[kernel-sec-discuss] r5266 - active

Salvatore Bonaccorso carnil at moszumanska.debian.org
Sat May 6 11:56:48 UTC 2017


Author: carnil
Date: 2017-05-06 11:56:48 +0000 (Sat, 06 May 2017)
New Revision: 5266

Modified:
   active/CVE-2016-10044
   active/CVE-2016-10200
   active/CVE-2016-10208
   active/CVE-2016-2188
   active/CVE-2016-6213
   active/CVE-2017-2647
   active/CVE-2017-2671
   active/CVE-2017-5967
   active/CVE-2017-6951
   active/CVE-2017-7184
   active/CVE-2017-7261
   active/CVE-2017-7273
   active/CVE-2017-7294
   active/CVE-2017-7308
   active/CVE-2017-7616
   active/CVE-2017-7618
Log:
Mark 3.16.43-1 already as released

Modified: active/CVE-2016-10044
===================================================================
--- active/CVE-2016-10044	2017-05-03 17:14:21 UTC (rev 5265)
+++ active/CVE-2016-10044	2017-05-06 11:56:48 UTC (rev 5266)
@@ -15,8 +15,8 @@
 Bugs:
 upstream: released (4.8-rc7) [22f6b4d34fcf039c63a94e7670e0da24f8575a5a]
 4.9-upstream-stable: N/A "Fixed before branch point"
-3.16-upstream-stable: released (3.16.43) [aio-mark-aio-pseudo-fs-noexec.patch]
+3.16-upstream-stable: released (3.16.43) [880366a6e2ef182c37b7c7317dc6d449f625b97d]
 3.2-upstream-stable: ignored "changes required are too invasive"
 sid: released (4.7.8-1)
-3.16-jessie-security: pending (3.16.43-1) [bugfix/all/aio-mark-aio-pseudo-fs-noexec.patch]
+3.16-jessie-security: released (3.16.43-1)
 3.2-wheezy-security: ignored "changes required are too invasive"

Modified: active/CVE-2016-10200
===================================================================
--- active/CVE-2016-10200	2017-05-03 17:14:21 UTC (rev 5265)
+++ active/CVE-2016-10200	2017-05-06 11:56:48 UTC (rev 5266)
@@ -7,5 +7,5 @@
 3.16-upstream-stable: released (3.16.40) [7c3ad0d86f80618c00a5d6a267080238185038f6]
 3.2-upstream-stable: released (3.2.88) [2147a17048314f069838aace1d08b8c719448b50]
 sid: released (4.8.15-1)
-3.16-jessie-security: pending (3.16.43-1) [bugfix/all/l2tp-fix-racy-sock_zapped-flag-check-in-l2tp_ip-6-_b.patch]
+3.16-jessie-security: released (3.16.43-1) [bugfix/all/l2tp-fix-racy-sock_zapped-flag-check-in-l2tp_ip-6-_b.patch]
 3.2-wheezy-security: released (3.2.88-1)

Modified: active/CVE-2016-10208
===================================================================
--- active/CVE-2016-10208	2017-05-03 17:14:21 UTC (rev 5265)
+++ active/CVE-2016-10208	2017-05-06 11:56:48 UTC (rev 5266)
@@ -12,5 +12,5 @@
 3.16-upstream-stable: released (3.16.41) [cde863587b6809fdf61ea3c5391ecf06884b5516]
 3.2-upstream-stable: N/A "Introduced in 3.6-rc1 with 952fc18ef9ec707ebdc16c0786ec360295e5ff15"
 sid: released (4.9.10-1)
-3.16-jessie-security: pending (3.16.43-1) [bugfix/all/ext4-validate-s_first_meta_bg-at-mount-time.patch]
+3.16-jessie-security: released (3.16.43-1) [bugfix/all/ext4-validate-s_first_meta_bg-at-mount-time.patch]
 3.2-wheezy-security: N/A "Introduced in 3.6-rc1 with 952fc18ef9ec707ebdc16c0786ec360295e5ff15"

Modified: active/CVE-2016-2188
===================================================================
--- active/CVE-2016-2188	2017-05-03 17:14:21 UTC (rev 5265)
+++ active/CVE-2016-2188	2017-05-06 11:56:48 UTC (rev 5266)
@@ -19,5 +19,5 @@
 3.16-upstream-stable: pending (3.16.44) [usb-iowarrior-fix-null-deref-at-probe.patch]
 3.2-upstream-stable: pending (3.2.89) [usb-iowarrior-fix-null-deref-at-probe.patch]
 sid: released (4.9.16-1)
-3.16-jessie-security: pending (3.16.43-1) [bugfix/all/usb-iowarrior-fix-null-deref-at-probe.patch]
+3.16-jessie-security: released (3.16.43-1) [bugfix/all/usb-iowarrior-fix-null-deref-at-probe.patch]
 3.2-wheezy-security: released (3.2.88-1) [bugfix/all/usb-iowarrior-fix-null-deref-at-probe.patch]

