[kernel-sec-discuss] r3262 - active retired

Moritz Muehlenhoff jmm at moszumanska.debian.org
Thu Mar 20 06:33:01 UTC 2014 

Author: jmm
Date: 2014-03-20 06:31:57 +0000 (Thu, 20 Mar 2014)
New Revision: 3262

Added:
   retired/CVE-2014-0049
   retired/CVE-2014-0100
   retired/CVE-2014-0102
Removed:
   active/CVE-2014-0049
   active/CVE-2014-0100
   active/CVE-2014-0102
Log:
retire


Deleted: active/CVE-2014-0049
===================================================================
--- active/CVE-2014-0049	2014-03-20 01:49:40 UTC (rev 3261)
+++ active/CVE-2014-0049	2014-03-20 06:31:57 UTC (rev 3262)
@@ -1,10 +0,0 @@
-Description: x86: fix emulator buffer overflow
-References:
-Notes:
-Bugs:
-upstream: released (3.14-rc5) [a08d3b3b99efd509133946056531cdf8f3a0c09b]
-2.6.32-upstream-stable: N/A "Introduced in 3.5 with f78146b0f"
-sid: released (3.13.6-1)
-3.2-wheezy-security: N/A "Introduced in 3.5 with f78146b0f"
-2.6.32-squeeze-security: N/A "Introduced in 3.5 with f78146b0f"
-3.2-upstream-stable: N/A "Introduced in 3.5 with f78146b0f"

Deleted: active/CVE-2014-0100
===================================================================
--- active/CVE-2014-0100	2014-03-20 01:49:40 UTC (rev 3261)
+++ active/CVE-2014-0100	2014-03-20 06:31:57 UTC (rev 3262)
@@ -1,11 +0,0 @@
-Description: inet frag code race condition leading to user-after-free
-References:
- http://patchwork.ozlabs.org/patch/325844/
-Notes:
-Bugs:
-upstream: released (3.14-rc5) [24b9bf43e93e0edd89072da51cf1fab95fc69dec]
-2.6.32-upstream-stable: N/A "Introduced in 3.9 with 3ef0eb0db4bf92c6d2510fe5c4dc51852746f206"
-sid: released (3.13.6-1) [bugfix/all/net-fix-for-a-race-condition-in-the-inet-frag-code.patch]
-3.2-wheezy-security: N/A "Introduced in 3.9 with 3ef0eb0db4bf92c6d2510fe5c4dc51852746f206"
-2.6.32-squeeze-security: N/A "Introduced in 3.9 with 3ef0eb0db4bf92c6d2510fe5c4dc51852746f206"
-3.2-upstream-stable: N/A "Introduced in 3.9 with 3ef0eb0db4bf92c6d2510fe5c4dc51852746f206"

Deleted: active/CVE-2014-0102
===================================================================
--- active/CVE-2014-0102	2014-03-20 01:49:40 UTC (rev 3261)
+++ active/CVE-2014-0102	2014-03-20 06:31:57 UTC (rev 3262)
@@ -1,12 +0,0 @@
-Description: keyring cycle detector DoS
-References:
- http://www.kernelhub.org/?msg=425013&p=2
- https://lkml.org/lkml/2014/2/27/507
-Notes:
-Bugs:
-upstream: released (3.14-rc5) [979e0d74651ba5aa533277f2a6423d0f982fb6f6]
-2.6.32-upstream-stable: N/A "Introduced in 3.13 with b2a4df200d570b2c33a57e1ebfa5896e4bc81b69"
-sid: released (3.13.6-1) [bugfix/all/KEYS-Make-the-keyring-cycle-detector-ignore-other-ke.patch]
-3.2-wheezy-security: N/A "Introduced in 3.13 with b2a4df200d570b2c33a57e1ebfa5896e4bc81b69"
-2.6.32-squeeze-security: N/A "Introduced in 3.13 with b2a4df200d570b2c33a57e1ebfa5896e4bc81b69"
-3.2-upstream-stable: N/A "Introduced in 3.13 with b2a4df200d570b2c33a57e1ebfa5896e4bc81b69"

