[kernel-sec-discuss] r5585 - active
Salvatore Bonaccorso
carnil at moszumanska.debian.org
Wed Sep 20 20:22:22 UTC 2017
Author: carnil
Date: 2017-09-20 20:22:21 +0000 (Wed, 20 Sep 2017)
New Revision: 5585
Modified:
active/CVE-2017-1000111
active/CVE-2017-1000112
active/CVE-2017-1000251
active/CVE-2017-1000252
active/CVE-2017-1000370
active/CVE-2017-1000371
active/CVE-2017-1000380
active/CVE-2017-10661
active/CVE-2017-11600
active/CVE-2017-12134
active/CVE-2017-12146
active/CVE-2017-12153
active/CVE-2017-12154
active/CVE-2017-14051
active/CVE-2017-14106
active/CVE-2017-14140
active/CVE-2017-14156
active/CVE-2017-14340
active/CVE-2017-14489
active/CVE-2017-14497
active/CVE-2017-7518
active/CVE-2017-7558
Log:
mark 4.9.30-2+deb9u4 and 3.16.43-2+deb8u4 as released
Note: those are the versions tagged in the git repo which contain the
fix. The DSA text will use deb8u5 and deb9u5 since there was a followup
update and the first version *users* will see with the DSA is more or
less only the deb8u5 and deb9u5 (although deb8u4 and deb9u4 will be
installed as well technically into the archive).
Slight discrepancy but prefered to have the actual correct taged version
in kernel-sec tracking.
Modified: active/CVE-2017-1000111
===================================================================
--- active/CVE-2017-1000111 2017-09-20 20:18:40 UTC (rev 5584)
+++ active/CVE-2017-1000111 2017-09-20 20:22:21 UTC (rev 5585)
@@ -8,6 +8,6 @@
3.16-upstream-stable: released (3.16.47) [ec26c86f4d9fe22ceb9b997aa9134f684b756282]
3.2-upstream-stable: released (3.2.92) [8f716035da0ad35d5a65668eb3c10aad6c439d7b]
sid: released (4.12.6-1) [bugfix/all/packet-fix-tp_reserve-race-in-packet_set_ring.patch]
-4.9-stretch-security: pending (4.9.30-2+deb9u4) [bugfix/all/packet-fix-tp_reserve-race-in-packet_set_ring.patch]
-3.16-jessie-security: pending (3.16.43-2+deb8u4) [bugfix/all/packet-fix-tp_reserve-race-in-packet_set_ring.patch]
+4.9-stretch-security: released (4.9.30-2+deb9u4) [bugfix/all/packet-fix-tp_reserve-race-in-packet_set_ring.patch]
+3.16-jessie-security: released (3.16.43-2+deb8u4) [bugfix/all/packet-fix-tp_reserve-race-in-packet_set_ring.patch]
3.2-wheezy-security: pending (3.2.93-1)
Modified: active/CVE-2017-1000112
===================================================================
--- active/CVE-2017-1000112 2017-09-20 20:18:40 UTC (rev 5584)
+++ active/CVE-2017-1000112 2017-09-20 20:22:21 UTC (rev 5585)
@@ -13,6 +13,6 @@
3.16-upstream-stable: released (3.16.47) [08676246d893e3a42a541a2ef1291f2ea62c5b06]
3.2-upstream-stable: needed
sid: released (4.12.6-1) [bugfix/all/udp-consistently-apply-ufo-or-fragmentation.patch]
-4.9-stretch-security: pending (4.9.30-2+deb9u4) [bugfix/all/udp-consistently-apply-ufo-or-fragmentation.patch]
-3.16-jessie-security: pending (3.16.43-2+deb8u4) [bugfix/all/udp-consistently-apply-ufo-or-fragmentation.patch]
+4.9-stretch-security: released (4.9.30-2+deb9u4) [bugfix/all/udp-consistently-apply-ufo-or-fragmentation.patch]
+3.16-jessie-security: released (3.16.43-2+deb8u4) [bugfix/all/udp-consistently-apply-ufo-or-fragmentation.patch]
3.2-wheezy-security: needed
