[kernel-sec-discuss] r5064 - active retired
Salvatore Bonaccorso
carnil at moszumanska.debian.org
Wed Mar 8 16:55:50 UTC 2017
Author: carnil
Date: 2017-03-08 16:55:50 +0000 (Wed, 08 Mar 2017)
New Revision: 5064
Added:
retired/CVE-2016-9588
retired/CVE-2017-6214
retired/CVE-2017-6347
Removed:
active/CVE-2016-9588
active/CVE-2017-6214
active/CVE-2017-6347
Log:
Retire CVEs fixed everywhere
Deleted: active/CVE-2016-9588
===================================================================
--- active/CVE-2016-9588 2017-03-08 16:53:01 UTC (rev 5063)
+++ active/CVE-2016-9588 2017-03-08 16:55:50 UTC (rev 5064)
@@ -1,12 +0,0 @@
-Description: kvm: nVMX: uncaught software exceptions in L1 guest lead to DoS
-References:
- https://www.spinics.net/lists/kvm/msg142495.html
-Notes:
-Bugs:
-upstream: released (4.10-rc1) [ef85b67385436ddc1998f45f1d6a210f935b3388]
-4.9-upstream-stable: released (4.9.2) [3f618a0b872fea38c7d1d1f79eda40f88c6466c2]
-3.16-upstream-stable: released (3.16.41) [kvm-nvmx-allow-l1-to-intercept-software-exceptions-bp-and-of.patch]
-3.2-upstream-stable: released (3.2.86) [kvm-nvmx-allow-l1-to-intercept-software-exceptions-bp-and-of.patch]
-sid: released (4.8.15-2) [bugfix/all/kvm-nVMX-Allow-L1-to-intercept-software-exceptions-B.patch]
-3.16-jessie-security: released (3.16.39-1+deb8u2) [bugfix/x86/kvm-nvmx-allow-l1-to-intercept-software-exceptions-bp-and-of.patch]
-3.2-wheezy-security: released (3.2.86-1)
Deleted: active/CVE-2017-6214
===================================================================
--- active/CVE-2017-6214 2017-03-08 16:53:01 UTC (rev 5063)
+++ active/CVE-2017-6214 2017-03-08 16:55:50 UTC (rev 5064)
@@ -1,11 +0,0 @@
-Description: tcp: avoid infinite loop in tcp_splice_read()
-References:
-Notes:
-Bugs:
-upstream: released (4.10-rc8) [ccf7abb93af09ad0868ae9033d1ca8108bdaec82]
-4.9-upstream-stable: released (4.9.11) [0f895f51a831d73ce24158534784aba5b2a72a9e]
-3.16-upstream-stable: released (3.16.41) [tcp-avoid-infinite-loop-in-tcp_splice_read.patch]
-3.2-upstream-stable: released (3.2.86) [tcp-avoid-infinite-loop-in-tcp_splice_read.patch]
-sid: released (4.9.13-1)
-3.16-jessie-security: released (3.16.39-1+deb8u2) [bugfix/all/tcp-avoid-infinite-loop-in-tcp_splice_read.patch]
-3.2-wheezy-security: released (3.2.86-1)
Deleted: active/CVE-2017-6347
===================================================================
--- active/CVE-2017-6347 2017-03-08 16:53:01 UTC (rev 5063)
+++ active/CVE-2017-6347 2017-03-08 16:55:50 UTC (rev 5064)
@@ -1,13 +0,0 @@
-Description: ip: fix IP_CHECKSUM handling
-References:
-Notes:
- bwh> Introduced in 4.0 by commit ad6f939ab193 "ip: Add offset parameter to
- bwh> ip_cmsg_recv".