Modified: active/CVE-2016-6213
===================================================================
--- active/CVE-2016-6213	2017-05-03 17:14:21 UTC (rev 5265)
+++ active/CVE-2016-6213	2017-05-06 11:56:48 UTC (rev 5266)
@@ -11,5 +11,5 @@
 3.16-upstream-stable: released (3.16.41) [b71f455440fd7ed03f088580b3a117352fc815dd]
 3.2-upstream-stable: N/A "Unprivileged users cannot manipulate mounts"
 sid: released (4.8.11-1) [bugfix/all/mnt-Add-a-per-mount-namespace-limit-on-the-number-of.patch]
-3.16-jessie-security: pending (3.16.43-1) [bugfix/all/mnt-add-a-per-mount-namespace-limit-on-the-number-of.patch]
+3.16-jessie-security: released (3.16.43-1) [bugfix/all/mnt-add-a-per-mount-namespace-limit-on-the-number-of.patch]
 3.2-wheezy-security: N/A "Unprivileged users cannot manipulate mounts"

Modified: active/CVE-2017-2647
===================================================================
--- active/CVE-2017-2647	2017-05-03 17:14:21 UTC (rev 5265)
+++ active/CVE-2017-2647	2017-05-06 11:56:48 UTC (rev 5266)
@@ -16,5 +16,5 @@
 3.16-upstream-stable: released (3.16.43) [c53ee259ad3da891e191dee7af119af340f9c01b]
 3.2-upstream-stable: released (3.2.88) [e2b41f761b086da2ec43b1cfea14ca0681cd08b0]
 sid: released (4.0.2-1)
-3.16-jessie-security: pending (3.16.43-1)
+3.16-jessie-security: released (3.16.43-1)
 3.2-wheezy-security: released (3.2.88-1)

Modified: active/CVE-2017-2671
===================================================================
--- active/CVE-2017-2671	2017-05-03 17:14:21 UTC (rev 5265)
+++ active/CVE-2017-2671	2017-05-06 11:56:48 UTC (rev 5266)
@@ -10,5 +10,5 @@
 3.16-upstream-stable: pending (3.16.44) [ping-implement-proper-locking.patch]
 3.2-upstream-stable: pending (3.2.89) [ping-implement-proper-locking.patch]
 sid: released (4.9.25-1) [bugfix/all/ping-implement-proper-locking.patch]
-3.16-jessie-security: pending (3.16.43-1) [bugfix/all/ping-implement-proper-locking.patch]
+3.16-jessie-security: released (3.16.43-1) [bugfix/all/ping-implement-proper-locking.patch]
 3.2-wheezy-security: released (3.2.88-1) [bugfix/all/ping-implement-proper-locking.patch]

Modified: active/CVE-2017-5967
===================================================================
--- active/CVE-2017-5967	2017-05-03 17:14:21 UTC (rev 5265)
+++ active/CVE-2017-5967	2017-05-06 11:56:48 UTC (rev 5266)
@@ -13,5 +13,5 @@
 3.16-upstream-stable: ignored "Upstream fix is not suitable for backporting"
 3.2-upstream-stable: ignored "Upstream fix is not suitable for backporting"
 sid: released (4.9.13-1) [debian/time-mark-timer_stats-as-broken.patch]
-3.16-jessie-security: pending (3.16.43-1) [bugfix/all/timer-restrict-timer_stats-to-initial-pid-namespace.patch]
+3.16-jessie-security: released (3.16.43-1) [bugfix/all/timer-restrict-timer_stats-to-initial-pid-namespace.patch]
 3.2-wheezy-security: released (3.2.88-1) [bugfix/all/timer-restrict-timer_stats-to-initial-pid-namespace.patch]

Modified: active/CVE-2017-6951
===================================================================
--- active/CVE-2017-6951	2017-05-03 17:14:21 UTC (rev 5265)
+++ active/CVE-2017-6951	2017-05-06 11:56:48 UTC (rev 5266)
@@ -19,5 +19,5 @@
 3.16-upstream-stable: released (3.16.43) [c53ee259ad3da891e191dee7af119af340f9c01b]
 3.2-upstream-stable: released (3.2.88) [e2b41f761b086da2ec43b1cfea14ca0681cd08b0]
 sid: released (4.0.2-1)
-3.16-jessie-security: pending (3.16.43-1)
+3.16-jessie-security: released (3.16.43-1)
 3.2-wheezy-security: released (3.2.88-1)

