[kernel-sec-discuss] r5034 - active
Ben Hutchings
benh at moszumanska.debian.org
Sun Mar 5 21:15:28 UTC 2017
Author: benh
Date: 2017-03-05 21:15:28 +0000 (Sun, 05 Mar 2017)
New Revision: 5034
Modified:
active/CVE-2016-10044
Log:
Add more details for CVE-2016-10044, and ignore it for 3.2
Modified: active/CVE-2016-10044
===================================================================
--- active/CVE-2016-10044 2017-03-05 18:52:41 UTC (rev 5033)
+++ active/CVE-2016-10044 2017-03-05 21:15:28 UTC (rev 5034)
@@ -7,13 +7,16 @@
bwh> I think carnil pasted the wrong hash above. Anyway, I wrote a test
bwh> program and verified this does affect 3.2 and 3.16.
bwh> Dependencies for 3.16:
+ bwh> 46b15caa7cb1 vfs, writeback: replace FS_CGROUP_WRITEBACK with SB_I_CGROUPWB
bwh> 90f8572b0f02 vfs: Commit to never having exectuables on proc and sysfs.
- bwh> This may not be practical to fix for 3.2.
+ bwh> Alternately we could assign a filesystem type flag instead of a superblock
+ bwh> internal flag. This is not practical to fix for 3.2, where aio does not
+ bwh> have a filesystem.
Bugs:
upstream: released (4.8-rc7) [22f6b4d34fcf039c63a94e7670e0da24f8575a5a]
4.9-upstream-stable: N/A "Fixed before branch point"
3.16-upstream-stable: needed
-3.2-upstream-stable: needed
+3.2-upstream-stable: ignored "changes required are too invasive"
sid: released (4.7.8-1)
3.16-jessie-security: needed
-3.2-wheezy-security: needed
+3.2-wheezy-security: ignored "changes required are too invasive"
More information about the kernel-sec-discuss
mailing list