-Bugs:
-upstream: released (4.11-rc1) [ca4ef4574f1ee5252e2cd365f8f5d5bafd048f32]
-4.9-upstream-stable: released (4.9.13) [481aedf869fbf2d4503ca0005dbd68b78422955a]
-3.16-upstream-stable: N/A "Vulnerable code not present"
-3.2-upstream-stable: N/A "Vulnerable code not present"
-sid: released (4.9.13-1)
-3.16-jessie-security: N/A "Vulnerable code not present"
-3.2-wheezy-security: N/A "Vulnerable code not present"
Copied: retired/CVE-2016-9588 (from rev 5063, active/CVE-2016-9588)
===================================================================
--- retired/CVE-2016-9588 (rev 0)
+++ retired/CVE-2016-9588 2017-03-08 16:55:50 UTC (rev 5064)
@@ -0,0 +1,12 @@
+Description: kvm: nVMX: uncaught software exceptions in L1 guest lead to DoS
+References:
+ https://www.spinics.net/lists/kvm/msg142495.html
+Notes:
+Bugs:
+upstream: released (4.10-rc1) [ef85b67385436ddc1998f45f1d6a210f935b3388]
+4.9-upstream-stable: released (4.9.2) [3f618a0b872fea38c7d1d1f79eda40f88c6466c2]
+3.16-upstream-stable: released (3.16.41) [kvm-nvmx-allow-l1-to-intercept-software-exceptions-bp-and-of.patch]
+3.2-upstream-stable: released (3.2.86) [kvm-nvmx-allow-l1-to-intercept-software-exceptions-bp-and-of.patch]
+sid: released (4.8.15-2) [bugfix/all/kvm-nVMX-Allow-L1-to-intercept-software-exceptions-B.patch]
+3.16-jessie-security: released (3.16.39-1+deb8u2) [bugfix/x86/kvm-nvmx-allow-l1-to-intercept-software-exceptions-bp-and-of.patch]
+3.2-wheezy-security: released (3.2.86-1)
Copied: retired/CVE-2017-6214 (from rev 5063, active/CVE-2017-6214)
===================================================================
--- retired/CVE-2017-6214 (rev 0)
+++ retired/CVE-2017-6214 2017-03-08 16:55:50 UTC (rev 5064)
@@ -0,0 +1,11 @@
+Description: tcp: avoid infinite loop in tcp_splice_read()
+References:
+Notes:
+Bugs:
+upstream: released (4.10-rc8) [ccf7abb93af09ad0868ae9033d1ca8108bdaec82]
+4.9-upstream-stable: released (4.9.11) [0f895f51a831d73ce24158534784aba5b2a72a9e]
+3.16-upstream-stable: released (3.16.41) [tcp-avoid-infinite-loop-in-tcp_splice_read.patch]
+3.2-upstream-stable: released (3.2.86) [tcp-avoid-infinite-loop-in-tcp_splice_read.patch]
+sid: released (4.9.13-1)
+3.16-jessie-security: released (3.16.39-1+deb8u2) [bugfix/all/tcp-avoid-infinite-loop-in-tcp_splice_read.patch]
+3.2-wheezy-security: released (3.2.86-1)
Copied: retired/CVE-2017-6347 (from rev 5063, active/CVE-2017-6347)
===================================================================
--- retired/CVE-2017-6347 (rev 0)
+++ retired/CVE-2017-6347 2017-03-08 16:55:50 UTC (rev 5064)
@@ -0,0 +1,13 @@
+Description: ip: fix IP_CHECKSUM handling
+References:
+Notes:
+ bwh> Introduced in 4.0 by commit ad6f939ab193 "ip: Add offset parameter to
+ bwh> ip_cmsg_recv".
+Bugs:
+upstream: released (4.11-rc1) [ca4ef4574f1ee5252e2cd365f8f5d5bafd048f32]
+4.9-upstream-stable: released (4.9.13) [481aedf869fbf2d4503ca0005dbd68b78422955a]
+3.16-upstream-stable: N/A "Vulnerable code not present"
+3.2-upstream-stable: N/A "Vulnerable code not present"
+sid: released (4.9.13-1)
+3.16-jessie-security: N/A "Vulnerable code not present"
+3.2-wheezy-security: N/A "Vulnerable code not present"
More information about the kernel-sec-discuss
mailing list