[kernel-sec-discuss] r5325 - active

Ben Hutchings benh at moszumanska.debian.org
Wed May 31 15:40:01 UTC 2017


Author: benh
Date: 2017-05-31 15:40:00 +0000 (Wed, 31 May 2017)
New Revision: 5325

Modified:
   active/CVE-2017-0605
   active/CVE-2017-7487
   active/CVE-2017-7645
   active/CVE-2017-7895
   active/CVE-2017-8064
   active/CVE-2017-8890
   active/CVE-2017-8924
   active/CVE-2017-8925
   active/CVE-2017-9074
   active/CVE-2017-9075
   active/CVE-2017-9076
   active/CVE-2017-9077
   active/CVE-2017-9242
Log:
Mark issues pending for wheezy and jessie

Modified: active/CVE-2017-0605
===================================================================
--- active/CVE-2017-0605	2017-05-31 10:45:11 UTC (rev 5324)
+++ active/CVE-2017-0605	2017-05-31 15:40:00 UTC (rev 5325)
@@ -20,5 +20,5 @@
 3.16-upstream-stable: needed
 3.2-upstream-stable: needed
 sid: needed
-3.16-jessie-security: needed
-3.2-wheezy-security: needed
+3.16-jessie-security: pending (3.16.43-2+deb8u1) bugfix/all/tracing-Use-strlcpy-instead-of-strcpy-in-__trace_fin.patch]
+3.2-wheezy-security: pending (3.2.88-2) [bugfix/all/tracing-Use-strlcpy-instead-of-strcpy-in-__trace_fin.patch]

Modified: active/CVE-2017-7487
===================================================================
--- active/CVE-2017-7487	2017-05-31 10:45:11 UTC (rev 5324)
+++ active/CVE-2017-7487	2017-05-31 15:40:00 UTC (rev 5325)
@@ -7,5 +7,5 @@
 3.16-upstream-stable: needed
 3.2-upstream-stable: needed
 sid: needed
-3.16-jessie-security: needed
-3.2-wheezy-security: needed
+3.16-jessie-security: pending (3.16.43-2+deb8u1) [bugfix/all/ipx-call-ipxitf_put-in-ioctl-error-path.patch]
+3.2-wheezy-security: pending (3.2.88-2) [bugfix/all/ipx-call-ipxitf_put-in-ioctl-error-path.patch]

Modified: active/CVE-2017-7645
===================================================================
--- active/CVE-2017-7645	2017-05-31 10:45:11 UTC (rev 5324)
+++ active/CVE-2017-7645	2017-05-31 15:40:00 UTC (rev 5325)
@@ -20,5 +20,5 @@
 3.16-upstream-stable: needed
 3.2-upstream-stable: needed
 sid: released (4.9.25-1) [bugfix/all/nfsd-check-for-oversized-NFSv2-v3-arguments.patch]
-3.16-jessie-security: needed
-3.2-wheezy-security: needed
+3.16-jessie-security: pending (3.16.43-2+deb8u1) [bugfix/all/nfsd-check-for-oversized-nfsv2-v3-arguments.patch]
+3.2-wheezy-security: pending (3.2.88-2) [bugfix/all/nfsd-check-for-oversized-nfsv2-v3-arguments.patch]

Modified: active/CVE-2017-7895
===================================================================
--- active/CVE-2017-7895	2017-05-31 10:45:11 UTC (rev 5324)
+++ active/CVE-2017-7895	2017-05-31 15:40:00 UTC (rev 5325)
@@ -9,5 +9,5 @@
 3.16-upstream-stable: needed
 3.2-upstream-stable: needed
 sid: released (4.9.25-1) [bugfix/all/nfsd-stricter-decoding-of-write-like-NFSv2-v3-ops.patch]
-3.16-jessie-security: needed
-3.2-wheezy-security: needed
+3.16-jessie-security: pending (3.16.43-2+deb8u1) [bugfix/all/nfsd-stricter-decoding-of-write-like-nfsv2-v3-ops.patch]
+3.2-wheezy-security: pending (3.2.88-2) [bugfix/all/nfsd-stricter-decoding-of-write-like-nfsv2-v3-ops.patch]

