[kernel-sec-discuss] r5645 - active

Salvatore Bonaccorso carnil at moszumanska.debian.org
Thu Oct 12 16:58:10 UTC 2017 

Author: carnil
Date: 2017-10-12 16:58:10 +0000 (Thu, 12 Oct 2017)
New Revision: 5645

Modified:
   active/CVE-2017-1000251
   active/CVE-2017-12153
   active/CVE-2017-12154
   active/CVE-2017-14156
   active/CVE-2017-14340
   active/CVE-2017-14489
   active/CVE-2017-8831
Log:
3.16.49 and 3.2.94 released upstream

Modified: active/CVE-2017-1000251
===================================================================
--- active/CVE-2017-1000251	2017-10-12 11:38:08 UTC (rev 5644)
+++ active/CVE-2017-1000251	2017-10-12 16:58:10 UTC (rev 5645)
@@ -9,8 +9,8 @@
 Bugs:
 upstream: released (4.14-rc1) [e860d2c904d1a9f38a24eb44c9f34b8f915a6ea3]
 4.9-upstream-stable: released (4.9.50) [6300c8bfafe032187f3cbaa43dbf7d306650c5ed]
-3.16-upstream-stable: pending (3.16.49) [bluetooth-properly-check-l2cap-config-option-output-buffer-length.patch]
-3.2-upstream-stable: pending (3.2.94) [bluetooth-properly-check-l2cap-config-option-output-buffer-length.patch]
+3.16-upstream-stable: released (3.16.49) [8a7b081660857a80c3efc463b3da790c4fa0c801]
+3.2-upstream-stable: released (3.2.94) [26d624204b5243a0c928bad4bf62560bb63f385d]
 sid: released (4.12.13-1)
 4.9-stretch-security: released (4.9.30-2+deb9u4) [bugfix/all/bluetooth-properly-check-l2cap-config-option-output-.patch]
 3.16-jessie-security: released (3.16.43-2+deb8u4) [bugfix/all/bluetooth-properly-check-l2cap-config-option-output-.patch]

Modified: active/CVE-2017-12153
===================================================================
--- active/CVE-2017-12153	2017-10-12 11:38:08 UTC (rev 5644)
+++ active/CVE-2017-12153	2017-10-12 16:58:10 UTC (rev 5645)
@@ -8,8 +8,8 @@
 Bugs:
 upstream: released (4.14-rc2) [e785fa0a164aa11001cba931367c7f94ffaff888]
 4.9-upstream-stable: released (4.9.53) [c820441a7a52e3626aede8df94069a50a9e4efdb]
-3.16-upstream-stable: pending (3.16.49) [nl80211-check-for-the-required-netlink-attributes-presence.patch]
-3.2-upstream-stable: pending (3.2.94) [nl80211-check-for-the-required-netlink-attributes-presence.patch]
+3.16-upstream-stable: released (3.16.49) [ed2305f2eba403d41dc4213746f60d47273980f6]
+3.2-upstream-stable: released (3.2.94) [082d8a6a55d2b6583d9e93ac9796efdf4c412658]
 sid: released (4.12.13-1) [bugfix/all/nl80211-check-for-the-required-netlink-attributes-presence.patch]
 4.9-stretch-security: released (4.9.30-2+deb9u4) [bugfix/all/nl80211-check-for-the-required-netlink-attributes-presence.patch]
 3.16-jessie-security: released (3.16.43-2+deb8u4) [bugfix/all/nl80211-check-for-the-required-netlink-attributes-presence.patch]

Modified: active/CVE-2017-12154
===================================================================
--- active/CVE-2017-12154	2017-10-12 11:38:08 UTC (rev 5644)
+++ active/CVE-2017-12154	2017-10-12 16:58:10 UTC (rev 5645)
@@ -8,8 +8,8 @@
  https://bugzilla.redhat.com/show_bug.cgi?id=1491224
 upstream: released (4.14-rc1) [51aa68e7d57e3217192d88ce90fd5b8ef29ec94f]
 4.9-upstream-stable: released (4.9.53) [86ef97b2dfd504fbc65f6b244a422db0c1b15797]
-3.16-upstream-stable: pending (3.16.49) [kvm-nvmx-don-t-allow-l2-to-access-the-hardware-cr8.patch]
-3.2-upstream-stable: pending (3.2.94) [kvm-nvmx-don-t-allow-l2-to-access-the-hardware-cr8.patch]
+3.16-upstream-stable: released (3.16.49) [423a7a81efb8da25dbbcfe7a33bd8bfdce34150b]
+3.2-upstream-stable: released (3.2.94) [7999f7fc5b2ca4c0b2a96b7fb3dfa4e30274da27]
 sid: released (4.12.13-1) [bugfix/x86/kvm-nvmx-don-t-allow-l2-to-access-the-hardware-cr8.patch]
 4.9-stretch-security: released (4.9.30-2+deb9u4) [bugfix/x86/kvm-nvmx-don-t-allow-l2-to-access-the-hardware-cr8.patch]
 3.16-jessie-security: released (3.16.43-2+deb8u4) [bugfix/x86/kvm-nvmx-don-t-allow-l2-to-access-the-hardware-cr8.patch]

