[kernel-sec-discuss] r5716 - active
Salvatore Bonaccorso
carnil at moszumanska.debian.org
Mon Nov 13 08:43:13 UTC 2017
Author: carnil
Date: 2017-11-13 08:43:13 +0000 (Mon, 13 Nov 2017)
New Revision: 5716
Modified:
active/CVE-2017-0786
active/CVE-2017-12190
active/CVE-2017-12192
active/CVE-2017-12193
active/CVE-2017-13080
active/CVE-2017-15265
active/CVE-2017-15299
active/CVE-2017-15649
active/CVE-2017-16527
active/CVE-2017-16529
active/CVE-2017-16530
active/CVE-2017-16531
active/CVE-2017-16532
active/CVE-2017-16533
active/CVE-2017-16535
Log:
3.16.50 released upstream
Modified: active/CVE-2017-0786
===================================================================
--- active/CVE-2017-0786 2017-11-12 18:14:35 UTC (rev 5715)
+++ active/CVE-2017-0786 2017-11-13 08:43:13 UTC (rev 5716)
@@ -6,7 +6,7 @@
Bugs:
upstream: released (4.14-rc4) [17df6453d4be17910456e99c5a85025aa1b7a246]
4.9-upstream-stable: released (4.9.55) [4d3132d97aa753104ee35722352a895750a0fca5]
-3.16-upstream-stable: pending (3.16.50) [brcmfmac-add-length-check-in-brcmf_cfg80211_escan_handler.patch]
+3.16-upstream-stable: released (3.16.50) [7df83adfc5d38bf960ef7ff0e4cb1c2c92715f63]
3.2-upstream-stable: N/A "Vulnerable code not present"
sid: released (4.13.4-2) [bugfix/all/brcmfmac-add-length-check-in-brcmf_cfg80211_escan_ha.patch]
4.9-stretch-security: needed
Modified: active/CVE-2017-12190
===================================================================
--- active/CVE-2017-12190 2017-11-12 18:14:35 UTC (rev 5715)
+++ active/CVE-2017-12190 2017-11-13 08:43:13 UTC (rev 5716)
@@ -12,7 +12,7 @@
https://bugzilla.redhat.com/show_bug.cgi?id=1495089
upstream: released (4.14-rc5) [95d78c28b5a85bacbc29b8dba7c04babb9b0d467]
4.9-upstream-stable: released (4.9.57) [5444d8ab9a1406af9f1bc2f00c26838637542480]
-3.16-upstream-stable: pending (3.16.50) [fix-unbalanced-page-refcounting-in-bio_map_user_iov.patch]
+3.16-upstream-stable: released (3.16.50) [3c885aa3b459aabc5fa04251a5fdd88e29b1de70]
3.2-upstream-stable: pending (3.2.95) [fix-unbalanced-page-refcounting-in-bio_map_user_iov.patch]
sid: released (4.13.10-1)
4.9-stretch-security: needed
Modified: active/CVE-2017-12192
===================================================================
--- active/CVE-2017-12192 2017-11-12 18:14:35 UTC (rev 5715)
+++ active/CVE-2017-12192 2017-11-13 08:43:13 UTC (rev 5716)
@@ -5,7 +5,7 @@
Bugs:
upstream: released (4.14-rc3) [37863c43b2c6464f252862bf2e9768264e961678]
4.9-upstream-stable: released (4.9.53) [dda70d28c0ac191f128bfd3acfd800667ed86bdf]
-3.16-upstream-stable: pending (3.16.50) [keys-prevent-keyctl_read-on-negative-key.patch]
+3.16-upstream-stable: released (3.16.50) [3eab231a5b5382067ab3ead172780144f9c0f721]
3.2-upstream-stable: N/A "Vulnerable code introduced later in 3.13-rc1"
sid: released (4.13.4-2) [bugfix/all/KEYS-prevent-KEYCTL_READ-on-negative-key.patch]
4.9-stretch-security: needed
Modified: active/CVE-2017-12193
===================================================================