Modified: active/CVE-2017-7184
===================================================================
--- active/CVE-2017-7184	2017-05-03 17:14:21 UTC (rev 5265)
+++ active/CVE-2017-7184	2017-05-06 11:56:48 UTC (rev 5266)
@@ -11,5 +11,5 @@
 3.16-upstream-stable: pending (3.16.44) [xfrm_user-validate-xfrm_msg_newae-xfrma_replay_esn_val-replay_window.patch, xfrm_user-validate-xfrm_msg_newae-incoming-esn-size-harder.patch]
 3.2-upstream-stable: pending (3.2.89) [xfrm_user-validate-xfrm_msg_newae-xfrma_replay_esn_val-replay_window.patch, xfrm_user-validate-xfrm_msg_newae-incoming-esn-size-harder.patch]
 sid: released (4.9.18-1) [bugfix/all/xfrm_user-validate-xfrm_msg_newae-xfrma_replay_esn_val-replay_window.patch, bugfix/all/xfrm_user-validate-xfrm_msg_newae-incoming-esn-size-harder.patch]
-3.16-jessie-security: pending (3.16.43-1) [bugfix/all/xfrm_user-validate-xfrm_msg_newae-xfrma_replay_esn_val-replay_window.patch, bugfix/all/xfrm_user-validate-xfrm_msg_newae-incoming-esn-size-harder.patch]
+3.16-jessie-security: released (3.16.43-1) [bugfix/all/xfrm_user-validate-xfrm_msg_newae-xfrma_replay_esn_val-replay_window.patch, bugfix/all/xfrm_user-validate-xfrm_msg_newae-incoming-esn-size-harder.patch]
 3.2-wheezy-security: released (3.2.88-1) [bugfix/all/xfrm_user-validate-xfrm_msg_newae-xfrma_replay_esn_val-replay_window.patch, bugfix/all/xfrm_user-validate-xfrm_msg_newae-incoming-esn-size-harder.patch]

Modified: active/CVE-2017-7261
===================================================================
--- active/CVE-2017-7261	2017-05-03 17:14:21 UTC (rev 5265)
+++ active/CVE-2017-7261	2017-05-06 11:56:48 UTC (rev 5266)
@@ -15,5 +15,5 @@
 3.16-upstream-stable: pending (3.16.44) [drm-vmwgfx-null-pointer-dereference-in-vmw_surface_define_ioctl.patch]
 3.2-upstream-stable: pending (3.2.89) [drm-vmwgfx-null-pointer-dereference-in-vmw_surface_define_ioctl.patch]
 sid: released (4.9.18-1) [bugfix/x86/vmwgfx-null-pointer-dereference-in-vmw_surface_define_ioctl.patch]
-3.16-jessie-security: pending (3.16.43-1) [bugfix/x86/vmwgfx-null-pointer-dereference-in-vmw_surface_define_ioctl.patch]
+3.16-jessie-security: released (3.16.43-1) [bugfix/x86/vmwgfx-null-pointer-dereference-in-vmw_surface_define_ioctl.patch]
 3.2-wheezy-security: released (3.2.88-1) [bugfix/x86/vmwgfx-null-pointer-dereference-in-vmw_surface_define_ioctl.patch]

Modified: active/CVE-2017-7273
===================================================================
--- active/CVE-2017-7273	2017-05-03 17:14:21 UTC (rev 5265)
+++ active/CVE-2017-7273	2017-05-06 11:56:48 UTC (rev 5266)
@@ -7,5 +7,5 @@
 3.16-upstream-stable: released (3.16.42) [60a990276a03f9a11d86017b1217f3698443c47b]
 3.2-upstream-stable: released (3.2.87) [4faec4a2ef5dd481682cc155cb9ea14ba2534b76]
 sid: released (4.9.6-1)
-3.16-jessie-security: pending (3.16.43-1)
+3.16-jessie-security: released (3.16.43-1)
 3.2-wheezy-security: released (3.2.88-1)

Modified: active/CVE-2017-7294
===================================================================
--- active/CVE-2017-7294	2017-05-03 17:14:21 UTC (rev 5265)
+++ active/CVE-2017-7294	2017-05-06 11:56:48 UTC (rev 5266)
@@ -9,5 +9,5 @@
 3.16-upstream-stable: pending (3.16.44) [drm-vmwgfx-fix-integer-overflow-in-vmw_surface_define_ioctl.patch]
 3.2-upstream-stable: pending (3.2.89) [drm-vmwgfx-fix-integer-overflow-in-vmw_surface_define_ioctl.patch]
 sid: released (4.9.18-1) [bugfix/x86/drm-vmwgfx-fix-integer-overflow-in-vmw_surface_define_ioctl.patch]
-3.16-jessie-security: pending (3.16.43-1) [bugfix/x86/drm-vmwgfx-fix-integer-overflow-in-vmw_surface_define_ioctl.patch]
+3.16-jessie-security: released (3.16.43-1) [bugfix/x86/drm-vmwgfx-fix-integer-overflow-in-vmw_surface_define_ioctl.patch]
 3.2-wheezy-security: released (3.2.88-1) [bugfix/x86/drm-vmwgfx-fix-integer-overflow-in-vmw_surface_define_ioctl.patch]