Modified: active/CVE-2017-1000251
===================================================================
--- active/CVE-2017-1000251 2017-09-20 20:18:40 UTC (rev 5584)
+++ active/CVE-2017-1000251 2017-09-20 20:22:21 UTC (rev 5585)
@@ -12,6 +12,6 @@
3.16-upstream-stable: needed
3.2-upstream-stable: needed
sid: released (4.12.13-1)
-4.9-stretch-security: pending (4.9.30-2+deb9u4) [bugfix/all/bluetooth-properly-check-l2cap-config-option-output-.patch]
-3.16-jessie-security: pending (3.16.43-2+deb8u4) [bugfix/all/bluetooth-properly-check-l2cap-config-option-output-.patch]
+4.9-stretch-security: released (4.9.30-2+deb9u4) [bugfix/all/bluetooth-properly-check-l2cap-config-option-output-.patch]
+3.16-jessie-security: released (3.16.43-2+deb8u4) [bugfix/all/bluetooth-properly-check-l2cap-config-option-output-.patch]
3.2-wheezy-security: pending (3.2.93-1) [bugfix/all/bluetooth-properly-check-l2cap-config-option-output-.patch]
Modified: active/CVE-2017-1000252
===================================================================
--- active/CVE-2017-1000252 2017-09-20 20:18:40 UTC (rev 5584)
+++ active/CVE-2017-1000252 2017-09-20 20:22:21 UTC (rev 5585)
@@ -11,6 +11,6 @@
3.16-upstream-stable: N/A "Vulnerable code introduced in 4.4-rc1 with efc644048ecde54f016011fe10110addd0de348f"
3.2-upstream-stable: N/A "Vulnerable code introduced in 4.4-rc1 with efc644048ecde54f016011fe10110addd0de348f"
sid: released (4.12.13-1) [bugfix/x86/kvm-vmx-do-not-bug-on-out-of-bounds-guest-irq.patch]
-4.9-stretch-security: pending (4.9.30-2+deb9u4) [bugfix/x86/kvm-vmx-do-not-bug-on-out-of-bounds-guest-irq.patch]
+4.9-stretch-security: released (4.9.30-2+deb9u4) [bugfix/x86/kvm-vmx-do-not-bug-on-out-of-bounds-guest-irq.patch]
3.16-jessie-security: N/A 'Vulnerable code not present"
3.2-wheezy-security: N/A 'Vulnerable code not present"
Modified: active/CVE-2017-1000370
===================================================================
--- active/CVE-2017-1000370 2017-09-20 20:18:40 UTC (rev 5584)
+++ active/CVE-2017-1000370 2017-09-20 20:22:21 UTC (rev 5585)
@@ -11,6 +11,6 @@
3.16-upstream-stable: N/A "Memory layout is different"
3.2-upstream-stable: N/A "Memory layout is different"
sid: released (4.11.11-1) [bugfix/all/binfmt_elf-use-elf_et_dyn_base-only-for-pie.patch]
-4.9-stretch-security: pending (4.9.30-2+deb9u4) [bugfix/all/binfmt_elf-use-elf_et_dyn_base-only-for-pie.patch]
-3.16-jessie-security: pending (3.16.43-2+deb8u4) [bugfix/all/pie-aslr/binfmt_elf-use-elf_et_dyn_base-only-for-pie.patch]
+4.9-stretch-security: released (4.9.30-2+deb9u4) [bugfix/all/binfmt_elf-use-elf_et_dyn_base-only-for-pie.patch]
+3.16-jessie-security: released (3.16.43-2+deb8u4) [bugfix/all/pie-aslr/binfmt_elf-use-elf_et_dyn_base-only-for-pie.patch]
3.2-wheezy-security: N/A "Memory layout is different"
Modified: active/CVE-2017-1000371
===================================================================
--- active/CVE-2017-1000371 2017-09-20 20:18:40 UTC (rev 5584)
+++ active/CVE-2017-1000371 2017-09-20 20:22:21 UTC (rev 5585)
@@ -11,6 +11,6 @@
3.16-upstream-stable: N/A "Memory layout is different"
