[kernel-sec-discuss] r5559 - active

Ben Hutchings benh at moszumanska.debian.org
Mon Sep 18 02:27:16 UTC 2017


Author: benh
Date: 2017-09-18 02:27:16 +0000 (Mon, 18 Sep 2017)
New Revision: 5559

Modified:
   active/CVE-2017-1000251
   active/CVE-2017-12134
   active/CVE-2017-12153
   active/CVE-2017-12154
   active/CVE-2017-14051
   active/CVE-2017-14106
   active/CVE-2017-14140
   active/CVE-2017-14156
   active/CVE-2017-14340
   active/CVE-2017-14489
Log:
Mark issues pending for jessie

Modified: active/CVE-2017-1000251
===================================================================
--- active/CVE-2017-1000251	2017-09-18 02:01:58 UTC (rev 5558)
+++ active/CVE-2017-1000251	2017-09-18 02:27:16 UTC (rev 5559)
@@ -13,5 +13,5 @@
 3.2-upstream-stable: needed
 sid: pending (4.12.12-3) [bugfix/all/Bluetooth-Properly-check-L2CAP-config-option-output-.patch]
 4.9-stretch-security: needed
-3.16-jessie-security: needed
+3.16-jessie-security: pending (3.16.43-2+deb8u4) [bugfix/all/bluetooth-properly-check-l2cap-config-option-output-.patch]
 3.2-wheezy-security: pending (3.2.93-1) [bugfix/all/bluetooth-properly-check-l2cap-config-option-output-.patch]

Modified: active/CVE-2017-12134
===================================================================
--- active/CVE-2017-12134	2017-09-18 02:01:58 UTC (rev 5558)
+++ active/CVE-2017-12134	2017-09-18 02:27:16 UTC (rev 5559)
@@ -9,5 +9,5 @@
 3.2-upstream-stable: released (3.2.93) [33bab9221e22bab4ddc167f6c49b6ca9c35c2ccf]
 sid: released (4.12.12-1)
 4.9-stretch-security: needed
-3.16-jessie-security: needed
+3.16-jessie-security: pending (3.16.43-2+deb8u4) [bugfix/all/xen-fix-bio-vec-merging.patch]
 3.2-wheezy-security: pending (3.2.93-1)

Modified: active/CVE-2017-12153
===================================================================
--- active/CVE-2017-12153	2017-09-18 02:01:58 UTC (rev 5558)
+++ active/CVE-2017-12153	2017-09-18 02:27:16 UTC (rev 5559)
@@ -12,5 +12,5 @@
 3.2-upstream-stable: needed
 sid: needed
 4.9-stretch-security: needed
-3.16-jessie-security: needed
+3.16-jessie-security: pending (3.16.43-2+deb8u4) [bugfix/all/nl80211-check-for-the-required-netlink-attributes-presence.patch]
 3.2-wheezy-security: pending (3.2.93-1) [bugfix/all/nl80211-check-for-the-required-netlink-attributes-presence.patch]

Modified: active/CVE-2017-12154
===================================================================
--- active/CVE-2017-12154	2017-09-18 02:01:58 UTC (rev 5558)
+++ active/CVE-2017-12154	2017-09-18 02:27:16 UTC (rev 5559)
@@ -12,5 +12,5 @@
 3.2-upstream-stable: needed
 sid: needed
 4.9-stretch-security: needed
-3.16-jessie-security: needed
+3.16-jessie-security: pending (3.16.43-2+deb8u4) [bugfix/x86/kvm-nvmx-don-t-allow-l2-to-access-the-hardware-cr8.patch]
 3.2-wheezy-security: pending (3.2.93-1) [bugfix/x86/kvm-nvmx-don-t-allow-l2-to-access-the-hardware-cr8.patch]

Modified: active/CVE-2017-14051
===================================================================
--- active/CVE-2017-14051	2017-09-18 02:01:58 UTC (rev 5558)
+++ active/CVE-2017-14051	2017-09-18 02:27:16 UTC (rev 5559)
@@ -10,5 +10,5 @@
 3.2-upstream-stable: needed
 sid: pending (4.12.12-3) [bugfix/all/scsi-qla2xxx-Fix-an-integer-overflow-in-sysfs-code.patch]
 4.9-stretch-security: needed
-3.16-jessie-security: needed
+3.16-jessie-security: pending (3.16.43-2+deb8u4) [bugfix/all/scsi-qla2xxx-fix-an-integer-overflow-in-sysfs-code.patch]
 3.2-wheezy-security: needed

