[kernel-sec-discuss] r4826 - active

Salvatore Bonaccorso carnil at moszumanska.debian.org
Sun Jan 1 08:07:51 UTC 2017 

Author: carnil
Date: 2017-01-01 08:07:50 +0000 (Sun, 01 Jan 2017)
New Revision: 4826

Modified:
   active/CVE-2012-6704
   active/CVE-2015-1350
   active/CVE-2015-8962
   active/CVE-2015-8963
   active/CVE-2015-8964
   active/CVE-2016-10088
   active/CVE-2016-7097
   active/CVE-2016-7910
   active/CVE-2016-7911
   active/CVE-2016-7915
   active/CVE-2016-8399
   active/CVE-2016-8633
   active/CVE-2016-8655
   active/CVE-2016-9178
   active/CVE-2016-9555
   active/CVE-2016-9576
   active/CVE-2016-9756
   active/CVE-2016-9793
   active/CVE-2016-9794
Log:
mark 3.2.84-1 as released

Note for 3.16.39-1:

Awaiting to do the same for 3.16.39-1 since technically not yet either
in jessie (neither via jessie-security).

Note: Usualy we track the pending CVEs via data/next-point-release.txt
but this time we might afford it to just merge the entries once the
point release is done.

If someone disagrees on the approach, let me know.

Modified: active/CVE-2012-6704
===================================================================
--- active/CVE-2012-6704	2016-12-31 19:35:46 UTC (rev 4825)
+++ active/CVE-2012-6704	2017-01-01 08:07:50 UTC (rev 4826)
@@ -19,4 +19,4 @@
 3.2-upstream-stable: needed
 sid: released (3.8.11-1)
 3.16-jessie-security: N/A "Fixed before initial 3.16 release"
-3.2-wheezy-security: pending (3.2.84-1) [bugfix/all/net-cleanups-in-sock_setsockopt.patch]
+3.2-wheezy-security: released (3.2.84-1) [bugfix/all/net-cleanups-in-sock_setsockopt.patch]

Modified: active/CVE-2015-1350
===================================================================
--- active/CVE-2015-1350	2016-12-31 19:35:46 UTC (rev 4825)
+++ active/CVE-2015-1350	2017-01-01 08:07:50 UTC (rev 4826)
@@ -11,6 +11,6 @@
 upstream: released (4.9-rc1) [030b533c4fd4d2ec3402363323de4bb2983c9cee]
 sid: released (4.8.11-1) [bugfix/all/xfs-Propagate-dentry-down-to-inode_change_ok.patch, bugfix/all/ceph-Propagate-dentry-down-to-inode_change_ok.patch, bugfix/all/fuse-Propagate-dentry-down-to-inode_change_ok.patch, bugfix/all/fs-Give-dentry-to-inode_change_ok-instead-of-inode.patch, bugfix/all/fs-Avoid-premature-clearing-of-capabilities.patch]
 3.16-jessie-security: pending (3.16.39-1)
-3.2-wheezy-security: pending (3.2.84-1)
+3.2-wheezy-security: released (3.2.84-1)
 3.16-upstream-stable: released (3.16.39) [fs-give-dentry-to-inode_change_ok-instead-of-inode.patch, fs-avoid-premature-clearing-of-capabilities.patch]
 3.2-upstream-stable: released (3.2.84) [fs-give-dentry-to-inode_change_ok-instead-of-inode.patch, fs-avoid-premature-clearing-of-capabilities.patch]

Modified: active/CVE-2015-8962
===================================================================
--- active/CVE-2015-8962	2016-12-31 19:35:46 UTC (rev 4825)
+++ active/CVE-2015-8962	2017-01-01 08:07:50 UTC (rev 4826)
@@ -7,4 +7,4 @@
 3.2-upstream-stable: needed
 sid: released (4.4.2-1)
 3.16-jessie-security: pending (3.16.39-1) [bugfix/all/sg-fix-double-free-when-drives-detach-during-sg_io.patch]
-3.2-wheezy-security: pending (3.2.84-1) [bugfix/all/sg-fix-double-free-when-drives-detach-during-sg_io.patch]
+3.2-wheezy-security: released (3.2.84-1) [bugfix/all/sg-fix-double-free-when-drives-detach-during-sg_io.patch]

