[kernel-sec-discuss] r5262 - active retired

Salvatore Bonaccorso carnil at moszumanska.debian.org
Tue May 2 19:45:37 UTC 2017 

Author: carnil
Date: 2017-05-02 19:45:37 +0000 (Tue, 02 May 2017)
New Revision: 5262

Added:
   retired/CVE-2017-7374
   retired/CVE-2017-8061
   retired/CVE-2017-8063
   retired/CVE-2017-8067
Removed:
   active/CVE-2017-7374
   active/CVE-2017-8061
   active/CVE-2017-8063
   active/CVE-2017-8067
Log:
Retire four CVEs

Deleted: active/CVE-2017-7374
===================================================================
--- active/CVE-2017-7374	2017-05-02 19:42:50 UTC (rev 5261)
+++ active/CVE-2017-7374	2017-05-02 19:45:37 UTC (rev 5262)
@@ -1,13 +0,0 @@
-Description: fscrypt: remove broken support for detecting keyring key revocation
-References:
-Notes:
- carnil> Commit fixes b7236e21d55f ("ext4 crypto: reorganize how we
- carnil> store keys in the inode") introduced in 4.2-rc1.
-Bugs:
-upstream: released (4.11-rc4) [1b53cf9815bb4744958d41f3795d5d5a1d365e2d]
-4.9-upstream-stable: released (4.9.20) [2984e52c75c657db7901f6189f02e0251ca963c2]
-3.16-upstream-stable: N/A "Intoduced in 4.2-rc1 with b7236e21d55ff9008737621c84dd8ee6c37c7c6d"
-3.2-upstream-stable: N/A "Intoduced in 4.2-rc1 with b7236e21d55ff9008737621c84dd8ee6c37c7c6d"
-sid: released (4.9.25-1)
-3.16-jessie-security: N/A "Vulnerable code not present"
-3.2-wheezy-security: N/A "Vulnerable code not present"

Deleted: active/CVE-2017-8061
===================================================================
--- active/CVE-2017-8061	2017-05-02 19:42:50 UTC (rev 5261)
+++ active/CVE-2017-8061	2017-05-02 19:45:37 UTC (rev 5262)
@@ -1,11 +0,0 @@
-Description: dvb-usb-firmware: don't do DMA on stack
-References:
-Notes:
-Bugs:
-upstream: released (4.11-rc4) [67b0503db9c29b04eadfeede6bebbfe5ddad94ef]
-4.9-upstream-stable: released (4.9.24) [28d1e8b7ef81d254583f68627095f8a85e39597d]
-3.16-upstream-stable: N/A "Vulnerability introduced with the introduction of VMAP_STACK in 4.9-rc1"
-3.2-upstream-stable: N/A "Vulnerability introduced with the introduction of VMAP_STACK in 4.9-rc1"
-sid: released (4.9.25-1)
-3.16-jessie-security: N/A "Vulnerability introduced with the introduction of VMAP_STACK in 4.9-rc1"
-3.2-wheezy-security: N/A "Vulnerability introduced with the introduction of VMAP_STACK in 4.9-rc1"

Deleted: active/CVE-2017-8063
===================================================================
--- active/CVE-2017-8063	2017-05-02 19:42:50 UTC (rev 5261)
+++ active/CVE-2017-8063	2017-05-02 19:45:37 UTC (rev 5262)
@@ -1,11 +0,0 @@
-Description: [media] cxusb: Use a dma capable buffer also for reading
-References:
-Notes:
-Bugs:
-upstream: released (4.11-rc1) [3f190e3aec212fc8c61e202c51400afa7384d4bc]
-4.9-upstream-stable: released (4.9.24) ([fb00319317c152bf3528df13a54c28bf8c5daa55]
-3.16-upstream-stable: N/A "introduced in 4.9-rc4 with 17ce039b4e54"
-3.2-upstream-stable: N/A "introduced in 4.9-rc4 with 17ce039b4e54"
-sid: released (4.9.25-1)
-3.16-jessie-security: N/A "Vulnerable code not present"
-3.2-wheezy-security: N/A "Vulnerable code not present"

Deleted: active/CVE-2017-8067
===================================================================
--- active/CVE-2017-8067	2017-05-02 19:42:50 UTC (rev 5261)
+++ active/CVE-2017-8067	2017-05-02 19:45:37 UTC (rev 5262)
@@ -1,11 +0,0 @@
-Description: virtio-console: avoid DMA from stack
-References:
-Notes:
-Bugs:
-upstream: released (4.11-rc1) [c4baad50297d84bde1a7ad45e50c73adae4a2192]
-4.9-upstream-stable: released (4.9.24) [86c6667f6a5f6bdb392d8ffbe58fbcbcf6db2704]
-3.16-upstream-stable: N/A "Vulnerability introduced with the introduction of VMAP_STACK in 4.9-rc1"
-3.2-upstream-stable: N/A "Vulnerability introduced with the introduction of VMAP_STACK in 4.9-rc1"
-sid: released (4.9.25-1)
-3.16-jessie-security: N/A "Vulnerability introduced with the introduction of VMAP_STACK in 4.9-rc1"
-3.2-wheezy-security: N/A "Vulnerability introduced with the introduction of VMAP_STACK in 4.9-rc1"