Copied: retired/CVE-2014-0049 (from rev 3261, active/CVE-2014-0049)
===================================================================
--- retired/CVE-2014-0049	                        (rev 0)
+++ retired/CVE-2014-0049	2014-03-20 06:31:57 UTC (rev 3262)
@@ -0,0 +1,10 @@
+Description: x86: fix emulator buffer overflow
+References:
+Notes:
+Bugs:
+upstream: released (3.14-rc5) [a08d3b3b99efd509133946056531cdf8f3a0c09b]
+2.6.32-upstream-stable: N/A "Introduced in 3.5 with f78146b0f"
+sid: released (3.13.6-1)
+3.2-wheezy-security: N/A "Introduced in 3.5 with f78146b0f"
+2.6.32-squeeze-security: N/A "Introduced in 3.5 with f78146b0f"
+3.2-upstream-stable: N/A "Introduced in 3.5 with f78146b0f"


Property changes on: retired/CVE-2014-0049
___________________________________________________________________
Added: svn:mergeinfo
   + 

Copied: retired/CVE-2014-0100 (from rev 3261, active/CVE-2014-0100)
===================================================================
--- retired/CVE-2014-0100	                        (rev 0)
+++ retired/CVE-2014-0100	2014-03-20 06:31:57 UTC (rev 3262)
@@ -0,0 +1,11 @@
+Description: inet frag code race condition leading to user-after-free
+References:
+ http://patchwork.ozlabs.org/patch/325844/
+Notes:
+Bugs:
+upstream: released (3.14-rc5) [24b9bf43e93e0edd89072da51cf1fab95fc69dec]
+2.6.32-upstream-stable: N/A "Introduced in 3.9 with 3ef0eb0db4bf92c6d2510fe5c4dc51852746f206"
+sid: released (3.13.6-1) [bugfix/all/net-fix-for-a-race-condition-in-the-inet-frag-code.patch]
+3.2-wheezy-security: N/A "Introduced in 3.9 with 3ef0eb0db4bf92c6d2510fe5c4dc51852746f206"
+2.6.32-squeeze-security: N/A "Introduced in 3.9 with 3ef0eb0db4bf92c6d2510fe5c4dc51852746f206"
+3.2-upstream-stable: N/A "Introduced in 3.9 with 3ef0eb0db4bf92c6d2510fe5c4dc51852746f206"


Property changes on: retired/CVE-2014-0100
___________________________________________________________________
Added: svn:mergeinfo
   + 

Copied: retired/CVE-2014-0102 (from rev 3261, active/CVE-2014-0102)
===================================================================
--- retired/CVE-2014-0102	                        (rev 0)
+++ retired/CVE-2014-0102	2014-03-20 06:31:57 UTC (rev 3262)
@@ -0,0 +1,12 @@
+Description: keyring cycle detector DoS
+References:
+ http://www.kernelhub.org/?msg=425013&p=2
+ https://lkml.org/lkml/2014/2/27/507
+Notes:
+Bugs:
+upstream: released (3.14-rc5) [979e0d74651ba5aa533277f2a6423d0f982fb6f6]
+2.6.32-upstream-stable: N/A "Introduced in 3.13 with b2a4df200d570b2c33a57e1ebfa5896e4bc81b69"
+sid: released (3.13.6-1) [bugfix/all/KEYS-Make-the-keyring-cycle-detector-ignore-other-ke.patch]
+3.2-wheezy-security: N/A "Introduced in 3.13 with b2a4df200d570b2c33a57e1ebfa5896e4bc81b69"
+2.6.32-squeeze-security: N/A "Introduced in 3.13 with b2a4df200d570b2c33a57e1ebfa5896e4bc81b69"
+3.2-upstream-stable: N/A "Introduced in 3.13 with b2a4df200d570b2c33a57e1ebfa5896e4bc81b69"


Property changes on: retired/CVE-2014-0102
___________________________________________________________________
Added: svn:mergeinfo
   +

More information about the kernel-sec-discuss mailing list