[kernel-sec-discuss] r3641 - active

Ben Hutchings benh at moszumanska.debian.org
Mon Jan 12 03:11:23 UTC 2015 

Author: benh
Date: 2015-01-12 03:11:23 +0000 (Mon, 12 Jan 2015)
New Revision: 3641

Modified:
   active/CVE-2013-6885
   active/CVE-2014-8133
   active/CVE-2014-8134
   active/CVE-2014-9419
   active/CVE-2014-9420
   active/CVE-2014-9428
   active/CVE-2014-9529
   active/CVE-2014-9584
Log:
Mark issues pending for wheezy (3.2.65-1+deb7u1) and sid (3.16.7-ckt3-1)

Modified: active/CVE-2013-6885
===================================================================
--- active/CVE-2013-6885	2015-01-12 02:40:14 UTC (rev 3640)
+++ active/CVE-2013-6885	2015-01-12 03:11:23 UTC (rev 3641)
@@ -5,7 +5,7 @@
 upstream: released (3.14-rc2) [3b56496865f9f7d9bcb2f93b44c63f274f08e3b6]
 2.6.32-upstream-stable: needed
 sid: released (3.14.2-1)
-3.2-wheezy-security: needed
+3.2-wheezy-security: pending (3.2.65-1+deb7u1) [bugfix/x86/x86-cpu-amd-add-workaround-for-family-16h-erratum-79.patch]
 2.6.32-squeeze-security: needed
 3.16-upstream-stable: N/A "fixed before 3.16"
 3.2-upstream-stable: needed

Modified: active/CVE-2014-8133
===================================================================
--- active/CVE-2014-8133	2015-01-12 02:40:14 UTC (rev 3640)
+++ active/CVE-2014-8133	2015-01-12 03:11:23 UTC (rev 3641)
@@ -4,8 +4,8 @@
 Bugs:
 upstream: released (3.19-rc1) [41bdc78544b8a93a9c6814b8bbbfef966272abbe]
 2.6.32-upstream-stable: needed
-sid: needed
-3.2-wheezy-security: needed
+sid: pending (3.16.7-ckt3-1) [bugfix/x86/x86-tls-validate-tls-entries-to-protect-espfix.patch]
+3.2-wheezy-security: pending (3.2.65-1+deb7u1) [bugfix/x86/x86-tls-validate-tls-entries-to-protect-espfix.patch]
 2.6.32-squeeze-security: needed
 3.16-upstream-stable: needed
 3.2-upstream-stable: released (3.2.66) [x86-tls-validate-tls-entries-to-protect-espfix.patch]

Modified: active/CVE-2014-8134
===================================================================
--- active/CVE-2014-8134	2015-01-12 02:40:14 UTC (rev 3640)
+++ active/CVE-2014-8134	2015-01-12 03:11:23 UTC (rev 3641)
@@ -7,7 +7,7 @@
 Bugs:
 upstream: released (3.19-rc1) [29fa6825463c97e5157284db80107d1bfac5d77b]
 2.6.32-upstream-stable: needed
-sid: needed
+sid: pending (3.16.7-ckt3-1) [bugfix/x86/x86-kvm-clear-paravirt_enabled-on-kvm-guests-for-espfix32-s-benefit.patch]
 3.2-wheezy-security: released (3.2.65-1) [bugfix/x86/x86-kvm-clear-paravirt_enabled-on-kvm-guests-for-espfix32-s-benefit.patch]
 2.6.32-squeeze-security: needed
 3.16-upstream-stable: needed

Modified: active/CVE-2014-9419
===================================================================
--- active/CVE-2014-9419	2015-01-12 02:40:14 UTC (rev 3640)
+++ active/CVE-2014-9419	2015-01-12 03:11:23 UTC (rev 3641)
@@ -4,8 +4,8 @@
 Bugs:
 upstream: released (v3.19-rc1) [f647d7c155f069c1a068030255c300663516420e]
 2.6.32-upstream-stable:
-sid:
-3.2-wheezy-security:
+sid: pending (3.16.7-ckt3-1) [bugfix/x86/x86_64-switch_to-load-tls-descriptors-before-switchi.patch]
+3.2-wheezy-security: pending (3.2.65-1+deb7u1) [bugfix/x86/x86_64-switch_to-load-tls-descriptors-before-switchi.patch]
 2.6.32-squeeze-security:
 3.16-upstream-stable:
 3.2-upstream-stable:

