[kernel-sec-discuss] r3733 - active

Ben Hutchings benh at moszumanska.debian.org
Sun Apr 12 16:45:47 UTC 2015 

Author: benh
Date: 2015-04-12 16:45:47 +0000 (Sun, 12 Apr 2015)
New Revision: 3733

Modified:
   active/CVE-2011-5321
   active/CVE-2012-6689
   active/CVE-2014-8159
   active/CVE-2014-9683
   active/CVE-2014-9710
Log:
Update status in squeeze-lts

Modified: active/CVE-2011-5321
===================================================================
--- active/CVE-2011-5321	2015-04-10 14:03:35 UTC (rev 3732)
+++ active/CVE-2011-5321	2015-04-12 16:45:47 UTC (rev 3733)
@@ -8,6 +8,6 @@
 2.6.32-upstream-stable: needed
 sid: released (3.2.1-1)
 3.2-wheezy-security: N/A "Fixed before initial release"
-2.6.32-squeeze-security: needed
+2.6.32-squeeze-security: pending (2.6.32-48squeeze12) [bugfix/all/tty-drop-driver-reference-in-tty_open-fail-path.patch]
 3.16-upstream-stable: N/A "Fixed before initial release"
 3.2-upstream-stable: released (v3.2-rc1) [c290f8358acaeffd8e0c551ddcc24d1206143376]

Modified: active/CVE-2012-6689
===================================================================
--- active/CVE-2012-6689	2015-04-10 14:03:35 UTC (rev 3732)
+++ active/CVE-2012-6689	2015-04-12 16:45:47 UTC (rev 3733)
@@ -6,6 +6,6 @@
 2.6.32-upstream-stable: needed
 sid: released (3.2.30-1)
 3.2-wheezy-security: N/A "fixed before wheezy release"
-2.6.32-squeeze-security: needed
+2.6.32-squeeze-security: pending (2.6.32-48squeeze12) [bugfix/all/netlink-fix-possible-spoofing-from-non-root-processe.patch]
 3.16-upstream-stable: N/A "fixed before 3.16"
 3.2-upstream-stable: released (3.2.30)

Modified: active/CVE-2014-8159
===================================================================
--- active/CVE-2014-8159	2015-04-10 14:03:35 UTC (rev 3732)
+++ active/CVE-2014-8159	2015-04-12 16:45:47 UTC (rev 3733)
@@ -7,6 +7,6 @@
 2.6.32-upstream-stable: needed
 sid: released (3.16.7-ckt9-1) [bugfix/all/ib-core-prevent-integer-overflow-in-ib_umem_get.patch]
 3.2-wheezy-security: needed
-2.6.32-squeeze-security: needed
+2.6.32-squeeze-security: pending (2.6.32-48squeeze12) [bugfix/all/ib-core-prevent-integer-overflow-in-ib_umem_get.patch]
 3.16-upstream-stable: needed
 3.2-upstream-stable: needed

Modified: active/CVE-2014-9683
===================================================================
--- active/CVE-2014-9683	2015-04-10 14:03:35 UTC (rev 3732)
+++ active/CVE-2014-9683	2015-04-12 16:45:47 UTC (rev 3733)
@@ -6,6 +6,6 @@
 2.6.32-upstream-stable: needed
 sid: released (3.16.7-ckt4-1)
 3.2-wheezy-security: released (3.2.65-1+deb7u2)
-2.6.32-squeeze-security: needed
+2.6.32-squeeze-security: pending (2.6.32-48squeeze11) [bugfix/all/ecryptfs-remove-buggy-and-unnecessary-write-in-file-.patch]
 3.16-upstream-stable: released (3.16.7-ckt4)
 3.2-upstream-stable: released (3.2.67)

Modified: active/CVE-2014-9710
===================================================================
--- active/CVE-2014-9710	2015-04-10 14:03:35 UTC (rev 3732)
+++ active/CVE-2014-9710	2015-04-12 16:45:47 UTC (rev 3733)
@@ -6,6 +6,6 @@
 2.6.32-upstream-stable:
 sid: released (3.16.7-ckt9-1) [bugfix/all/btrfs-make-xattr-replace-operations-atomic.patch]
 3.2-wheezy-security:
-2.6.32-squeeze-security:
+2.6.32-squeeze-security: ignored "btrfs in squeeze is just a tech preview and not usable for production"
 3.16-upstream-stable: needed
 3.2-upstream-stable:

More information about the kernel-sec-discuss mailing list