[kernel-sec-discuss] r5415 - active

Ben Hutchings benh at moszumanska.debian.org
Sat Jul 15 13:43:28 UTC 2017 

Author: benh
Date: 2017-07-15 13:43:28 +0000 (Sat, 15 Jul 2017)
New Revision: 5415

Modified:
   active/CVE-2017-1000363
   active/CVE-2017-1000365
   active/CVE-2017-1000380
   active/CVE-2017-10911
   active/CVE-2017-7889
   active/CVE-2017-9605
Log:
Mark issues pending for 3.{2,16}-upstream-stable

Modified: active/CVE-2017-1000363
===================================================================
--- active/CVE-2017-1000363	2017-07-15 12:44:38 UTC (rev 5414)
+++ active/CVE-2017-1000363	2017-07-15 13:43:28 UTC (rev 5415)
@@ -4,8 +4,8 @@
 Bugs:
 upstream: released (4.12-rc2) [3e21f4af170bebf47c187c1ff8bf155583c9f3b1]
 4.9-upstream-stable: released (4.9.30) [5d263d94a870a774a24acb2a2cc1e79ef39c2416]
-3.16-upstream-stable: needed
-3.2-upstream-stable: needed
+3.16-upstream-stable: pending (3.16.46) [char-lp-fix-possible-integer-overflow-in-lp_setup.patch]
+3.2-upstream-stable: pending (3.2.91) [char-lp-fix-possible-integer-overflow-in-lp_setup.patch]
 sid: released (4.9.30-1)
 4.9-stretch-security: N/A "Fixed before branching point"
 3.16-jessie-security: needed

Modified: active/CVE-2017-1000365
===================================================================
--- active/CVE-2017-1000365	2017-07-15 12:44:38 UTC (rev 5414)
+++ active/CVE-2017-1000365	2017-07-15 13:43:28 UTC (rev 5415)
@@ -6,8 +6,8 @@
 Bugs:
 upstream: released (4.12-rc7) [98da7d08850fb8bdeb395d6368ed15753304aa0c]
 4.9-upstream-stable: released (4.9.35) [3d6848e491df6abbf5fb5b1fabb7a5df2e2b8f4f]
-3.16-upstream-stable: needed
-3.2-upstream-stable: needed
+3.16-upstream-stable: pending (3.16.46) [fs-exec.c-account-for-argv-envp-pointers.patch]
+3.2-upstream-stable: pending (3.2.91) [fs-exec.c-account-for-argv-envp-pointers.patch]
 sid: pending (4.11.9-1)
 4.9-stretch-security: needed
 3.16-jessie-security: needed

Modified: active/CVE-2017-1000380
===================================================================
--- active/CVE-2017-1000380	2017-07-15 12:44:38 UTC (rev 5414)
+++ active/CVE-2017-1000380	2017-07-15 13:43:28 UTC (rev 5415)
@@ -5,8 +5,8 @@
 Bugs:
 upstream: released (4.12-rc5) [d11662f4f798b50d8c8743f433842c3e40fe3378, ba3021b2c79b2fa9114f92790a99deb27a65b728]
 4.9-upstream-stable: released (4.9.32) [66e982d8f1a1f5e151377fe37612e9151e552dc9, 82ecd2f054bd778eeb97c775c915b052e2941c79]
-3.16-upstream-stable: needed
-3.2-upstream-stable: needed
+3.16-upstream-stable: pending (3.16.46) [alsa-timer-fix-race-between-read-and-ioctl.patch, alsa-timer-fix-missing-queue-indices-reset-at.patch]
+3.2-upstream-stable: pending (3.2.91) [alsa-timer-fix-race-between-read-and-ioctl.patch, alsa-timer-fix-missing-queue-indices-reset-at.patch]
 sid: released (4.11.6-1)
 4.9-stretch-security: needed
 3.16-jessie-security: needed

Modified: active/CVE-2017-10911
===================================================================
--- active/CVE-2017-10911	2017-07-15 12:44:38 UTC (rev 5414)
+++ active/CVE-2017-10911	2017-07-15 13:43:28 UTC (rev 5415)
@@ -5,8 +5,8 @@
 Bugs:
 upstream: released (4.12-rc7) [089bc0143f489bd3a4578bdff5f4ca68fb26f341]
 4.9-upstream-stable: released (4.9.35) [4ae2cb91a6365a6472fad7f04785cc0420ea5ada]
-3.16-upstream-stable: needed
-3.2-upstream-stable: needed
+3.16-upstream-stable: pending (3.16.46) [xen-blkback-don-t-leak-stack-data-via-response-ring.patch]
+3.2-upstream-stable: pending (3.2.91) [xen-blkback-don-t-leak-stack-data-via-response-ring.patch]
 sid: pending (4.11.9-1)
 4.9-stretch-security: needed
 3.16-jessie-security: needed

Modified: active/CVE-2017-7889
===================================================================
--- active/CVE-2017-7889	2017-07-15 12:44:38 UTC (rev 5414)
+++ active/CVE-2017-7889	2017-07-15 13:43:28 UTC (rev 5415)
@@ -9,8 +9,8 @@
 Bugs:
 upstream: released (4.11-rc7) [a4866aa812518ed1a37d8ea0c881dc946409de94]
 4.9-upstream-stable: released (4.9.24) [2c0ad235ac77f2fc2eee593bf06822cad772e0e2]
-3.16-upstream-stable: needed
-3.2-upstream-stable: needed
+3.16-upstream-stable: pending (3.16.46) [mm-tighten-x86-dev-mem-with-zeroing-reads.patch]
+3.2-upstream-stable: pending (3.2.91) [mm-tighten-x86-dev-mem-with-zeroing-reads.patch]
 sid: released (4.9.25-1)
 4.9-stretch-security: N/A "Fixed before branching point"
 3.16-jessie-security: needed

Modified: active/CVE-2017-9605
===================================================================
--- active/CVE-2017-9605	2017-07-15 12:44:38 UTC (rev 5414)
+++ active/CVE-2017-9605	2017-07-15 13:43:28 UTC (rev 5415)
@@ -6,7 +6,7 @@
 Bugs:
 upstream: released (4.12-rc5) [07678eca2cf9c9a18584e546c2b2a0d0c9a3150c]
 4.9-upstream-stable: released (4.9.32) [7860d0e5e2bf986d4bd06e7b029786747b5dc766]
-3.16-upstream-stable: needed
+3.16-upstream-stable: pending (3.16.46) [drm-vmwgfx-make-sure-backup_handle-is-always-valid.patch]
 3.2-upstream-stable: N/A "Vulnerable code not present"
 sid: released (4.11.6-1)
 4.9-stretch-security: needed

More information about the kernel-sec-discuss mailing list