[kernel-sec-discuss] r5324 - active

Ben Hutchings benh at moszumanska.debian.org
Wed May 31 10:45:11 UTC 2017


Author: benh
Date: 2017-05-31 10:45:11 +0000 (Wed, 31 May 2017)
New Revision: 5324

Modified:
   active/CVE-2017-8924
   active/CVE-2017-8925
   active/CVE-2017-9059
   active/CVE-2017-9074
   active/CVE-2017-9242
Log:
Fill in issue status

Modified: active/CVE-2017-8924
===================================================================
--- active/CVE-2017-8924	2017-05-29 04:07:06 UTC (rev 5323)
+++ active/CVE-2017-8924	2017-05-31 10:45:11 UTC (rev 5324)
@@ -4,8 +4,8 @@
 Bugs:
 upstream: released (4.11-rc2) [654b404f2a222f918af9b0cd18ad469d0c941a8e]
 4.9-upstream-stable: released (4.9.16) [d0ef6ecee85e17742d8bce1559872cb542d6ccac]
-3.16-upstream-stable:
-3.2-upstream-stable:
+3.16-upstream-stable: needed
+3.2-upstream-stable: needed
 sid: released (4.9.16-1)
-3.16-jessie-security:
-3.2-wheezy-security:
+3.16-jessie-security: needed
+3.2-wheezy-security: needed

Modified: active/CVE-2017-8925
===================================================================
--- active/CVE-2017-8925	2017-05-29 04:07:06 UTC (rev 5323)
+++ active/CVE-2017-8925	2017-05-31 10:45:11 UTC (rev 5324)
@@ -4,8 +4,8 @@
 Bugs:
 upstream: released (4.11-rc2) [30572418b445d85fcfe6c8fe84c947d2606767d8]
 4.9-upstream-stable: released (4.9.16) [6d6c5895f45431579c20f4183b25183f0e3afc92]
-3.16-upstream-stable:
-3.2-upstream-stable:
+3.16-upstream-stable: needed
+3.2-upstream-stable: needed
 sid: released (4.9.16-1)
-3.16-jessie-security:
-3.2-wheezy-security:
+3.16-jessie-security: needed
+3.2-wheezy-security: needed

Modified: active/CVE-2017-9059
===================================================================
--- active/CVE-2017-9059	2017-05-29 04:07:06 UTC (rev 5323)
+++ active/CVE-2017-9059	2017-05-31 10:45:11 UTC (rev 5324)
@@ -3,12 +3,15 @@
  https://www.spinics.net/lists/linux-nfs/msg63334.html
  https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=c70422f760c120480fee4de6c38804c72aa26bc1
 Notes:
+ bwh> Upstream fix says this was introduced by commit bb6aeba736ba
+ bwh> "NFSv4.x: Switch to using svc_set_num_threads() to manage the callback
+ bwh> threads" in 4.9.
 Bugs:
  https://bugzilla.redhat.com/show_bug.cgi?id=1451386
 upstream: released (4.12-rc1) [9e0d87680d689f1758185851c3da6eafb16e71e1, ed6473ddc704a2005b9900ca08e236ebb2d8540a]
 4.9-upstream-stable: needed
-3.16-upstream-stable:
-3.2-upstream-stable:
+3.16-upstream-stable: N/A "Vulnerable code not present"
+3.2-upstream-stable: N/A "Vulnerable code not present"
 sid: needed
-3.16-jessie-security:
-3.2-wheezy-security:
+3.16-jessie-security: N/A "Vulnerable code not present"
+3.2-wheezy-security: N/A "Vulnerable code not present"

Modified: active/CVE-2017-9074
===================================================================
--- active/CVE-2017-9074	2017-05-29 04:07:06 UTC (rev 5323)
+++ active/CVE-2017-9074	2017-05-31 10:45:11 UTC (rev 5324)
@@ -6,8 +6,8 @@
 Bugs:
 upstream: released (4.12-rc2) [2423496af35d94a87156b063ea5cedffc10a70a1]
 4.9-upstream-stable: needed
-3.16-upstream-stable:
-3.2-upstream-stable:
+3.16-upstream-stable: needed
+3.2-upstream-stable: needed
 sid: needed
-3.16-jessie-security:
-3.2-wheezy-security:
+3.16-jessie-security: needed
+3.2-wheezy-security: needed

Modified: active/CVE-2017-9242
===================================================================
--- active/CVE-2017-9242	2017-05-29 04:07:06 UTC (rev 5323)
+++ active/CVE-2017-9242	2017-05-31 10:45:11 UTC (rev 5324)
@@ -3,9 +3,9 @@
 Notes:
 Bugs:
 upstream: released (4.12-rc3) [232cd35d0804cc241eb887bb8d4d9b3b9881c64a]
-4.9-upstream-stable:
-3.16-upstream-stable:
-3.2-upstream-stable:
-sid:
-3.16-jessie-security:
-3.2-wheezy-security:
+4.9-upstream-stable: needed
+3.16-upstream-stable: needed
+3.2-upstream-stable: needed
+sid: needed
+3.16-jessie-security: needed
+3.2-wheezy-security: needed




More information about the kernel-sec-discuss mailing list