Modified: active/CVE-2015-8963
===================================================================
--- active/CVE-2015-8963	2016-12-31 19:35:46 UTC (rev 4825)
+++ active/CVE-2015-8963	2017-01-01 08:07:50 UTC (rev 4826)
@@ -7,4 +7,4 @@
 3.2-upstream-stable: needed
 sid: released (4.4.2-1)
 3.16-jessie-security: pending (3.16.39-1) [bugfix/all/perf-fix-race-in-swevent-hash.patch]
-3.2-wheezy-security: pending (3.2.84-1) [bugfix/all/perf-fix-race-in-swevent-hash.patch]
+3.2-wheezy-security: released (3.2.84-1) [bugfix/all/perf-fix-race-in-swevent-hash.patch]

Modified: active/CVE-2015-8964
===================================================================
--- active/CVE-2015-8964	2016-12-31 19:35:46 UTC (rev 4825)
+++ active/CVE-2015-8964	2017-01-01 08:07:50 UTC (rev 4826)
@@ -15,4 +15,4 @@
 3.2-upstream-stable: needed
 sid: released (4.5.1-1)
 3.16-jessie-security: pending (3.16.39-1) [bugfix/all/tty-prevent-ldisc-drivers-from-re-using-stale-tty-fi.patch]
-3.2-wheezy-security: pending (3.2.84-1) [bugfix/all/tty-prevent-ldisc-drivers-from-re-using-stale-tty-fi.patch]
+3.2-wheezy-security: released (3.2.84-1) [bugfix/all/tty-prevent-ldisc-drivers-from-re-using-stale-tty-fi.patch]

Modified: active/CVE-2016-10088
===================================================================
--- active/CVE-2016-10088	2016-12-31 19:35:46 UTC (rev 4825)
+++ active/CVE-2016-10088	2017-01-01 08:07:50 UTC (rev 4826)
@@ -11,4 +11,4 @@
 3.2-upstream-stable: needed
 sid: pending (4.8.15-2) [bugfix/all/sg_write-bsg_write-is-not-fit-to-be-called-under-KER.patch]
 3.16-jessie-security: pending (3.16.39-1) [bugfix/all/sg_write-bsg_write-is-not-fit-to-be-called-under-ker.patch]
-3.2-wheezy-security: pending (3.2.84-1) [bugfix/all/sg_write-bsg_write-is-not-fit-to-be-called-under-ker.patch]
+3.2-wheezy-security: released (3.2.84-1) [bugfix/all/sg_write-bsg_write-is-not-fit-to-be-called-under-ker.patch]

Modified: active/CVE-2016-7097
===================================================================
--- active/CVE-2016-7097	2016-12-31 19:35:46 UTC (rev 4825)
+++ active/CVE-2016-7097	2017-01-01 08:07:50 UTC (rev 4826)
@@ -10,4 +10,4 @@
 3.2-upstream-stable: released (3.2.84) [posix_acl-clear-sgid-bit-when-setting-file-permissions.patch]
 sid: released (4.7.8-1) [bugfix/all/posix_acl-clear-sgid-bit-when-setting-file-permissio.patch]
 3.16-jessie-security: pending (3.16.39-1)
-3.2-wheezy-security: pending (3.2.84-1)
+3.2-wheezy-security: released (3.2.84-1)

Modified: active/CVE-2016-7910
===================================================================
--- active/CVE-2016-7910	2016-12-31 19:35:46 UTC (rev 4825)
+++ active/CVE-2016-7910	2017-01-01 08:07:50 UTC (rev 4826)
@@ -7,4 +7,4 @@
 3.2-upstream-stable: released (3.2.84)
 sid: released (4.7.2-1)
 3.16-jessie-security: pending (3.16.39-1)
-3.2-wheezy-security: pending (3.2.84-1)
+3.2-wheezy-security: released (3.2.84-1)