Modified: active/CVE-2014-9420
===================================================================
--- active/CVE-2014-9420	2015-01-12 02:40:14 UTC (rev 3640)
+++ active/CVE-2014-9420	2015-01-12 03:11:23 UTC (rev 3641)
@@ -4,7 +4,7 @@
 Bugs:
 upstream: released (v3.19-rc1) [f54e18f1b831c92f6512d2eedb224cd63d607d3d]
 2.6.32-upstream-stable:
-sid:
+sid: pending (3.16.7-ckt3-1) [bugfix/all/isofs-fix-infinite-looping-over-ce-entries.patch]
 3.2-wheezy-security: released (3.2.65-1) [bugfix/all/isofs-fix-infinite-looping-over-ce-entries.patch]
 2.6.32-squeeze-security:
 3.16-upstream-stable:

Modified: active/CVE-2014-9428
===================================================================
--- active/CVE-2014-9428	2015-01-12 02:40:14 UTC (rev 3640)
+++ active/CVE-2014-9428	2015-01-12 03:11:23 UTC (rev 3641)
@@ -2,9 +2,9 @@
 References:
 Notes: Introduced by 610bfc6bc99bc83680d190ebc69359a05fc7f605
 Bugs: https://bugs.debian.org/774155
-upstream: [5b6698b0e4a37053de35cc24ee695b98a7eb712b]
+upstream: released (3.19-rc3) [5b6698b0e4a37053de35cc24ee695b98a7eb712b]
 2.6.32-upstream-stable: N/A "Introduced in 3.13-rc1"
-sid: needed
+sid: pending (3.16.7-ckt3-1) [bugfix/all/batman-adv-calculate-extra-tail-size-based-on-queued.patch]
 3.2-wheezy-security: N/A "Introduced in 3.13-rc1"
 2.6.32-squeeze-security: N/A "Introduced in 3.13-rc1"
 3.16-upstream-stable: needed

Modified: active/CVE-2014-9529
===================================================================
--- active/CVE-2014-9529	2015-01-12 02:40:14 UTC (rev 3640)
+++ active/CVE-2014-9529	2015-01-12 03:11:23 UTC (rev 3641)
@@ -5,8 +5,8 @@
 Bugs:
 upstream: released (3.19-rc4) [a3a8784454692dd72e5d5d34dcdab17b4420e74c]
 2.6.32-upstream-stable: N/A "Vulnerable code not present"
-sid: needed
-3.2-wheezy-security: needed
+sid: pending (3.16.7-ckt3-1) [bugfix/all/keys-close-race-between-key-lookup-and-freeing.patch]
+3.2-wheezy-security: pending (3.2.65-1+deb7u1) [bugfix/all/keys-close-race-between-key-lookup-and-freeing.patch]
 2.6.32-squeeze-security: N/A "Vulnerable code not present"
 3.16-upstream-stable: needed
 3.2-upstream-stable: needed

Modified: active/CVE-2014-9584
===================================================================
--- active/CVE-2014-9584	2015-01-12 02:40:14 UTC (rev 3640)
+++ active/CVE-2014-9584	2015-01-12 03:11:23 UTC (rev 3641)
@@ -4,8 +4,8 @@
 Bugs:
 upstream: released (3.19-rc3) [4e2024624e678f0ebb916e6192bd23c1f9fdf696]
 2.6.32-upstream-stable: needed
-sid: needed
-3.2-wheezy-security: needed
+sid: pending (3.16.7-ckt3-1) [bugfix/all/isofs-fix-unchecked-printing-of-er-records.patch]
+3.2-wheezy-security: pending (3.2.65-1+deb7u1) [bugfix/all/isofs-fix-unchecked-printing-of-er-records.patch]
 2.6.32-squeeze-security: needed
 3.16-upstream-stable: needed
 3.2-upstream-stable: needed

More information about the kernel-sec-discuss mailing list