3.2-upstream-stable: N/A "Memory layout is different"
sid: released (4.11.11-1) [bugfix/all/binfmt_elf-use-elf_et_dyn_base-only-for-pie.patch]
-4.9-stretch-security: pending (4.9.30-2+deb9u4) [bugfix/all/binfmt_elf-use-elf_et_dyn_base-only-for-pie.patch]
-3.16-jessie-security: pending (3.16.43-2+deb8u4) [bugfix/all/pie-aslr/binfmt_elf-use-elf_et_dyn_base-only-for-pie.patch]
+4.9-stretch-security: released (4.9.30-2+deb9u4) [bugfix/all/binfmt_elf-use-elf_et_dyn_base-only-for-pie.patch]
+3.16-jessie-security: released (3.16.43-2+deb8u4) [bugfix/all/pie-aslr/binfmt_elf-use-elf_et_dyn_base-only-for-pie.patch]
3.2-wheezy-security: N/A "Memory layout is different"
Modified: active/CVE-2017-1000380
===================================================================
--- active/CVE-2017-1000380 2017-09-20 20:18:40 UTC (rev 5584)
+++ active/CVE-2017-1000380 2017-09-20 20:22:21 UTC (rev 5585)
@@ -8,6 +8,6 @@
3.16-upstream-stable: released (3.16.46) [334e9205dd0c61ec83dfafac51b1947584179bf1, a2ba2aff79410d4abd5341332300fef8e0f55d0f]
3.2-upstream-stable: released (3.2.91) [7aba7242b83b6e9a56a8eb875d669cfab4eff542, 128b87e76b86adcfae4a6658085dceb8234d5e75]
sid: released (4.11.6-1)
-4.9-stretch-security: pending (4.9.30-2+deb9u4) [bugfix/all/alsa-timer-fix-race-between-read-and-ioctl.patch, bugfix/all/alsa-timer-fix-missing-queue-indices-reset-at.patch]
-3.16-jessie-security: pending (3.16.43-2+deb8u4) [bugfix/all/alsa-timer-fix-race-between-read-and-ioctl.patch, bugfix/all/alsa-timer-fix-missing-queue-indices-reset-at.patch]
+4.9-stretch-security: released (4.9.30-2+deb9u4) [bugfix/all/alsa-timer-fix-race-between-read-and-ioctl.patch, bugfix/all/alsa-timer-fix-missing-queue-indices-reset-at.patch]
+3.16-jessie-security: released (3.16.43-2+deb8u4) [bugfix/all/alsa-timer-fix-race-between-read-and-ioctl.patch, bugfix/all/alsa-timer-fix-missing-queue-indices-reset-at.patch]
3.2-wheezy-security: pending (3.2.93-1)
Modified: active/CVE-2017-10661
===================================================================
--- active/CVE-2017-10661 2017-09-20 20:18:40 UTC (rev 5584)
+++ active/CVE-2017-10661 2017-09-20 20:22:21 UTC (rev 5585)
@@ -11,5 +11,5 @@
3.2-upstream-stable: released (3.2.92) [1b31fcb21779ddbe0b49f519830e203fe0586688]
sid: released (4.9.30-1)
4.9-stretch-security: N/A "Fixed before initial release of stretch"
-3.16-jessie-security: pending (3.16.43-2+deb8u4) [bugfix/all/timerfd-protect-the-might-cancel-mechanism-proper.patch]
+3.16-jessie-security: released (3.16.43-2+deb8u4) [bugfix/all/timerfd-protect-the-might-cancel-mechanism-proper.patch]
3.2-wheezy-security: pending (3.2.93-1)
Modified: active/CVE-2017-11600
===================================================================
--- active/CVE-2017-11600 2017-09-20 20:18:40 UTC (rev 5584)
+++ active/CVE-2017-11600 2017-09-20 20:22:21 UTC (rev 5585)
@@ -13,6 +13,6 @@
3.16-upstream-stable: released (3.16.48) [60166dc935e2af97cae9432c0247856e2deb0b3f]
3.2-upstream-stable: released (3.2.93) [31f11713f7bb0a4cb90466331832658c0b9c9e80]
sid: released (4.12.6-1) [bugfix/all/xfrm-policy-check-policy-direction-value.patch]
