[kernel-sec-discuss] r3728 - active

Ben Hutchings benh at moszumanska.debian.org
Mon Apr 6 17:35:11 UTC 2015 

Author: benh
Date: 2015-04-06 17:35:11 +0000 (Mon, 06 Apr 2015)
New Revision: 3728

Modified:
   active/CVE-2014-8159
   active/CVE-2014-9710
   active/CVE-2015-0275
   active/CVE-2015-2666
   active/CVE-2015-2922
Log:
Mark more fixes pending in 3.16.7-ckt9-1

Modified: active/CVE-2014-8159
===================================================================
--- active/CVE-2014-8159	2015-04-06 16:55:06 UTC (rev 3727)
+++ active/CVE-2014-8159	2015-04-06 17:35:11 UTC (rev 3728)
@@ -5,7 +5,7 @@
 Bugs:
 upstream: needed
 2.6.32-upstream-stable: needed
-sid: needed
+sid: pending (3.16.7-ckt9-1) [bugfix/all/ib-core-prevent-integer-overflow-in-ib_umem_get.patch]
 3.2-wheezy-security: needed
 2.6.32-squeeze-security: needed
 3.16-upstream-stable: needed

Modified: active/CVE-2014-9710
===================================================================
--- active/CVE-2014-9710	2015-04-06 16:55:06 UTC (rev 3727)
+++ active/CVE-2014-9710	2015-04-06 17:35:11 UTC (rev 3728)
@@ -4,8 +4,8 @@
 Bugs:
 upstream: released (3.19) [5f5bc6b1e2d5a6f827bc860ef2dc5b6f365d1339]
 2.6.32-upstream-stable:
-sid:
+sid: pending (3.16.7-ckt9-1) [bugfix/all/btrfs-make-xattr-replace-operations-atomic.patch]
 3.2-wheezy-security:
 2.6.32-squeeze-security:
-3.16-upstream-stable:
+3.16-upstream-stable: needed
 3.2-upstream-stable:

Modified: active/CVE-2015-0275
===================================================================
--- active/CVE-2015-0275	2015-04-06 16:55:06 UTC (rev 3727)
+++ active/CVE-2015-0275	2015-04-06 17:35:11 UTC (rev 3728)
@@ -6,7 +6,7 @@
 Bugs:
 upstream: needed
 2.6.32-upstream-stable: N/A "vulnerable code not present"
-sid: needed
+sid: pending (3.16.7-ckt9-1) [bugfix/all/ext4-allocate-entire-range-in-zero-range.patch, bugfix/all/ext4-fix-accidental-flag-aliasing-in-ext4_map_blocks.patch, bugfix/all/ext4-fix-zero_range-bug-hidden-by-flag-aliasing.patch]
 3.2-wheezy-security: N/A "vulnerable code not present"
 2.6.32-squeeze-security: N/A "vulnerable code not present"
 3.16-upstream-stable: needed

Modified: active/CVE-2015-2666
===================================================================
--- active/CVE-2015-2666	2015-04-06 16:55:06 UTC (rev 3727)
+++ active/CVE-2015-2666	2015-04-06 17:35:11 UTC (rev 3728)
@@ -4,7 +4,7 @@
 Bugs:
 upstream: released (4.0) [f84598bd7c851f8b0bf8cd0d7c3be0d73c432ff4]
 2.6.32-upstream-stable: N/A "Introduced in 3.9 with ec400ddeff200b068ddc6c70f7321f49ecf32ed5"
-sid: needed
+sid: pending (3.16.7-ckt9-1) [bugfix/x86/x86-microcode-intel-guard-against-stack-overflow-in-.patch]
 3.2-wheezy-security: N/A "Introduced in 3.9 with ec400ddeff200b068ddc6c70f7321f49ecf32ed5"
 2.6.32-squeeze-security: N/A "Introduced in 3.9 with ec400ddeff200b068ddc6c70f7321f49ecf32ed5"
 3.16-upstream-stable: needed

Modified: active/CVE-2015-2922
===================================================================
--- active/CVE-2015-2922	2015-04-06 16:55:06 UTC (rev 3727)
+++ active/CVE-2015-2922	2015-04-06 17:35:11 UTC (rev 3728)
@@ -4,8 +4,8 @@
 Bugs:
 upstream: pending [6fd99094de2b83d1d4c8457f2c83483b2828e75a]
 2.6.32-upstream-stable:
-sid:
+sid: pending (3.16.7-ckt9-1) [bugfix/all/ipv6-don-t-reduce-hop-limit-for-an-interface.patch]
 3.2-wheezy-security:
 2.6.32-squeeze-security:
-3.16-upstream-stable:
+3.16-upstream-stable: needed
 3.2-upstream-stable:

More information about the kernel-sec-discuss mailing list