--- active/CVE-2017-12193 2017-11-12 18:14:35 UTC (rev 5715)
+++ active/CVE-2017-12193 2017-11-13 08:43:13 UTC (rev 5716)
@@ -4,7 +4,7 @@
Bugs:
upstream: released (4.14-rc7) [ea6789980fdaa610d7eb63602c746bf6ec70cd2b]
4.9-upstream-stable: released (4.9.60) [67bcc5e530d55e646b7324038c926c2bde735a7e]
-3.16-upstream-stable: pending (3.16.50) [assoc_array-fix-a-buggy-node-splitting-case.patch]
+3.16-upstream-stable: released (3.16.50) [c42ab77ec3454fc0d9710bd6734e241e4202d8b3]
3.2-upstream-stable: N/A "Introduced in 3.13-rc1 with 3cb989501c2688cacbb7dc4b0d353faf838f53a1"
sid: pending (4.13.12-1)
4.9-stretch-security: needed
Modified: active/CVE-2017-13080
===================================================================
--- active/CVE-2017-13080 2017-11-12 18:14:35 UTC (rev 5715)
+++ active/CVE-2017-13080 2017-11-13 08:43:13 UTC (rev 5716)
@@ -8,7 +8,7 @@
Bugs:
upstream: released (4.14-rc6) [fdf7cb4185b60c68e1a75e61691c4afdc15dea0e]
4.9-upstream-stable: needed
-3.16-upstream-stable: pending (3.16.50) [mac80211-accept-key-reinstall-without-changing-anything.patch]
+3.16-upstream-stable: released (3.16.50) [a0a8a11d1630cd648dc1ce86da620b4e240e0315]
3.2-upstream-stable: pending (3.2.95) [mac80211-accept-key-reinstall-without-changing-anything.patch]
sid: needed
4.9-stretch-security: needed
Modified: active/CVE-2017-15265
===================================================================
--- active/CVE-2017-15265 2017-11-12 18:14:35 UTC (rev 5715)
+++ active/CVE-2017-15265 2017-11-13 08:43:13 UTC (rev 5716)
@@ -11,7 +11,7 @@
Bugs:
upstream: released (4.14-rc5) [71105998845fb012937332fe2e806d443c09e026]
4.9-upstream-stable: released (4.9.57) [35b84860667ff081eee56b62f3db2a28ca8a3823]
-3.16-upstream-stable: pending (3.16.50) [alsa-seq-fix-use-after-free-at-creating-a-port.patch]
+3.16-upstream-stable: released (3.16.50) [853c65fe1db498563bdeea5b7e733441db34d330]
3.2-upstream-stable: pending (3.2.95) [alsa-seq-fix-use-after-free-at-creating-a-port.patch]
sid: released (4.13.4-2) [bugfix/all/ALSA-seq-Fix-use-after-free-at-creating-a-port.patch]
4.9-stretch-security: needed
Modified: active/CVE-2017-15299
===================================================================
--- active/CVE-2017-15299 2017-11-12 18:14:35 UTC (rev 5715)
+++ active/CVE-2017-15299 2017-11-13 08:43:13 UTC (rev 5716)
@@ -15,7 +15,7 @@
Bugs:
upstream: released (4.14-rc6) [60ff5b2f547af3828aebafd54daded44cfb0807a]
4.9-upstream-stable: released (4.9.59) [da0c7503c0b886784bf8bcb279c7d71c1e50c438]
-3.16-upstream-stable: pending (3.16.50) [keys-don-t-let-add_key-update-an-uninstantiated-key.patch]
+3.16-upstream-stable: released (3.16.50) [24832178de3ab7b6fb42f2730d8d675e3d30adb2]
3.2-upstream-stable: pending (3.2.95) [keys-don-t-let-add_key-update-an-uninstantiated-key.patch]
sid: released (4.13.10-1)
4.9-stretch-security: needed
Modified: active/CVE-2017-15649
===================================================================