-4.9-stretch-security: pending (4.9.30-2+deb9u4) [bugfix/all/xfrm-policy-check-policy-direction-value.patch]
-3.16-jessie-security: pending (3.16.43-2+deb8u4) [bugfix/all/xfrm-policy-check-policy-direction-value.patch]
+4.9-stretch-security: released (4.9.30-2+deb9u4) [bugfix/all/xfrm-policy-check-policy-direction-value.patch]
+3.16-jessie-security: released (3.16.43-2+deb8u4) [bugfix/all/xfrm-policy-check-policy-direction-value.patch]
3.2-wheezy-security: pending (3.2.93-1)
Modified: active/CVE-2017-12134
===================================================================
--- active/CVE-2017-12134 2017-09-20 20:18:40 UTC (rev 5584)
+++ active/CVE-2017-12134 2017-09-20 20:22:21 UTC (rev 5585)
@@ -8,6 +8,6 @@
3.16-upstream-stable: released (3.16.48) [f664b0113d2bb8d4bcdf5d03b72eb4c433ded452]
3.2-upstream-stable: released (3.2.93) [33bab9221e22bab4ddc167f6c49b6ca9c35c2ccf]
sid: released (4.12.12-1)
-4.9-stretch-security: pending (4.9.30-2+deb9u4) [bugfix/all/xen-fix-bio-vec-merging.patch]
-3.16-jessie-security: pending (3.16.43-2+deb8u4) [bugfix/all/xen-fix-bio-vec-merging.patch]
+4.9-stretch-security: released (4.9.30-2+deb9u4) [bugfix/all/xen-fix-bio-vec-merging.patch]
+3.16-jessie-security: released (3.16.43-2+deb8u4) [bugfix/all/xen-fix-bio-vec-merging.patch]
3.2-wheezy-security: pending (3.2.93-1)
Modified: active/CVE-2017-12146
===================================================================
--- active/CVE-2017-12146 2017-09-20 20:18:40 UTC (rev 5584)
+++ active/CVE-2017-12146 2017-09-20 20:22:21 UTC (rev 5585)
@@ -8,6 +8,6 @@
3.16-upstream-stable: N/A "Vulnerable code introduced in 3.17-rc1 with 3d713e0e382e6fcfb4bba1501645b66c129ad60b"
3.2-upstream-stable: N/A "Vulnerable code introduced in 3.17-rc1 with 3d713e0e382e6fcfb4bba1501645b66c129ad60b"
sid: released (4.11.11-1)
-4.9-stretch-security: pending (4.9.30-2+deb9u4) [bugfix/all/driver-core-platform-fix-race-condition-with-driver_.patch]
+4.9-stretch-security: released (4.9.30-2+deb9u4) [bugfix/all/driver-core-platform-fix-race-condition-with-driver_.patch]
3.16-jessie-security: N/A "Vulnerable code not present"
3.2-wheezy-security: N/A "Vulnerable code not present"
Modified: active/CVE-2017-12153
===================================================================
--- active/CVE-2017-12153 2017-09-20 20:18:40 UTC (rev 5584)
+++ active/CVE-2017-12153 2017-09-20 20:22:21 UTC (rev 5585)
@@ -11,6 +11,6 @@
3.16-upstream-stable: needed
3.2-upstream-stable: needed
sid: released (4.12.13-1) [bugfix/all/nl80211-check-for-the-required-netlink-attributes-presence.patch]
-4.9-stretch-security: pending (4.9.30-2+deb9u4) [bugfix/all/nl80211-check-for-the-required-netlink-attributes-presence.patch]
-3.16-jessie-security: pending (3.16.43-2+deb8u4) [bugfix/all/nl80211-check-for-the-required-netlink-attributes-presence.patch]
+4.9-stretch-security: released (4.9.30-2+deb9u4) [bugfix/all/nl80211-check-for-the-required-netlink-attributes-presence.patch]
+3.16-jessie-security: released (3.16.43-2+deb8u4) [bugfix/all/nl80211-check-for-the-required-netlink-attributes-presence.patch]