Modified: active/CVE-2017-14106
===================================================================
--- active/CVE-2017-14106	2017-09-18 02:01:58 UTC (rev 5558)
+++ active/CVE-2017-14106	2017-09-18 02:27:16 UTC (rev 5559)
@@ -11,5 +11,5 @@
 3.2-upstream-stable: released (3.2.93) [16a0303d3f6b222044de5d33c01cbdf590050473]
 sid: released (4.12.6-1)
 4.9-stretch-security: needed
-3.16-jessie-security: needed
+3.16-jessie-security: pending (3.16.43-2+deb8u4) [bugfix/all/tcp-initialize-rcv_mss-to-tcp_min_mss-instead-of-0.patch]
 3.2-wheezy-security: pending (3.2.93-1)

Modified: active/CVE-2017-14140
===================================================================
--- active/CVE-2017-14140	2017-09-18 02:01:58 UTC (rev 5558)
+++ active/CVE-2017-14140	2017-09-18 02:27:16 UTC (rev 5559)
@@ -8,5 +8,5 @@
 3.2-upstream-stable: released (3.2.93) [a9a659c916c81b3385479ee00d4547912f08abf6]
 sid: released (4.12.12-1)
 4.9-stretch-security: needed
-3.16-jessie-security: needed
+3.16-jessie-security: pending (3.16.43-2+deb8u4) [bugfix/all/sanitize-move_pages-permission-checks.patch]
 3.2-wheezy-security: pending (3.2.93-1)

Modified: active/CVE-2017-14156
===================================================================
--- active/CVE-2017-14156	2017-09-18 02:01:58 UTC (rev 5558)
+++ active/CVE-2017-14156	2017-09-18 02:27:16 UTC (rev 5559)
@@ -11,5 +11,5 @@
 3.2-upstream-stable: needed
 sid: needed
 4.9-stretch-security: needed
-3.16-jessie-security: needed
+3.16-jessie-security: pending (3.16.43-2+deb8u4) [bugfix/all/video-fbdev-aty-do-not-leak-uninitialized-padding-in.patch]
 3.2-wheezy-security: pending (3.2.93-1) [bugfix/all/video-fbdev-aty-do-not-leak-uninitialized-padding-in.patch]

Modified: active/CVE-2017-14340
===================================================================
--- active/CVE-2017-14340	2017-09-18 02:01:58 UTC (rev 5558)
+++ active/CVE-2017-14340	2017-09-18 02:27:16 UTC (rev 5559)
@@ -11,5 +11,5 @@
 3.2-upstream-stable: needed
 sid: pending (4.12.12-3) [bugfix/all/xfs-XFS_IS_REALTIME_INODE-should-be-false-if-no-rt-d.patch] needed
 4.9-stretch-security: needed
-3.16-jessie-security: needed
+3.16-jessie-security: pending (3.16.43-2+deb8u4) [bugfix/all/xfs-xfs_is_realtime_inode-should-be-false-if-no-rt-d.patch]
 3.2-wheezy-security: pending (3.2.93-1) [bugfix/all/xfs-xfs_is_realtime_inode-should-be-false-if-no-rt-d.patch]

Modified: active/CVE-2017-14489
===================================================================
--- active/CVE-2017-14489	2017-09-18 02:01:58 UTC (rev 5558)
+++ active/CVE-2017-14489	2017-09-18 02:27:16 UTC (rev 5559)
@@ -13,5 +13,5 @@
 3.2-upstream-stable: needed
 sid: needed
 4.9-stretch-security: needed
-3.16-jessie-security: needed
+3.16-jessie-security: pending (3.16.43-2+deb8u4) [bugfix/all/scsi-fix-the-issue-that-iscsi_if_rx-doesn-t-parse-nlmsg-properly.patch]
 3.2-wheezy-security: pending (3.2.93-1) [bugfix/all/scsi-fix-the-issue-that-iscsi_if_rx-doesn-t-parse-nlmsg-properly.patch]




More information about the kernel-sec-discuss mailing list