[kernel-sec-discuss] r3285 - active retired
Ben Hutchings
benh at moszumanska.debian.org
Mon Mar 31 22:43:28 UTC 2014
Author: benh
Date: 2014-03-31 22:42:25 +0000 (Mon, 31 Mar 2014)
New Revision: 3285
Added:
retired/CVE-2013-6282
retired/CVE-2013-7264
Removed:
active/CVE-2013-6282
active/CVE-2013-7264
Log:
Retire two issues fixed in squeeze, wheezy and sid
Deleted: active/CVE-2013-6282
===================================================================
--- active/CVE-2013-6282 2014-03-31 22:39:18 UTC (rev 3284)
+++ active/CVE-2013-6282 2014-03-31 22:42:25 UTC (rev 3285)
@@ -1,11 +0,0 @@
-Description: Missing access checks in put_user/get_user kernel API
-References:
- https://www.codeaurora.org/projects/security-advisories/missing-access-checks-putusergetuser-kernel-api-cve-2013-6282
-Notes:
-Bugs:
-upstream: released (3.6) [8404663f81d212918ff85f493649a7991209fa04]
-2.6.32-upstream-stable: N/A "introduced in 2.6.38 by commit 247055aa21ff"
-sid: released (3.6.4-1~experimental.1)
-3.2-wheezy-security: released (3.2.53-1) [bugfix/arm/ARM-7527-1-uaccess-explicitly-check-__user-pointer-w.patch]
-2.6.32-squeeze-security: N/A "introduced in 2.6.38 by commit 247055aa21ff"
-3.2-upstream-stable: released (3.2.54)
Deleted: active/CVE-2013-7264
===================================================================
--- active/CVE-2013-7264 2014-03-31 22:39:18 UTC (rev 3284)
+++ active/CVE-2013-7264 2014-03-31 22:42:25 UTC (rev 3285)
@@ -1,11 +0,0 @@
-Description: l2tp: uninitialised memory leakage
-References:
-Notes:
- jmm> Originally CVE-2013-6405, was split into CVE-2013-726[345] and CVE-2013-7281
-Bugs:
-upstream: released (3.13-rc2) [bceaa90240b6019ed73b49965eac7d167610be69, 85fbaa75037d0b6b786ff18658ddf0b4014ce2a4]
-2.6.32-upstream-stable: N/A "vulnerable code introduced in 2.6.35"
-sid: released (3.12.4-1)
-3.2-wheezy-security: released (3.2.54-1) [linux_3.2.54.orig.tar.xz]
-2.6.32-squeeze-security: N/A "vulnerable code introduced in 2.6.35"
-3.2-upstream-stable: released (3.2.54) [b38ecb9bbbb42b71833ff4439283f51120a35c1a, b38ecb9bbbb42b71833ff4439283f51120a35c1a]
Copied: retired/CVE-2013-6282 (from rev 3284, active/CVE-2013-6282)
===================================================================
--- retired/CVE-2013-6282 (rev 0)
+++ retired/CVE-2013-6282 2014-03-31 22:42:25 UTC (rev 3285)
@@ -0,0 +1,11 @@
+Description: Missing access checks in put_user/get_user kernel API
+References:
+ https://www.codeaurora.org/projects/security-advisories/missing-access-checks-putusergetuser-kernel-api-cve-2013-6282
+Notes:
+Bugs:
+upstream: released (3.6) [8404663f81d212918ff85f493649a7991209fa04]
+2.6.32-upstream-stable: N/A "introduced in 2.6.38 by commit 247055aa21ff"
+sid: released (3.6.4-1~experimental.1)
+3.2-wheezy-security: released (3.2.53-1) [bugfix/arm/ARM-7527-1-uaccess-explicitly-check-__user-pointer-w.patch]
+2.6.32-squeeze-security: N/A "introduced in 2.6.38 by commit 247055aa21ff"
+3.2-upstream-stable: released (3.2.54)
Copied: retired/CVE-2013-7264 (from rev 3283, active/CVE-2013-7264)
===================================================================
--- retired/CVE-2013-7264 (rev 0)
+++ retired/CVE-2013-7264 2014-03-31 22:42:25 UTC (rev 3285)
@@ -0,0 +1,11 @@
+Description: l2tp: uninitialised memory leakage
+References:
+Notes:
+ jmm> Originally CVE-2013-6405, was split into CVE-2013-726[345] and CVE-2013-7281
+Bugs:
+upstream: released (3.13-rc2) [bceaa90240b6019ed73b49965eac7d167610be69, 85fbaa75037d0b6b786ff18658ddf0b4014ce2a4]
+2.6.32-upstream-stable: N/A "vulnerable code introduced in 2.6.35"
+sid: released (3.12.4-1)
+3.2-wheezy-security: released (3.2.54-1) [linux_3.2.54.orig.tar.xz]
+2.6.32-squeeze-security: N/A "vulnerable code introduced in 2.6.35"
+3.2-upstream-stable: released (3.2.54) [b38ecb9bbbb42b71833ff4439283f51120a35c1a, b38ecb9bbbb42b71833ff4439283f51120a35c1a]
More information about the kernel-sec-discuss
mailing list