Modified: active/CVE-2016-7911
===================================================================
--- active/CVE-2016-7911	2016-12-31 19:35:46 UTC (rev 4825)
+++ active/CVE-2016-7911	2017-01-01 08:07:50 UTC (rev 4826)
@@ -8,4 +8,4 @@
 3.2-upstream-stable: needed
 sid: released (4.7.2-1)
 3.16-jessie-security: pending (3.16.39-1)
-3.2-wheezy-security: pending (3.2.84-1) [bugfix/all/block-fix-use-after-free-in-sys_ioprio_get.patch]
+3.2-wheezy-security: released (3.2.84-1) [bugfix/all/block-fix-use-after-free-in-sys_ioprio_get.patch]

Modified: active/CVE-2016-7915
===================================================================
--- active/CVE-2016-7915	2016-12-31 19:35:46 UTC (rev 4825)
+++ active/CVE-2016-7915	2017-01-01 08:07:50 UTC (rev 4826)
@@ -7,4 +7,4 @@
 3.2-upstream-stable: needed
 sid: released (4.6.1-1)
 3.16-jessie-security: pending (3.16.39-1) [bugfix/all/hid-core-prevent-out-of-bound-readings.patch]
-3.2-wheezy-security: pending (3.2.84-1) [bugfix/all/hid-core-prevent-out-of-bound-readings.patch]
+3.2-wheezy-security: released (3.2.84-1) [bugfix/all/hid-core-prevent-out-of-bound-readings.patch]

Modified: active/CVE-2016-8399
===================================================================
--- active/CVE-2016-8399	2016-12-31 19:35:46 UTC (rev 4825)
+++ active/CVE-2016-8399	2017-01-01 08:07:50 UTC (rev 4826)
@@ -10,4 +10,4 @@
 3.2-upstream-stable: needed
 sid: released (4.8.15-1)
 3.16-jessie-security: pending (3.16.39-1) [bugfix/all/net-ping-check-minimum-size-on-icmp-header-length.patch]
-3.2-wheezy-security: pending (3.2.84-1) [bugfix/all/net-ping-check-minimum-size-on-icmp-header-length.patch]
+3.2-wheezy-security: released (3.2.84-1) [bugfix/all/net-ping-check-minimum-size-on-icmp-header-length.patch]

Modified: active/CVE-2016-8633
===================================================================
--- active/CVE-2016-8633	2016-12-31 19:35:46 UTC (rev 4825)
+++ active/CVE-2016-8633	2017-01-01 08:07:50 UTC (rev 4826)
@@ -8,4 +8,4 @@
 3.2-upstream-stable: released (3.2.84) [firewire-net-guard-against-rx-buffer-overflows.patch]
 sid: released (4.8.7-1)
 3.16-jessie-security: pending (3.16.39-1)
-3.2-wheezy-security: pending (3.2.84-1)
+3.2-wheezy-security: released (3.2.84-1)

Modified: active/CVE-2016-8655
===================================================================
--- active/CVE-2016-8655	2016-12-31 19:35:46 UTC (rev 4825)
+++ active/CVE-2016-8655	2017-01-01 08:07:50 UTC (rev 4826)
@@ -11,4 +11,4 @@
 3.2-upstream-stable: needed
 sid: released (4.8.15-1)
 3.16-jessie-security: pending (3.16.39-1) [bugfix/all/packet-fix-race-condition-in-packet_set_ring.patch]
-3.2-wheezy-security: pending (3.2.84-1) [bugfix/all/packet-fix-race-condition-in-packet_set_ring.patch]
+3.2-wheezy-security: released (3.2.84-1) [bugfix/all/packet-fix-race-condition-in-packet_set_ring.patch]

Modified: active/CVE-2016-9178
===================================================================
--- active/CVE-2016-9178	2016-12-31 19:35:46 UTC (rev 4825)
+++ active/CVE-2016-9178	2017-01-01 08:07:50 UTC (rev 4826)
@@ -14,4 +14,4 @@
 3.2-upstream-stable: needed
 sid: released (4.7.5-1)
 3.16-jessie-security: pending (3.16.39-1) [bugfix/x86/fix-potential-infoleak-in-older-kernels.patch]
-3.2-wheezy-security: pending (3.2.84-1) [bugfix/x86/fix-potential-infoleak-in-older-kernels.patch]
+3.2-wheezy-security: released (3.2.84-1) [bugfix/x86/fix-potential-infoleak-in-older-kernels.patch]