Modified: active/CVE-2017-14156
===================================================================
--- active/CVE-2017-14156	2017-10-12 11:38:08 UTC (rev 5644)
+++ active/CVE-2017-14156	2017-10-12 16:58:10 UTC (rev 5645)
@@ -7,8 +7,8 @@
 Bugs:
 upstream: released (4.14-rc1) [8e75f7a7a00461ef6d91797a60b606367f6e344d]
 4.9-upstream-stable: released (4.9.53) [64afde6f956dfcb719e329a9d2098b53e68d2755]
-3.16-upstream-stable: pending (3.16.49) [video-fbdev-aty-do-not-leak-uninitialized-padding-in-clk-to.patch]
-3.2-upstream-stable: pending (3.2.94) [video-fbdev-aty-do-not-leak-uninitialized-padding-in-clk-to.patch]
+3.16-upstream-stable: released (3.16.49) [093d5ecdeb49c6ad4ea4c1fb39c481e9bcfc1871]
+3.2-upstream-stable: released (3.2.94) [71b8eab658c3569c1b3fe3d4df3334bb3fe85903]
 sid: released (4.12.13-1) [bugfix/all/video-fbdev-aty-do-not-leak-uninitialized-padding-in.patch]
 4.9-stretch-security: released (4.9.30-2+deb9u4) [bugfix/all/video-fbdev-aty-do-not-leak-uninitialized-padding-in.patch]
 3.16-jessie-security: released (3.16.43-2+deb8u4) [bugfix/all/video-fbdev-aty-do-not-leak-uninitialized-padding-in.patch]

Modified: active/CVE-2017-14340
===================================================================
--- active/CVE-2017-14340	2017-10-12 11:38:08 UTC (rev 5644)
+++ active/CVE-2017-14340	2017-10-12 16:58:10 UTC (rev 5645)
@@ -7,8 +7,8 @@
 Bugs:
 upstream: released (4.14-rc1) [b31ff3cdf540110da4572e3e29bd172087af65cc]
 4.9-upstream-stable: released (4.9.50) [5b82e0e938af5d9dfb038e2483cb2a84e24584fd]
-3.16-upstream-stable: pending (3.16.49) [xfs-xfs_is_realtime_inode-should-be-false-if-no-rt-device-present.patch]
-3.2-upstream-stable: pending (3.2.94) [xfs-xfs_is_realtime_inode-should-be-false-if-no-rt-device-present.patch]
+3.16-upstream-stable: released (3.16.49) [1e48f7b93c3a8f1d7bb136ab7fa61e763893a6fd]
+3.2-upstream-stable: released (3.2.94) [90b59e69283444326907eb6c6b447366814d0960]
 sid: released (4.12.13-1)
 4.9-stretch-security: released (4.9.30-2+deb9u4) [bugfix/all/xfs-XFS_IS_REALTIME_INODE-should-be-false-if-no-rt-d.patch]
 3.16-jessie-security: released (3.16.43-2+deb8u4) [bugfix/all/xfs-xfs_is_realtime_inode-should-be-false-if-no-rt-d.patch]

Modified: active/CVE-2017-14489
===================================================================
--- active/CVE-2017-14489	2017-10-12 11:38:08 UTC (rev 5644)
+++ active/CVE-2017-14489	2017-10-12 16:58:10 UTC (rev 5645)
@@ -16,8 +16,8 @@
 Bugs:
 upstream: released (4.14-rc3) [c88f0e6b06f4092995688211a631bb436125d77b]
 4.9-upstream-stable: released (4.9.53) [b42bf0f15cf70926f3a460e7517703fda6191ba7]
-3.16-upstream-stable: pending (3.16.49) [scsi-scsi_transport_iscsi-fix-the-issue-that-iscsi_if_rx-doesn-t.patch]
-3.2-upstream-stable: pending (3.2.94) [scsi-scsi_transport_iscsi-fix-the-issue-that-iscsi_if_rx-doesn-t.patch]
+3.16-upstream-stable: released (3.16.49) [a1b438ad8590add8f6b0b679171bf5e0d45e2da1]
+3.2-upstream-stable: released (3.2.94) [7d38a8202c4a6acf91d6163f53f3253a261bbd22]
 sid: released (4.12.13-1) [bugfix/all/scsi-fix-the-issue-that-iscsi_if_rx-doesn-t-parse-nlmsg-properly.patch]
 4.9-stretch-security: released (4.9.30-2+deb9u4) [bugfix/all/scsi-fix-the-issue-that-iscsi_if_rx-doesn-t-parse-nlmsg-properly.patch]
 3.16-jessie-security: released (3.16.43-2+deb8u4) [bugfix/all/scsi-fix-the-issue-that-iscsi_if_rx-doesn-t-parse-nlmsg-properly.patch]

Modified: active/CVE-2017-8831
===================================================================
--- active/CVE-2017-8831	2017-10-12 11:38:08 UTC (rev 5644)
+++ active/CVE-2017-8831	2017-10-12 16:58:10 UTC (rev 5645)
@@ -7,8 +7,8 @@
  https://bugzilla.kernel.org/show_bug.cgi?id=195559
 upstream: released (4.13-rc1) [6fb05e0dd32e566facb96ea61a48c7488daa5ac3]
 4.9-upstream-stable: released (4.9.42) [12d17d78e3f74b5022f61eee7d6de082e472a401]
-3.16-upstream-stable: pending (3.16.49) [saa7164-fix-double-fetch-pcie-access-condition.patch]
-3.2-upstream-stable: pending (3.2.94) [saa7164-fix-double-fetch-pcie-access-condition.patch]
+3.16-upstream-stable: released (3.16.49) [f6c711a2f630b15479466f5b25b25850b04a7106]
+3.2-upstream-stable: released (3.2.94) [10c59d27363eba9fece1965293f83d865ba532be]
 sid: released (4.12.6-1)
 4.9-stretch-security: released (4.9.47-1)
 3.16-jessie-security: needed

More information about the kernel-sec-discuss mailing list