Modified: active/CVE-2017-8064
===================================================================
--- active/CVE-2017-8064	2017-05-31 10:45:11 UTC (rev 5324)
+++ active/CVE-2017-8064	2017-05-31 15:40:00 UTC (rev 5325)
@@ -9,5 +9,5 @@
 3.16-upstream-stable: needed
 3.2-upstream-stable: N/A "Vulnerable code not present"
 sid: released (4.9.25-1)
-3.16-jessie-security: needed
+3.16-jessie-security: pending (3.16.43-2+deb8u1) [bugfix/all/media-dvb-usb-v2-avoid-use-after-free.patch]
 3.2-wheezy-security: N/A "Vulnerable code not present"

Modified: active/CVE-2017-8890
===================================================================
--- active/CVE-2017-8890	2017-05-31 10:45:11 UTC (rev 5324)
+++ active/CVE-2017-8890	2017-05-31 15:40:00 UTC (rev 5325)
@@ -9,5 +9,5 @@
 3.16-upstream-stable: needed
 3.2-upstream-stable: needed
 sid: needed
-3.16-jessie-security: needed
-3.2-wheezy-security: needed
+3.16-jessie-security: pending (3.16.43-2+deb8u1) [bugfix/all/dccp-tcp-do-not-inherit-mc_list-from-parent.patch]
+3.2-wheezy-security: pending (3.2.88-2) [bugfix/all/dccp-tcp-do-not-inherit-mc_list-from-parent.patch]

Modified: active/CVE-2017-8924
===================================================================
--- active/CVE-2017-8924	2017-05-31 10:45:11 UTC (rev 5324)
+++ active/CVE-2017-8924	2017-05-31 15:40:00 UTC (rev 5325)
@@ -7,5 +7,5 @@
 3.16-upstream-stable: needed
 3.2-upstream-stable: needed
 sid: released (4.9.16-1)
-3.16-jessie-security: needed
-3.2-wheezy-security: needed
+3.16-jessie-security: pending (3.16.43-2+deb8u1) [bugfix/all/usb-serial-io_ti-fix-information-leak-in-completion-.patch]
+3.2-wheezy-security: pending (3.2.88-2) [bugfix/all/usb-serial-io_ti-fix-information-leak-in-completion-.patch]

Modified: active/CVE-2017-8925
===================================================================
--- active/CVE-2017-8925	2017-05-31 10:45:11 UTC (rev 5324)
+++ active/CVE-2017-8925	2017-05-31 15:40:00 UTC (rev 5325)
@@ -7,5 +7,5 @@
 3.16-upstream-stable: needed
 3.2-upstream-stable: needed
 sid: released (4.9.16-1)
-3.16-jessie-security: needed
-3.2-wheezy-security: needed
+3.16-jessie-security: pending (3.16.43-2+deb8u1) [bugfix/all/usb-serial-omninet-fix-reference-leaks-at-open.patch]
+3.2-wheezy-security: pending (3.2.88-2) [bugfix/all/usb-serial-omninet-fix-reference-leaks-at-open.patch]

