.patch]
-3.2-wheezy-security: pending (3.2.84-1) [bugfix/all/hid-core-prevent-out-of-bound-readings.patch]
+3.2-wheezy-security: released (3.2.84-1) [bugfix/all/hid-core-prevent-out-of-bound-readings.patch]
Modified: active/CVE-2016-8399
===================================================================
--- active/CVE-2016-8399 2016-12-31 19:35:46 UTC (rev 4825)
+++ active/CVE-2016-8399 2017-01-01 08:07:50 UTC (rev 4826)
@@ -10,4 +10,4 @@
3.2-upstream-stable: needed
sid: released (4.8.15-1)
3.16-jessie-security: pending (3.16.39-1) [bugfix/all/net-ping-check-minimum-size-on-icmp-header-length.patch]
-3.2-wheezy-security: pending (3.2.84-1) [bugfix/all/net-ping-check-minimum-size-on-icmp-header-length.patch]
+3.2-wheezy-security: released (3.2.84-1) [bugfix/all/net-ping-check-minimum-size-on-icmp-header-length.patch]
Modified: active/CVE-2016-8633
===================================================================
--- active/CVE-2016-8633 2016-12-31 19:35:46 UTC (rev 4825)
+++ active/CVE-2016-8633 2017-01-01 08:07:50 UTC (rev 4826)
@@ -8,4 +8,4 @@
3.2-upstream-stable: released (3.2.84) [firewire-net-guard-against-rx-buffer-overflows.patch]
sid: released (4.8.7-1)
3.16-jessie-security: pending (3.16.39-1)
-3.2-wheezy-security: pending (3.2.84-1)
+3.2-wheezy-security: released (3.2.84-1)
Modified: active/CVE-2016-8655
===================================================================
--- active/CVE-2016-8655 2016-12-31 19:35:46 UTC (rev 4825)
+++ active/CVE-2016-8655 2017-01-01 08:07:50 UTC (rev 4826)
@@ -11,4 +11,4 @@
3.2-upstream-stable: needed
sid: released (4.8.15-1)
3.16-jessie-security: pending (3.16.39-1) [bugfix/all/packet-fix-race-condition-in-packet_set_ring.patch]
-3.2-wheezy-security: pending (3.2.84-1) [bugfix/all/packet-fix-race-condition-in-packet_set_ring.patch]
+3.2-wheezy-security: released (3.2.84-1) [bugfix/all/packet-fix-race-condition-in-packet_set_ring.patch]
Modified: active/CVE-2016-9178
===================================================================
--- active/CVE-2016-9178 2016-12-31 19:35:46 UTC (rev 4825)
+++ active/CVE-2016-9178 2017-01-01 08:07:50 UTC (rev 4826)
@@ -14,4 +14,4 @@
3.2-upstream-stable: needed
sid: released (4.7.5-1)
3.16-jessie-security: pending (3.16.39-1) [bugfix/x86/fix-potential-infoleak-in-older-kernels.patch]
-3.2-wheezy-security: pending (3.2.84-1) [bugfix/x86/fix-potential-infoleak-in-older-kernels.patch]
+3.2-wheezy-security: released (3.2.84-1) [bugfix/x86/fix-potential-infoleak-in-older-kernels.patch]
Modified: active/CVE-2016-9555
===================================================================
--- active/CVE-2016-9555 2016-12-31 19:35:46 UTC (rev 4825)
+++ active/CVE-2016-9555 2017-01-01 08:07:50 UTC (rev 4826)
@@ -7,4 +7,4 @@
3.2-upstream-stable: needed
sid: released (4.8.11-1)
3.16-jessie-security: pending (3.16.39-1) [bugfix/all/sctp-validate-chunk-len-before-actually-using-it.patch]
-3.2-wheezy-security: pending (3.2.84-1) [bugfix/all/sctp-validate-chunk-len-before-actually-using-it.patch]
+3.2-wheezy-security: released (3.2.84-1) [bugfix/all/sctp-validate-chunk-len-before-actually-using-it.patch]
Modified: active/CVE-2016-9576
===================================================================
--- active/CVE-2016-9576 2016-12-31 19:35:46 UTC (rev 4825)
+++ active/CVE-2016-9576 2017-01-01 08:07:50 UTC (rev 4826)
@@ -15,4 +15,4 @@
3.2-upstream-stable: needed
sid: released (4.8.15-1)
3.16-jessie-security: pending (3.16.39-1) [bugfix/all/sg_write-bsg_write-is-not-fit-to-be-called-under-ker.patch]
-3.2-wheezy-security: pending (3.2.84-1) [bugfix/all/sg_write-bsg_write-is-not-fit-to-be-called-under-ker.patch]
+3.2-wheezy-security: released (3.2.84-1) [bugfix/all/sg_write-bsg_write-is-not-fit-to-be-called-under-ker.patch]
Modified: active/CVE-2016-9756
===================================================================
--- active/CVE-2016-9756 2016-12-31 19:35:46 UTC (rev 4825)
+++ active/CVE-2016-9756 2017-01-01 08:07:50 UTC (rev 4826)
@@ -8,4 +8,4 @@
3.2-upstream-stable: needed
sid: released (4.8.15-1)
3.16-jessie-security: pending (3.16.39-1) [bugfix/x86/kvm-x86-drop-error-recovery-in-em_jmp_far-and-em_ret.patch]
-3.2-wheezy-security: pending (3.2.84-1) [bugfix/x86/kvm-x86-drop-error-recovery-in-em_jmp_far-and-em_ret.patch]
+3.2-wheezy-security: released (3.2.84-1) [bugfix/x86/kvm-x86-drop-error-recovery-in-em_jmp_far-and-em_ret.patch]
Modified: active/CVE-2016-9793
===================================================================
--- active/CVE-2016-9793 2016-12-31 19:35:46 UTC (rev 4825)
+++ active/CVE-2016-9793 2017-01-01 08:07:50 UTC (rev 4826)
@@ -10,4 +10,4 @@
3.2-upstream-stable: needed
sid: released (4.8.15-1)
3.16-jessie-security: pending (3.16.39-1) [bugfix/all/net-avoid-signed-overflows-for-so_-snd-rcv-bufforce.patch]
-3.2-wheezy-security: pending (3.2.84-1) [bugfix/all/net-avoid-signed-overflows-for-so_-snd-rcv-bufforce.patch]
+3.2-wheezy-security: released (3.2.84-1) [bugfix/all/net-avoid-signed-overflows-for-so_-snd-rcv-bufforce.patch]
Modified: active/CVE-2016-9794
===================================================================
--- active/CVE-2016-9794 2016-12-31 19:35:46 UTC (rev 4825)
+++ active/CVE-2016-9794 2017-01-01 08:07:50 UTC (rev 4826)
@@ -7,4 +7,4 @@
3.2-upstream-stable: needed
sid: released (4.7.2-1)
3.16-jessie-security: pending (3.16.39-1) [bugfix/all/alsa-pcm-call-kill_fasync-in-stream-lock.patch]
-3.2-wheezy-security: pending (3.2.84-1) [bugfix/all/alsa-pcm-call-kill_fasync-in-stream-lock.patch]
+3.2-wheezy-security: released (3.2.84-1) [bugfix/all/alsa-pcm-call-kill_fasync-in-stream-lock.patch]
More information about the kernel-sec-discuss
mailing list