Modified: active/CVE-2016-9555
===================================================================
--- active/CVE-2016-9555	2016-12-31 19:35:46 UTC (rev 4825)
+++ active/CVE-2016-9555	2017-01-01 08:07:50 UTC (rev 4826)
@@ -7,4 +7,4 @@
 3.2-upstream-stable: needed
 sid: released (4.8.11-1)
 3.16-jessie-security: pending (3.16.39-1) [bugfix/all/sctp-validate-chunk-len-before-actually-using-it.patch]
-3.2-wheezy-security: pending (3.2.84-1) [bugfix/all/sctp-validate-chunk-len-before-actually-using-it.patch]
+3.2-wheezy-security: released (3.2.84-1) [bugfix/all/sctp-validate-chunk-len-before-actually-using-it.patch]

Modified: active/CVE-2016-9576
===================================================================
--- active/CVE-2016-9576	2016-12-31 19:35:46 UTC (rev 4825)
+++ active/CVE-2016-9576	2017-01-01 08:07:50 UTC (rev 4826)
@@ -15,4 +15,4 @@
 3.2-upstream-stable: needed
 sid: released (4.8.15-1)
 3.16-jessie-security: pending (3.16.39-1) [bugfix/all/sg_write-bsg_write-is-not-fit-to-be-called-under-ker.patch]
-3.2-wheezy-security: pending (3.2.84-1) [bugfix/all/sg_write-bsg_write-is-not-fit-to-be-called-under-ker.patch]
+3.2-wheezy-security: released (3.2.84-1) [bugfix/all/sg_write-bsg_write-is-not-fit-to-be-called-under-ker.patch]

Modified: active/CVE-2016-9756
===================================================================
--- active/CVE-2016-9756	2016-12-31 19:35:46 UTC (rev 4825)
+++ active/CVE-2016-9756	2017-01-01 08:07:50 UTC (rev 4826)
@@ -8,4 +8,4 @@
 3.2-upstream-stable: needed
 sid: released (4.8.15-1)
 3.16-jessie-security: pending (3.16.39-1) [bugfix/x86/kvm-x86-drop-error-recovery-in-em_jmp_far-and-em_ret.patch]
-3.2-wheezy-security: pending (3.2.84-1) [bugfix/x86/kvm-x86-drop-error-recovery-in-em_jmp_far-and-em_ret.patch]
+3.2-wheezy-security: released (3.2.84-1) [bugfix/x86/kvm-x86-drop-error-recovery-in-em_jmp_far-and-em_ret.patch]

Modified: active/CVE-2016-9793
===================================================================
--- active/CVE-2016-9793	2016-12-31 19:35:46 UTC (rev 4825)
+++ active/CVE-2016-9793	2017-01-01 08:07:50 UTC (rev 4826)
@@ -10,4 +10,4 @@
 3.2-upstream-stable: needed
 sid: released (4.8.15-1)
 3.16-jessie-security: pending (3.16.39-1) [bugfix/all/net-avoid-signed-overflows-for-so_-snd-rcv-bufforce.patch]
-3.2-wheezy-security: pending (3.2.84-1) [bugfix/all/net-avoid-signed-overflows-for-so_-snd-rcv-bufforce.patch]
+3.2-wheezy-security: released (3.2.84-1) [bugfix/all/net-avoid-signed-overflows-for-so_-snd-rcv-bufforce.patch]

Modified: active/CVE-2016-9794
===================================================================
--- active/CVE-2016-9794	2016-12-31 19:35:46 UTC (rev 4825)
+++ active/CVE-2016-9794	2017-01-01 08:07:50 UTC (rev 4826)
@@ -7,4 +7,4 @@
 3.2-upstream-stable: needed
 sid: released (4.7.2-1)
 3.16-jessie-security: pending (3.16.39-1) [bugfix/all/alsa-pcm-call-kill_fasync-in-stream-lock.patch]
-3.2-wheezy-security: pending (3.2.84-1) [bugfix/all/alsa-pcm-call-kill_fasync-in-stream-lock.patch]
+3.2-wheezy-security: released (3.2.84-1) [bugfix/all/alsa-pcm-call-kill_fasync-in-stream-lock.patch]

More information about the kernel-sec-discuss mailing list