[kernel-sec-discuss] [Git][kernel-team/kernel-sec][master] Fill in status of new issues

Ben Hutchings gitlab at salsa.debian.org
Thu Jan 18 06:04:37 UTC 2018 

Ben Hutchings pushed to branch master at Debian kernel team / kernel-sec


Commits:
860a6e21 by Ben Hutchings at 2018-01-18T06:04:32+00:00
Fill in status of new issues

- - - - -


2 changed files:

- active/CVE-2018-1000004
- active/CVE-2018-5703


Changes:

=====================================
active/CVE-2018-1000004
=====================================
--- a/active/CVE-2018-1000004
+++ b/active/CVE-2018-1000004
@@ -4,12 +4,13 @@ References:
 Notes:
  carnil> Not yet merged in Linus tree but pending via
  carnil> https://git.kernel.org/pub/scm/linux/kernel/git/tiwai/sound.git/commit/?h=for-linus&id=b3defb791b26ea0683a93a4f49c77ec45ec96f10
+ bwh> Reporter says the bug is present in 2.6
 Bugs:
 upstream: pending [b3defb791b26ea0683a93a4f49c77ec45ec96f10]
-4.9-upstream-stable:
-3.16-upstream-stable:
-3.2-upstream-stable:
-sid:
-4.9-stretch-security:
-3.16-jessie-security:
-3.2-wheezy-security:
+4.9-upstream-stable: needed
+3.16-upstream-stable: needed
+3.2-upstream-stable: needed
+sid: needed
+4.9-stretch-security: needed
+3.16-jessie-security: needed
+3.2-wheezy-security: needed


=====================================
active/CVE-2018-5703
=====================================
--- a/active/CVE-2018-5703
+++ b/active/CVE-2018-5703
@@ -3,12 +3,13 @@ References:
  https://patchwork.ozlabs.org/patch/801530/
  https://lkml.org/lkml/2018/1/16/53
 Notes:
+ bwh> This bug is in the kernel TLS implementation added in 4.13
 Bugs:
-upstream:
-4.9-upstream-stable:
-3.16-upstream-stable:
-3.2-upstream-stable:
-sid:
-4.9-stretch-security:
-3.16-jessie-security:
-3.2-wheezy-security:
+upstream: needed
+4.9-upstream-stable: N/A "Vulnerable code not present"
+3.16-upstream-stable: N/A "Vulnerable code not present"
+3.2-upstream-stable: N/A "Vulnerable code not present"
+sid: needed
+4.9-stretch-security: N/A "Vulnerable code not present"
+3.16-jessie-security: N/A "Vulnerable code not present"
+3.2-wheezy-security: N/A "Vulnerable code not present"



View it on GitLab: https://salsa.debian.org/kernel-team/kernel-sec/commit/860a6e2198f4043155332e4c2cce0a21cef9ffa1

---
View it on GitLab: https://salsa.debian.org/kernel-team/kernel-sec/commit/860a6e2198f4043155332e4c2cce0a21cef9ffa1
You're receiving this email because of your account on salsa.debian.org.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.alioth.debian.org/pipermail/kernel-sec-discuss/attachments/20180118/fbe17022/attachment-0001.html>

More information about the kernel-sec-discuss mailing list