3.2-wheezy-security: pending (3.2.93-1) [bugfix/all/nl80211-check-for-the-required-netlink-attributes-presence.patch]
Modified: active/CVE-2017-12154
===================================================================
--- active/CVE-2017-12154 2017-09-20 20:18:40 UTC (rev 5584)
+++ active/CVE-2017-12154 2017-09-20 20:22:21 UTC (rev 5585)
@@ -11,6 +11,6 @@
3.16-upstream-stable: needed
3.2-upstream-stable: needed
sid: released (4.12.13-1) [bugfix/x86/kvm-nvmx-don-t-allow-l2-to-access-the-hardware-cr8.patch]
-4.9-stretch-security: pending (4.9.30-2+deb9u4) [bugfix/x86/kvm-nvmx-don-t-allow-l2-to-access-the-hardware-cr8.patch]
-3.16-jessie-security: pending (3.16.43-2+deb8u4) [bugfix/x86/kvm-nvmx-don-t-allow-l2-to-access-the-hardware-cr8.patch]
+4.9-stretch-security: released (4.9.30-2+deb9u4) [bugfix/x86/kvm-nvmx-don-t-allow-l2-to-access-the-hardware-cr8.patch]
+3.16-jessie-security: released (3.16.43-2+deb8u4) [bugfix/x86/kvm-nvmx-don-t-allow-l2-to-access-the-hardware-cr8.patch]
3.2-wheezy-security: pending (3.2.93-1) [bugfix/x86/kvm-nvmx-don-t-allow-l2-to-access-the-hardware-cr8.patch]
Modified: active/CVE-2017-14051
===================================================================
--- active/CVE-2017-14051 2017-09-20 20:18:40 UTC (rev 5584)
+++ active/CVE-2017-14051 2017-09-20 20:22:21 UTC (rev 5585)
@@ -9,6 +9,6 @@
3.16-upstream-stable: needed
3.2-upstream-stable: needed
sid: released (4.12.13-1) [bugfix/all/scsi-qla2xxx-Fix-an-integer-overflow-in-sysfs-code.patch]
-4.9-stretch-security: pending (4.9.30-2+deb9u4) [bugfix/all/scsi-qla2xxx-fix-an-integer-overflow-in-sysfs-code.patch]
-3.16-jessie-security: pending (3.16.43-2+deb8u4) [bugfix/all/scsi-qla2xxx-fix-an-integer-overflow-in-sysfs-code.patch]
+4.9-stretch-security: released (4.9.30-2+deb9u4) [bugfix/all/scsi-qla2xxx-fix-an-integer-overflow-in-sysfs-code.patch]
+3.16-jessie-security: released (3.16.43-2+deb8u4) [bugfix/all/scsi-qla2xxx-fix-an-integer-overflow-in-sysfs-code.patch]
3.2-wheezy-security: needed
Modified: active/CVE-2017-14106
===================================================================
--- active/CVE-2017-14106 2017-09-20 20:18:40 UTC (rev 5584)
+++ active/CVE-2017-14106 2017-09-20 20:22:21 UTC (rev 5585)
@@ -10,6 +10,6 @@
3.16-upstream-stable: released (3.16.48) [32cb2d4a59d0512aa825e7f0352f66063482cc07]
3.2-upstream-stable: released (3.2.93) [16a0303d3f6b222044de5d33c01cbdf590050473]
sid: released (4.12.6-1)
-4.9-stretch-security: pending (4.9.30-2+deb9u4) [bugfix/all/tcp-initialize-rcv_mss-to-tcp_min_mss-instead-of-0.patch]
-3.16-jessie-security: pending (3.16.43-2+deb8u4) [bugfix/all/tcp-initialize-rcv_mss-to-tcp_min_mss-instead-of-0.patch]
+4.9-stretch-security: released (4.9.30-2+deb9u4) [bugfix/all/tcp-initialize-rcv_mss-to-tcp_min_mss-instead-of-0.patch]
+3.16-jessie-security: released (3.16.43-2+deb8u4) [bugfix/all/tcp-initialize-rcv_mss-to-tcp_min_mss-instead-of-0.patch]
3.2-wheezy-security: pending (3.2.93-1)
Modified: active/CVE-2017-14140
===================================================================
--- active/CVE-2017-14140 2017-09-20 20:18:40 UTC (rev 5584)
+++ active/CVE-2017-14140 2017-09-20 20:22:21 UTC (rev 5585)