Copied: retired/CVE-2017-7374 (from rev 5261, active/CVE-2017-7374)
===================================================================
--- retired/CVE-2017-7374	                        (rev 0)
+++ retired/CVE-2017-7374	2017-05-02 19:45:37 UTC (rev 5262)
@@ -0,0 +1,13 @@
+Description: fscrypt: remove broken support for detecting keyring key revocation
+References:
+Notes:
+ carnil> Commit fixes b7236e21d55f ("ext4 crypto: reorganize how we
+ carnil> store keys in the inode") introduced in 4.2-rc1.
+Bugs:
+upstream: released (4.11-rc4) [1b53cf9815bb4744958d41f3795d5d5a1d365e2d]
+4.9-upstream-stable: released (4.9.20) [2984e52c75c657db7901f6189f02e0251ca963c2]
+3.16-upstream-stable: N/A "Intoduced in 4.2-rc1 with b7236e21d55ff9008737621c84dd8ee6c37c7c6d"
+3.2-upstream-stable: N/A "Intoduced in 4.2-rc1 with b7236e21d55ff9008737621c84dd8ee6c37c7c6d"
+sid: released (4.9.25-1)
+3.16-jessie-security: N/A "Vulnerable code not present"
+3.2-wheezy-security: N/A "Vulnerable code not present"

Copied: retired/CVE-2017-8061 (from rev 5261, active/CVE-2017-8061)
===================================================================
--- retired/CVE-2017-8061	                        (rev 0)
+++ retired/CVE-2017-8061	2017-05-02 19:45:37 UTC (rev 5262)
@@ -0,0 +1,11 @@
+Description: dvb-usb-firmware: don't do DMA on stack
+References:
+Notes:
+Bugs:
+upstream: released (4.11-rc4) [67b0503db9c29b04eadfeede6bebbfe5ddad94ef]
+4.9-upstream-stable: released (4.9.24) [28d1e8b7ef81d254583f68627095f8a85e39597d]
+3.16-upstream-stable: N/A "Vulnerability introduced with the introduction of VMAP_STACK in 4.9-rc1"
+3.2-upstream-stable: N/A "Vulnerability introduced with the introduction of VMAP_STACK in 4.9-rc1"
+sid: released (4.9.25-1)
+3.16-jessie-security: N/A "Vulnerability introduced with the introduction of VMAP_STACK in 4.9-rc1"
+3.2-wheezy-security: N/A "Vulnerability introduced with the introduction of VMAP_STACK in 4.9-rc1"

Copied: retired/CVE-2017-8063 (from rev 5261, active/CVE-2017-8063)
===================================================================
--- retired/CVE-2017-8063	                        (rev 0)
+++ retired/CVE-2017-8063	2017-05-02 19:45:37 UTC (rev 5262)
@@ -0,0 +1,11 @@
+Description: [media] cxusb: Use a dma capable buffer also for reading
+References:
+Notes:
+Bugs:
+upstream: released (4.11-rc1) [3f190e3aec212fc8c61e202c51400afa7384d4bc]
+4.9-upstream-stable: released (4.9.24) ([fb00319317c152bf3528df13a54c28bf8c5daa55]
+3.16-upstream-stable: N/A "introduced in 4.9-rc4 with 17ce039b4e54"
+3.2-upstream-stable: N/A "introduced in 4.9-rc4 with 17ce039b4e54"
+sid: released (4.9.25-1)
+3.16-jessie-security: N/A "Vulnerable code not present"
+3.2-wheezy-security: N/A "Vulnerable code not present"

Copied: retired/CVE-2017-8067 (from rev 5261, active/CVE-2017-8067)
===================================================================
--- retired/CVE-2017-8067	                        (rev 0)
+++ retired/CVE-2017-8067	2017-05-02 19:45:37 UTC (rev 5262)
@@ -0,0 +1,11 @@
+Description: virtio-console: avoid DMA from stack
+References:
+Notes:
+Bugs:
+upstream: released (4.11-rc1) [c4baad50297d84bde1a7ad45e50c73adae4a2192]
+4.9-upstream-stable: released (4.9.24) [86c6667f6a5f6bdb392d8ffbe58fbcbcf6db2704]
+3.16-upstream-stable: N/A "Vulnerability introduced with the introduction of VMAP_STACK in 4.9-rc1"
+3.2-upstream-stable: N/A "Vulnerability introduced with the introduction of VMAP_STACK in 4.9-rc1"
+sid: released (4.9.25-1)
+3.16-jessie-security: N/A "Vulnerability introduced with the introduction of VMAP_STACK in 4.9-rc1"
+3.2-wheezy-security: N/A "Vulnerability introduced with the introduction of VMAP_STACK in 4.9-rc1"

More information about the kernel-sec-discuss mailing list