[kernel-sec-discuss] r5111 - active

Ben Hutchings benh at moszumanska.debian.org
Wed Mar 29 03:29:23 UTC 2017 

Author: benh
Date: 2017-03-29 03:29:23 +0000 (Wed, 29 Mar 2017)
New Revision: 5111

Modified:
   active/CVE-2017-7187
   active/CVE-2017-7261
Log:
Fill in public details for new issues

Modified: active/CVE-2017-7187
===================================================================
--- active/CVE-2017-7187	2017-03-28 10:10:26 UTC (rev 5110)
+++ active/CVE-2017-7187	2017-03-29 03:29:23 UTC (rev 5111)
@@ -3,11 +3,12 @@
  https://gist.github.com/dvyukov/48ad14e84de45b0be92b7f0eda20ff1b
  https://git.kernel.org/pub/scm/linux/kernel/git/mkp/scsi.git/commit/?h=4.11/scsi-fixes&id=bf33f87dd04c371ea33feb821b60d63d754e3124
 Notes:
+ bwh> Introduced in 3.17 by 65c26a0f3969 "sg: relax 16 byte cdb restriction"
 Bugs:
-upstream:
-4.9-upstream-stable:
-3.16-upstream-stable:
-3.2-upstream-stable:
-sid:
-3.16-jessie-security:
-3.2-wheezy-security:
+upstream: needed
+4.9-upstream-stable: needed
+3.16-upstream-stable: N/A "Range check never removed"
+3.2-upstream-stable: N/A "Range check never removed"
+sid: needed
+3.16-jessie-security: N/A "Range check never removed"
+3.2-wheezy-security: N/A "Range check never removed"

Modified: active/CVE-2017-7261
===================================================================
--- active/CVE-2017-7261	2017-03-28 10:10:26 UTC (rev 5110)
+++ active/CVE-2017-7261	2017-03-29 03:29:23 UTC (rev 5111)
@@ -3,12 +3,17 @@
  https://lists.freedesktop.org/archives/dri-devel/2017-March/136814.html
  https://bugzilla.redhat.com/show_bug.cgi?id=1435719
  https://marc.info/?t=149037004200005&r=1&w=2
+ https://cgit.freedesktop.org/mesa/vmwgfx/commit/?id=e904061d2c8968429954be87ad1cc45526510812
 Notes:
+ bwh> This seems to have been discovered independently by Murray
+ bwh> McAllister, Vladis Dronov and Li Qiang, resulting in three
+ bwh> slightly different fixes.  Murray McAllister's version was
+ bwh> applied upstream.
 Bugs:
-upstream:
-4.9-upstream-stable:
-3.16-upstream-stable:
-3.2-upstream-stable:
-sid:
-3.16-jessie-security:
-3.2-wheezy-security:
+upstream: needed
+4.9-upstream-stable: needed
+3.16-upstream-stable: needed
+3.2-upstream-stable: needed
+sid: needed
+3.16-jessie-security: needed
+3.2-wheezy-security: needed

More information about the kernel-sec-discuss mailing list