Modified: active/CVE-2017-7308
===================================================================
--- active/CVE-2017-7308	2017-05-03 17:14:21 UTC (rev 5265)
+++ active/CVE-2017-7308	2017-05-06 11:56:48 UTC (rev 5266)
@@ -14,5 +14,5 @@
 3.16-upstream-stable: pending (3.16.44) [net-packet-fix-overflow-in-check-for-priv-area-size.patch, net-packet-fix-overflow-in-check-for-tp_frame_nr.patch, net-packet-fix-overflow-in-check-for-tp_reserve.patch]
 3.2-upstream-stable: pending (3.2.89) [net-packet-fix-overflow-in-check-for-priv-area-size.patch, net-packet-fix-overflow-in-check-for-tp_frame_nr.patch, net-packet-fix-overflow-in-check-for-tp_reserve.patch]
 sid: released (4.9.18-1) [bugfix/all/net-packet-fix-overflow-in-check-for-priv-area-size.patch, bugfix/all/net-packet-fix-overflow-in-check-for-tp_frame_nr.patch, bugfix/all/net-packet-fix-overflow-in-check-for-tp_reserve.patch]
-3.16-jessie-security: pending (3.16.43-1) [bugfix/all/net-packet-fix-overflow-in-check-for-priv-area-size.patch, bugfix/all/net-packet-fix-overflow-in-check-for-tp_frame_nr.patch, bugfix/all/net-packet-fix-overflow-in-check-for-tp_reserve.patch]
+3.16-jessie-security: released (3.16.43-1) [bugfix/all/net-packet-fix-overflow-in-check-for-priv-area-size.patch, bugfix/all/net-packet-fix-overflow-in-check-for-tp_frame_nr.patch, bugfix/all/net-packet-fix-overflow-in-check-for-tp_reserve.patch]
 3.2-wheezy-security: released (3.2.88-1) [bugfix/all/net-packet-fix-overflow-in-check-for-priv-area-size.patch, bugfix/all/net-packet-fix-overflow-in-check-for-tp_frame_nr.patch, bugfix/all/net-packet-fix-overflow-in-check-for-tp_reserve.patch]

Modified: active/CVE-2017-7616
===================================================================
--- active/CVE-2017-7616	2017-05-03 17:14:21 UTC (rev 5265)
+++ active/CVE-2017-7616	2017-05-06 11:56:48 UTC (rev 5266)
@@ -12,5 +12,5 @@
 3.16-upstream-stable: pending (3.16.44) [mm-mempolicy.c-fix-error-handling-in-set_mempolicy-and-mbind.patch]
 3.2-upstream-stable: pending (3.2.89) [mm-mempolicy.c-fix-error-handling-in-set_mempolicy-and-mbind.patch]
 sid: released (4.9.25-1)
-3.16-jessie-security: pending (3.16.43-1) [bugfix/all/mm-mempolicy.c-fix-error-handling-in-set_mempolicy-a.patch]
+3.16-jessie-security: released (3.16.43-1) [bugfix/all/mm-mempolicy.c-fix-error-handling-in-set_mempolicy-a.patch]
 3.2-wheezy-security: released (3.2.88-1) [bugfix/all/mm-mempolicy.c-fix-error-handling-in-set_mempolicy-a.patch]

Modified: active/CVE-2017-7618
===================================================================
--- active/CVE-2017-7618	2017-05-03 17:14:21 UTC (rev 5265)
+++ active/CVE-2017-7618	2017-05-06 11:56:48 UTC (rev 5266)
@@ -13,5 +13,5 @@
 3.16-upstream-stable: pending (3.16.44) [crypto-ahash-fix-einprogress-notification-callback.patch]
 3.2-upstream-stable: pending (3.2.89) [crypto-ahash-fix-einprogress-notification-callback.patch]
 sid: released (4.9.25-1)
-3.16-jessie-security: pending (3.16.43-1) [bugfix/all/crypto-ahash-fix-einprogress-notification-callback.patch]
+3.16-jessie-security: released (3.16.43-1) [bugfix/all/crypto-ahash-fix-einprogress-notification-callback.patch]
 3.2-wheezy-security: released (3.2.88-1) [bugfix/all/crypto-ahash-fix-einprogress-notification-callback.patch]




More information about the kernel-sec-discuss mailing list