@@ -7,6 +7,6 @@
3.16-upstream-stable: released (3.16.48) [b5a16892623afec2d3212b963dd688b258002b4b]
3.2-upstream-stable: released (3.2.93) [a9a659c916c81b3385479ee00d4547912f08abf6]
sid: released (4.12.12-1)
-4.9-stretch-security: pending (4.9.30-2+deb9u4) [bugfix/all/sanitize-move_pages-permission-checks.patch]
-3.16-jessie-security: pending (3.16.43-2+deb8u4) [bugfix/all/sanitize-move_pages-permission-checks.patch]
+4.9-stretch-security: released (4.9.30-2+deb9u4) [bugfix/all/sanitize-move_pages-permission-checks.patch]
+3.16-jessie-security: released (3.16.43-2+deb8u4) [bugfix/all/sanitize-move_pages-permission-checks.patch]
3.2-wheezy-security: pending (3.2.93-1)
Modified: active/CVE-2017-14156
===================================================================
--- active/CVE-2017-14156 2017-09-20 20:18:40 UTC (rev 5584)
+++ active/CVE-2017-14156 2017-09-20 20:22:21 UTC (rev 5585)
@@ -10,6 +10,6 @@
3.16-upstream-stable: needed
3.2-upstream-stable: needed
sid: released (4.12.13-1) [bugfix/all/video-fbdev-aty-do-not-leak-uninitialized-padding-in.patch]
-4.9-stretch-security: pending (4.9.30-2+deb9u4) [bugfix/all/video-fbdev-aty-do-not-leak-uninitialized-padding-in.patch]
-3.16-jessie-security: pending (3.16.43-2+deb8u4) [bugfix/all/video-fbdev-aty-do-not-leak-uninitialized-padding-in.patch]
+4.9-stretch-security: released (4.9.30-2+deb9u4) [bugfix/all/video-fbdev-aty-do-not-leak-uninitialized-padding-in.patch]
+3.16-jessie-security: released (3.16.43-2+deb8u4) [bugfix/all/video-fbdev-aty-do-not-leak-uninitialized-padding-in.patch]
3.2-wheezy-security: pending (3.2.93-1) [bugfix/all/video-fbdev-aty-do-not-leak-uninitialized-padding-in.patch]
Modified: active/CVE-2017-14340
===================================================================
--- active/CVE-2017-14340 2017-09-20 20:18:40 UTC (rev 5584)
+++ active/CVE-2017-14340 2017-09-20 20:22:21 UTC (rev 5585)
@@ -10,6 +10,6 @@
3.16-upstream-stable: needed
3.2-upstream-stable: needed
sid: released (4.12.13-1)
-4.9-stretch-security: pending (4.9.30-2+deb9u4) [bugfix/all/xfs-XFS_IS_REALTIME_INODE-should-be-false-if-no-rt-d.patch]
-3.16-jessie-security: pending (3.16.43-2+deb8u4) [bugfix/all/xfs-xfs_is_realtime_inode-should-be-false-if-no-rt-d.patch]
+4.9-stretch-security: released (4.9.30-2+deb9u4) [bugfix/all/xfs-XFS_IS_REALTIME_INODE-should-be-false-if-no-rt-d.patch]
+3.16-jessie-security: released (3.16.43-2+deb8u4) [bugfix/all/xfs-xfs_is_realtime_inode-should-be-false-if-no-rt-d.patch]
3.2-wheezy-security: pending (3.2.93-1) [bugfix/all/xfs-xfs_is_realtime_inode-should-be-false-if-no-rt-d.patch]
Modified: active/CVE-2017-14489
===================================================================
--- active/CVE-2017-14489 2017-09-20 20:18:40 UTC (rev 5584)
+++ active/CVE-2017-14489 2017-09-20 20:22:21 UTC (rev 5585)
@@ -12,6 +12,6 @@
3.16-upstream-stable: needed
3.2-upstream-stable: needed
sid: released (4.12.13-1) [bugfix/all/scsi-fix-the-issue-that-iscsi_if_rx-doesn-t-parse-nlmsg-properly.patch]
-4.9-stretch-security: pending (4.9.30-2+deb9u4) [bugfix/all/scsi-fix-the-issue-that-iscsi_if_rx-doesn-t-parse-nlmsg-properly.patch]
