[kernel-sec-discuss] r5440 - active
Salvatore Bonaccorso
carnil at moszumanska.debian.org
Wed Jul 26 21:37:30 UTC 2017
Author: carnil
Date: 2017-07-26 21:37:29 +0000 (Wed, 26 Jul 2017)
New Revision: 5440
Modified:
active/CVE-2017-1000365
active/CVE-2017-10810
active/CVE-2017-10911
active/CVE-2017-11176
active/CVE-2017-7542
active/CVE-2017-9605
Log:
Mark more CVEs as pending for 4.9.30-2+deb9u3
Modified: active/CVE-2017-1000365
===================================================================
--- active/CVE-2017-1000365 2017-07-26 20:44:10 UTC (rev 5439)
+++ active/CVE-2017-1000365 2017-07-26 21:37:29 UTC (rev 5440)
@@ -9,6 +9,6 @@
3.16-upstream-stable: released (3.16.46) [d7575b387f81c1a92e32c25dcb6a0e14458ae66c]
3.2-upstream-stable: released (3.2.91) [cea299eb189fca09c413432b807abd607385b3bc]
sid: released (4.11.11-1)
-4.9-stretch-security: needed
+4.9-stretch-security: pending (4.9.30-2+deb9u3) [bugfix/all/fs-exec.c-account-for-argv-envp-pointers.patch]
3.16-jessie-security: needed
3.2-wheezy-security: needed
Modified: active/CVE-2017-10810
===================================================================
--- active/CVE-2017-10810 2017-07-26 20:44:10 UTC (rev 5439)
+++ active/CVE-2017-10810 2017-07-26 21:37:29 UTC (rev 5440)
@@ -7,6 +7,6 @@
3.16-upstream-stable: N/A "Vulnerable code not present"
3.2-upstream-stable: N/A "Vulnerable code not present"
sid: released (4.11.11-1)
-4.9-stretch-security: needed
+4.9-stretch-security: pending (4.9.30-2+deb9u3) [bugfix/all/drm-virtio-don-t-leak-bo-on-drm_gem_object_init-fail.patch]
3.16-jessie-security: N/A "Vulnerable code not present"
3.2-wheezy-security: N/A "Vulnerable code not present"
Modified: active/CVE-2017-10911
===================================================================
--- active/CVE-2017-10911 2017-07-26 20:44:10 UTC (rev 5439)
+++ active/CVE-2017-10911 2017-07-26 21:37:29 UTC (rev 5440)
@@ -8,6 +8,6 @@
3.16-upstream-stable: released (3.16.46) [d2cc7a18d6342a7025afd16aac6753ad02d788e5]
3.2-upstream-stable: released (3.2.91) [cc21fe1ff77acfab555df5577ea46fc89932f3b2]
sid: released (4.11.11-1)
-4.9-stretch-security: needed
+4.9-stretch-security: pending (4.9.30-2+deb9u3) [bugfix/all/xen-blkback-don-t-leak-stack-data-via-response-ring.patch]
3.16-jessie-security: needed
3.2-wheezy-security: needed
Modified: active/CVE-2017-11176
===================================================================
--- active/CVE-2017-11176 2017-07-26 20:44:10 UTC (rev 5439)
+++ active/CVE-2017-11176 2017-07-26 21:37:29 UTC (rev 5440)
@@ -9,6 +9,6 @@
3.16-upstream-stable: needed
3.2-upstream-stable: needed
sid: released (4.11.11-1)
-4.9-stretch-security: needed
+4.9-stretch-security: pending (4.9.30-2+deb9u3) [bugfix/all/mqueue-fix-a-use-after-free-in-sys_mq_notify.patch]
3.16-jessie-security: needed
3.2-wheezy-security: needed
Modified: active/CVE-2017-7542
===================================================================
--- active/CVE-2017-7542 2017-07-26 20:44:10 UTC (rev 5439)
+++ active/CVE-2017-7542 2017-07-26 21:37:29 UTC (rev 5440)
@@ -7,6 +7,6 @@
3.16-upstream-stable:
3.2-upstream-stable:
sid:
-4.9-stretch-security:
+4.9-stretch-security: pending (4.9.30-2+deb9u3) [bugfix/all/ipv6-avoid-overflow-of-offset-in-ip6_find_1stfragopt.patch]
3.16-jessie-security:
3.2-wheezy-security:
Modified: active/CVE-2017-9605
===================================================================
--- active/CVE-2017-9605 2017-07-26 20:44:10 UTC (rev 5439)
+++ active/CVE-2017-9605 2017-07-26 21:37:29 UTC (rev 5440)
@@ -9,6 +9,6 @@
3.16-upstream-stable: released (3.16.46) [26823129d84c6ca3e12b17af7a8e78c579b3bca5]
3.2-upstream-stable: N/A "Vulnerable code not present"
sid: released (4.11.6-1)
-4.9-stretch-security: needed
+4.9-stretch-security: pending (4.9.30-2+deb9u3) [bugfix/x86/drm-vmwgfx-Make-sure-backup_handle-is-always-valid.patch]
3.16-jessie-security: needed
3.2-wheezy-security: N/A "Vulnerable code not present"
More information about the kernel-sec-discuss
mailing list