--- active/CVE-2017-15649 2017-11-12 18:14:35 UTC (rev 5715)
+++ active/CVE-2017-15649 2017-11-13 08:43:13 UTC (rev 5716)
@@ -6,7 +6,7 @@
Bugs:
upstream: released (4.14-rc2) [008ba2a13f2d04c947adc536d19debb8fe66f110], (4.14-rc4) [4971613c1639d8e5f102c4e797c3bf8f83a5a69e]
4.9-upstream-stable: released (4.9.55) [6f7cdd4aa0a45f21edf6cb31236cd9d10c0d7992, 0f22167d3321a028c0b6edc2d5b2ab0e37a2ac53]
-3.16-upstream-stable: pending (3.16.50) [packet-hold-bind-lock-when-rebinding-to-fanout-hook.patch, packet-in-packet_do_bind-test-fanout-with-bind_lock-held.patch]
+3.16-upstream-stable: released (3.16.50) [4839233c04cd9ffb65fa00bdb473cbdac427d45f, 70abad3796f52ed593d5d31bf9f0b5410a522548]
3.2-upstream-stable: pending (3.2.95) [packet-hold-bind-lock-when-rebinding-to-fanout-hook.patch, packet-in-packet_do_bind-test-fanout-with-bind_lock-held.patch]
sid: released (4.13.10-1)
4.9-stretch-security: needed
Modified: active/CVE-2017-16527
===================================================================
--- active/CVE-2017-16527 2017-11-12 18:14:35 UTC (rev 5715)
+++ active/CVE-2017-16527 2017-11-13 08:43:13 UTC (rev 5716)
@@ -6,7 +6,7 @@
Bugs:
upstream: released (4.14-rc5) [124751d5e63c823092060074bd0abaae61aaa9c4]
4.9-upstream-stable: released (4.9.57) [e0c70289a1e334a60b54b54688f18e2ee38396a9]
-3.16-upstream-stable: pending (3.16.50) [alsa-usb-audio-kill-stray-urb-at-exiting.patch]
+3.16-upstream-stable: released (3.16.50) [6a6488e8d231fa1fca2408e59e819f64fecb45f3]
3.2-upstream-stable: pending (3.2.95) [alsa-usb-audio-kill-stray-urb-at-exiting.patch]
sid: released (4.13.10-1)
4.9-stretch-security: needed
Modified: active/CVE-2017-16529
===================================================================
--- active/CVE-2017-16529 2017-11-12 18:14:35 UTC (rev 5715)
+++ active/CVE-2017-16529 2017-11-13 08:43:13 UTC (rev 5716)
@@ -6,7 +6,7 @@
Bugs:
upstream: released (4.14-rc4) [bfc81a8bc18e3c4ba0cbaa7666ff76be2f998991]
4.9-upstream-stable: released (4.9.55) [37b6d898388e78d92a13a8ab50c960d507c968d1]
-3.16-upstream-stable: pending (3.16.50) [alsa-usb-audio-check-out-of-bounds-access-by-corrupted-buffer.patch]
+3.16-upstream-stable: released (3.16.50) [9992800cfd0b367369407d62a4c228c454c5d0e3]
3.2-upstream-stable: pending (3.2.95) [alsa-usb-audio-check-out-of-bounds-access-by-corrupted-buffer.patch]
sid: released (4.13.10-1)
4.9-stretch-security: needed
Modified: active/CVE-2017-16530
===================================================================
--- active/CVE-2017-16530 2017-11-12 18:14:35 UTC (rev 5715)
+++ active/CVE-2017-16530 2017-11-13 08:43:13 UTC (rev 5716)
@@ -6,7 +6,7 @@
Bugs:
upstream: released (4.14-rc4) [786de92b3cb26012d3d0f00ee37adf14527f35c4]
4.9-upstream-stable: released (4.9.55) [d77606e93d819ad4b8f57511ff61a629ced49750]
-3.16-upstream-stable: pending (3.16.50) [usb-uas-fix-bug-in-handling-of-alternate-settings.patch]
+3.16-upstream-stable: released (3.16.50) [c0003557dbdec4ec1976ea7be9534abef758297b]
3.2-upstream-stable: N/A "Vulnerable code not present"