-3.16-jessie-security: pending (3.16.43-2+deb8u4) [bugfix/all/scsi-fix-the-issue-that-iscsi_if_rx-doesn-t-parse-nlmsg-properly.patch]
+4.9-stretch-security: released (4.9.30-2+deb9u4) [bugfix/all/scsi-fix-the-issue-that-iscsi_if_rx-doesn-t-parse-nlmsg-properly.patch]
+3.16-jessie-security: released (3.16.43-2+deb8u4) [bugfix/all/scsi-fix-the-issue-that-iscsi_if_rx-doesn-t-parse-nlmsg-properly.patch]
3.2-wheezy-security: pending (3.2.93-1) [bugfix/all/scsi-fix-the-issue-that-iscsi_if_rx-doesn-t-parse-nlmsg-properly.patch]
Modified: active/CVE-2017-14497
===================================================================
--- active/CVE-2017-14497 2017-09-20 20:18:40 UTC (rev 5584)
+++ active/CVE-2017-14497 2017-09-20 20:22:21 UTC (rev 5585)
@@ -10,6 +10,6 @@
3.16-upstream-stable: N/A "Vulnerable code introduced later"
3.2-upstream-stable: N/A "Vulnerable code introduced later"
sid: released (4.12.13-1) [bugfix/all/packet-don-t-write-vnet-header-beyond-end-of-buffer.patch]
-4.9-stretch-security: pending (4.9.30-2+deb9u4) [bugfix/all/packet-don-t-write-vnet-header-beyond-end-of-buffer.patch]
+4.9-stretch-security: released (4.9.30-2+deb9u4) [bugfix/all/packet-don-t-write-vnet-header-beyond-end-of-buffer.patch]
3.16-jessie-security: N/A "Vulnerable code not present"
3.2-wheezy-security: N/A "Vulnerable code not present"
Modified: active/CVE-2017-7518
===================================================================
--- active/CVE-2017-7518 2017-09-20 20:18:40 UTC (rev 5584)
+++ active/CVE-2017-7518 2017-09-20 20:22:21 UTC (rev 5585)
@@ -12,6 +12,6 @@
3.16-upstream-stable: released (3.16.45) [24ee2a286de7ac680ad4b2423c2dcee68444e567]
3.2-upstream-stable: N/A "Vulnerable code not present"
sid: released (4.11.11-1)
-4.9-stretch-security: pending (4.9.30-2+deb9u4) [bugfix/x86/kvm-x86-fix-singlestepping-over-syscall.patch]
-3.16-jessie-security: pending (3.16.43-2+deb8u4) [bugfix/x86/kvm-x86-fix-singlestepping-over-syscall.patch]
+4.9-stretch-security: released (4.9.30-2+deb9u4) [bugfix/x86/kvm-x86-fix-singlestepping-over-syscall.patch]
+3.16-jessie-security: released (3.16.43-2+deb8u4) [bugfix/x86/kvm-x86-fix-singlestepping-over-syscall.patch]
3.2-wheezy-security: N/A "Vulnerable code not present"
Modified: active/CVE-2017-7558
===================================================================
--- active/CVE-2017-7558 2017-09-20 20:18:40 UTC (rev 5584)
+++ active/CVE-2017-7558 2017-09-20 20:22:21 UTC (rev 5585)
@@ -14,6 +14,6 @@
3.16-upstream-stable: N/A "Vulnerable code not present"
3.2-upstream-stable: N/A "Vulnerable code not present"
sid: released (4.12.13-1) [bugfix/all/sctp-Avoid-out-of-bounds-reads-from-address-storage.patch]
-4.9-stretch-security: pending (4.9.30-2+deb9u4) [bugfix/all/sctp-Avoid-out-of-bounds-reads-from-address-storage.patch]
+4.9-stretch-security: released (4.9.30-2+deb9u4) [bugfix/all/sctp-Avoid-out-of-bounds-reads-from-address-storage.patch]
3.16-jessie-security: N/A "Vulnerable code not present"
3.2-wheezy-security: N/A "Vulnerable code not present"
More information about the kernel-sec-discuss
mailing list