Modified: active/CVE-2017-9074
===================================================================
--- active/CVE-2017-9074	2017-05-31 10:45:11 UTC (rev 5324)
+++ active/CVE-2017-9074	2017-05-31 15:40:00 UTC (rev 5325)
@@ -3,11 +3,13 @@
 Notes:
  carnil> Requires as well 7dd7eb9513bd02184d45f000ab69d78cb1fa1531
  carnil> which fixes 2423496af35d94a87156b063ea5cedffc10a70a1
+ bwh> Also probably requires https://patchwork.ozlabs.org/patch/769083/
+ bwh> and fix for https://marc.info/?l=linux-netdev&m=149623359417487&w=2
 Bugs:
 upstream: released (4.12-rc2) [2423496af35d94a87156b063ea5cedffc10a70a1]
 4.9-upstream-stable: needed
 3.16-upstream-stable: needed
 3.2-upstream-stable: needed
 sid: needed
-3.16-jessie-security: needed
-3.2-wheezy-security: needed
+3.16-jessie-security: pending (3.16.43-2+deb8u1) [bugfix/all/ipv6-prevent-overrun-when-parsing-v6-header-options.patch]
+3.2-wheezy-security: pending (3.2.88-2) [bugfix/all/ipv6-prevent-overrun-when-parsing-v6-header-options.patch]

Modified: active/CVE-2017-9075
===================================================================
--- active/CVE-2017-9075	2017-05-31 10:45:11 UTC (rev 5324)
+++ active/CVE-2017-9075	2017-05-31 15:40:00 UTC (rev 5325)
@@ -7,5 +7,5 @@
 3.16-upstream-stable: needed
 3.2-upstream-stable: needed
 sid: needed
-3.16-jessie-security: needed
-3.2-wheezy-security: needed
+3.16-jessie-security: pending (3.16.43-2+deb8u1) [bugfix/all/sctp-do-not-inherit-ipv6_-mc-ac-fl-_list-from-parent.patch]
+3.2-wheezy-security: pending (3.2.88-2) [bugfix/all/sctp-do-not-inherit-ipv6_-mc-ac-fl-_list-from-parent.patch]

Modified: active/CVE-2017-9076
===================================================================
--- active/CVE-2017-9076	2017-05-31 10:45:11 UTC (rev 5324)
+++ active/CVE-2017-9076	2017-05-31 15:40:00 UTC (rev 5325)
@@ -7,5 +7,5 @@
 3.16-upstream-stable: needed
 3.2-upstream-stable: needed
 sid: needed
-3.16-jessie-security: needed
-3.2-wheezy-security: needed
+3.16-jessie-security: pending (3.16.43-2+deb8u1) [bugfix/all/ipv6-dccp-do-not-inherit-ipv6_mc_list-from-parent.patch]
+3.2-wheezy-security: pending (3.2.88-2) [bugfix/all/ipv6-dccp-do-not-inherit-ipv6_mc_list-from-parent.patch]

Modified: active/CVE-2017-9077
===================================================================
--- active/CVE-2017-9077	2017-05-31 10:45:11 UTC (rev 5324)
+++ active/CVE-2017-9077	2017-05-31 15:40:00 UTC (rev 5325)
@@ -7,5 +7,5 @@
 3.16-upstream-stable: needed
 3.2-upstream-stable: needed
 sid: needed
-3.16-jessie-security: needed
-3.2-wheezy-security: needed
+3.16-jessie-security: pending (3.16.43-2+deb8u1) [bugfix/all/ipv6-dccp-do-not-inherit-ipv6_mc_list-from-parent.patch]
+3.2-wheezy-security: pending (3.2.88-2) [bugfix/all/ipv6-dccp-do-not-inherit-ipv6_mc_list-from-parent.patch]

Modified: active/CVE-2017-9242
===================================================================
--- active/CVE-2017-9242	2017-05-31 10:45:11 UTC (rev 5324)
+++ active/CVE-2017-9242	2017-05-31 15:40:00 UTC (rev 5325)
@@ -7,5 +7,5 @@
 3.16-upstream-stable: needed
 3.2-upstream-stable: needed
 sid: needed
-3.16-jessie-security: needed
-3.2-wheezy-security: needed
+3.16-jessie-security: pending (3.16.43-2+deb8u1) [bugfix/all/ipv6-fix-out-of-bound-writes-in-__ip6_append_data.patch]
+3.2-wheezy-security: pending (3.2.88-2) [bugfix/all/ipv6-fix-out-of-bound-writes-in-__ip6_append_data.patch]




More information about the kernel-sec-discuss mailing list