sid: released (4.13.10-1)
4.9-stretch-security: needed
Modified: active/CVE-2017-16531
===================================================================
--- active/CVE-2017-16531 2017-11-12 18:14:35 UTC (rev 5715)
+++ active/CVE-2017-16531 2017-11-13 08:43:13 UTC (rev 5716)
@@ -6,7 +6,7 @@
Bugs:
upstream: released (4.14-rc4) [bd7a3fe770ebd8391d1c7d072ff88e9e76d063eb]
4.9-upstream-stable: released (4.9.55) [a6d4ce2e8b653ff7facde0d0051663fa4cf57b78]
-3.16-upstream-stable: pending (3.16.50) [usb-fix-out-of-bounds-in-usb_set_configuration.patch]
+3.16-upstream-stable: released (3.16.50) [cc81fff9d62e32a27b1f16dab1a6172935792ab7]
3.2-upstream-stable: pending (3.2.95) [usb-fix-out-of-bounds-in-usb_set_configuration.patch]
sid: released (4.13.10-1)
4.9-stretch-security: needed
Modified: active/CVE-2017-16532
===================================================================
--- active/CVE-2017-16532 2017-11-12 18:14:35 UTC (rev 5715)
+++ active/CVE-2017-16532 2017-11-13 08:43:13 UTC (rev 5716)
@@ -5,7 +5,7 @@
Bugs:
upstream: released (4.14-rc5) [7c80f9e4a588f1925b07134bb2e3689335f6c6d8]
4.9-upstream-stable: needed
-3.16-upstream-stable: pending (3.16.50) [usb-usbtest-fix-null-pointer-dereference.patch]
+3.16-upstream-stable: released (3.16.50) [824f2a5ccdd9ddfb53418c13f493aa46ae0c2c00]
3.2-upstream-stable: pending (3.2.95) [usb-usbtest-fix-null-pointer-dereference.patch]
sid: needed
4.9-stretch-security: needed
Modified: active/CVE-2017-16533
===================================================================
--- active/CVE-2017-16533 2017-11-12 18:14:35 UTC (rev 5715)
+++ active/CVE-2017-16533 2017-11-13 08:43:13 UTC (rev 5716)
@@ -5,7 +5,7 @@
Bugs:
upstream: released (4.14-rc5) [f043bfc98c193c284e2cd768fefabe18ac2fed9b]
4.9-upstream-stable: released (4.9.57) [57265cddde308292af881ce634a5378dd4e25900]
-3.16-upstream-stable: pending (3.16.50) [hid-usbhid-fix-out-of-bounds-bug.patch]
+3.16-upstream-stable: released (3.16.50) [8d675aa967d3927ac100f7af48f2a2af8a041d2d]
3.2-upstream-stable: pending (3.2.95) [hid-usbhid-fix-out-of-bounds-bug.patch]
sid: released (4.13.10-1)
4.9-stretch-security: needed
Modified: active/CVE-2017-16535
===================================================================
--- active/CVE-2017-16535 2017-11-12 18:14:35 UTC (rev 5715)
+++ active/CVE-2017-16535 2017-11-13 08:43:13 UTC (rev 5716)
@@ -5,7 +5,7 @@
Bugs:
upstream: released (4.14-c6) [1c0edc3633b56000e18d82fc241e3995ca18a69e]
4.9-upstream-stable: released (4.9.59) [9d13d3e05be29056eeab610d9ad26b04c9231a04]
-3.16-upstream-stable: pending (3.16.50) [usb-core-fix-out-of-bounds-access-bug-in-usb_get_bos_descriptor.patch]
+3.16-upstream-stable: released (3.16.50) [6514189e83d470af2f35735038c1b096410ab98d]
3.2-upstream-stable: pending (3.2.95) [usb-core-fix-out-of-bounds-access-bug-in-usb_get_bos_descriptor.patch]
sid: released (4.13.10-1)
4.9-stretch-security: needed
More information about the kernel-sec-discuss
mailing list