[kernel-sec-discuss] r3646 - active
Ben Hutchings
benh at moszumanska.debian.org
Thu Jan 15 05:30:02 UTC 2015
Author: benh
Date: 2015-01-15 05:30:02 +0000 (Thu, 15 Jan 2015)
New Revision: 3646
Modified:
active/CVE-2014-8989
active/CVE-2014-9585
Log:
Mark two issues fixed upstream
Modified: active/CVE-2014-8989
===================================================================
--- active/CVE-2014-8989 2015-01-14 06:29:16 UTC (rev 3645)
+++ active/CVE-2014-8989 2015-01-15 05:30:02 UTC (rev 3646)
@@ -5,8 +5,10 @@
http://lwn.net/Articles/626665/
http://lwn.net/Articles/626677/
Notes:
+ bwh> Mitigated in Debian because by default you need CAP_SYS_ADMIN to
+ bwh> create a new userns.
Bugs:
-upstream: needed
+upstream: released (3.19-rc1) [0542f17bf2c1f2430d368f44c8fcf2f82ec9e53e, 273d2c67c3e179adb1e74f403d1e9a06e3f841b5, be7c6dba2332cef0677fbabb606e279ae76652c3, 80dd00a23784b384ccea049bfb3f259d3f973b9d, f95d7918bd1e724675de4940039f2865e5eec5fe, f0d62aec931e4ae3333c797d346dc4f188f454ba, 9cc46516ddf497ea16e8d7cb986ae03a0f6b92f8, 66d2f338ee4c449396b6f99f5e75cd18eb6df272, db86da7cb76f797a1a8b445166a15cb922c6ff85]
2.6.32-upstream-stable: N/A "User namespaces not usable"
sid: needed
3.2-wheezy-security: N/A "User namespaces not usable"
Modified: active/CVE-2014-9585
===================================================================
--- active/CVE-2014-9585 2015-01-14 06:29:16 UTC (rev 3645)
+++ active/CVE-2014-9585 2015-01-15 05:30:02 UTC (rev 3646)
@@ -3,7 +3,7 @@
https://git.kernel.org/cgit/linux/kernel/git/luto/linux.git/commit/?h=x86/vdso&id=bc3b94c31d65e761ddfe150d02932c65971b74e2
Notes:
Bugs:
-upstream: needed
+upstream: released (3.19-rc4) [394f56fe480140877304d342dec46d50dc823d46]
2.6.32-upstream-stable:
sid: needed
3.2-wheezy-security:
More information about the kernel-sec-discuss
mailing list