[kernel-sec-discuss] r5339 - active
Ben Hutchings
benh at moszumanska.debian.org
Thu Jun 1 14:43:56 UTC 2017
Author: benh
Date: 2017-06-01 14:43:55 +0000 (Thu, 01 Jun 2017)
New Revision: 5339
Modified:
active/CVE-2017-0605
active/CVE-2017-7487
active/CVE-2017-7645
active/CVE-2017-7895
active/CVE-2017-8064
active/CVE-2017-8890
active/CVE-2017-8924
active/CVE-2017-8925
active/CVE-2017-9074
active/CVE-2017-9075
active/CVE-2017-9076
active/CVE-2017-9077
active/CVE-2017-9242
Log:
Mark issues pending for stable branches
Modified: active/CVE-2017-0605
===================================================================
--- active/CVE-2017-0605 2017-06-01 13:15:44 UTC (rev 5338)
+++ active/CVE-2017-0605 2017-06-01 14:43:55 UTC (rev 5339)
@@ -17,8 +17,8 @@
Bugs:
upstream: released (4.12-rc1) [e09e28671cda63e6308b31798b997639120e2a21]
4.9-upstream-stable: needed
-3.16-upstream-stable: needed
-3.2-upstream-stable: needed
+3.16-upstream-stable: pending (3.16.44) [tracing-use-strlcpy-instead-of-strcpy-in-__trace_find_cmdline.patch]
+3.2-upstream-stable: pending (3.2.89) [tracing-use-strlcpy-instead-of-strcpy-in-__trace_find_cmdline.patch]
sid: pending (4.9.30-1) [bugfix/all/tracing-Use-strlcpy-instead-of-strcpy-in-__trace_fin.patch]
3.16-jessie-security: pending (3.16.43-2+deb8u1) [bugfix/all/tracing-Use-strlcpy-instead-of-strcpy-in-__trace_fin.patch]
3.2-wheezy-security: pending (3.2.88-2) [bugfix/all/tracing-Use-strlcpy-instead-of-strcpy-in-__trace_fin.patch]
Modified: active/CVE-2017-7487
===================================================================
--- active/CVE-2017-7487 2017-06-01 13:15:44 UTC (rev 5338)
+++ active/CVE-2017-7487 2017-06-01 14:43:55 UTC (rev 5339)
@@ -4,8 +4,8 @@
Bugs:
upstream: released (4.12-rc1) [ee0d8d8482345ff97a75a7d747efc309f13b0d80]
4.9-upstream-stable: released (4.9.30) [820adccd0e3be9bdd2384ca8fc4712108cfdf28b]
-3.16-upstream-stable: needed
-3.2-upstream-stable: needed
+3.16-upstream-stable: pending (3.16.44) [ipx-call-ipxitf_put-in-ioctl-error-path.patch]
+3.2-upstream-stable: pending (3.2.89) [ipx-call-ipxitf_put-in-ioctl-error-path.patch]
sid: pending (4.9.30-1)
3.16-jessie-security: pending (3.16.43-2+deb8u1) [bugfix/all/ipx-call-ipxitf_put-in-ioctl-error-path.patch]
3.2-wheezy-security: pending (3.2.88-2) [bugfix/all/ipx-call-ipxitf_put-in-ioctl-error-path.patch]
Modified: active/CVE-2017-7645
===================================================================
--- active/CVE-2017-7645 2017-06-01 13:15:44 UTC (rev 5338)
+++ active/CVE-2017-7645 2017-06-01 14:43:55 UTC (rev 5339)
@@ -17,8 +17,8 @@
Bugs:
upstream: released (4.11) [e6838a29ecb484c97e4efef9429643b9851fba6e]
4.9-upstream-stable: released (4.9.26) [fc6445df466f37291a70937642068bda78802a5b]
-3.16-upstream-stable: needed
-3.2-upstream-stable: needed
+3.16-upstream-stable: pending (3.16.44) [nfsd-check-for-oversized-nfsv2-v3-arguments.patch]
+3.2-upstream-stable: pending (3.2.89) [nfsd-check-for-oversized-nfsv2-v3-arguments.patch]
sid: released (4.9.25-1) [bugfix/all/nfsd-check-for-oversized-NFSv2-v3-arguments.patch]
3.16-jessie-security: pending (3.16.43-2+deb8u1) [bugfix/all/nfsd-check-for-oversized-nfsv2-v3-arguments.patch]
3.2-wheezy-security: pending (3.2.88-2) [bugfix/all/nfsd-check-for-oversized-nfsv2-v3-arguments.patch]
Modified: active/CVE-2017-7895
===================================================================
--- active/CVE-2017-7895 2017-06-01 13:15:44 UTC (rev 5338)
+++ active/CVE-2017-7895 2017-06-01 14:43:55 UTC (rev 5339)
@@ -6,8 +6,8 @@
Bugs:
upstream: released (4.11) [13bf9fbff0e5e099e2b6f003a0ab8ae145436309]
4.9-upstream-stable: released (4.9.26) [d7809b9e99bb75e83bdd13dc70ce27df61faf5de]
-3.16-upstream-stable: needed
-3.2-upstream-stable: needed
+3.16-upstream-stable: pending (3.16.44) [nfsd-stricter-decoding-of-write-like-nfsv2-v3-ops.patch]
+3.2-upstream-stable: pending (3.2.89) [nfsd-stricter-decoding-of-write-like-nfsv2-v3-ops.patch]
sid: released (4.9.25-1) [bugfix/all/nfsd-stricter-decoding-of-write-like-NFSv2-v3-ops.patch]
3.16-jessie-security: pending (3.16.43-2+deb8u1) [bugfix/all/nfsd-stricter-decoding-of-write-like-nfsv2-v3-ops.patch]
3.2-wheezy-security: pending (3.2.88-2) [bugfix/all/nfsd-stricter-decoding-of-write-like-nfsv2-v3-ops.patch]
Modified: active/CVE-2017-8064
===================================================================
--- active/CVE-2017-8064 2017-06-01 13:15:44 UTC (rev 5338)
+++ active/CVE-2017-8064 2017-06-01 14:43:55 UTC (rev 5339)
@@ -6,7 +6,7 @@
Bugs:
upstream: released (4.11-rc1) [005145378c9ad7575a01b6ce1ba118fb427f583a]
4.9-upstream-stable: released (4.9.24) [1992564156b5dc4ac73418e5b95e1a43f12f3cb1]
-3.16-upstream-stable: needed
+3.16-upstream-stable: pending (3.16.44) [dvb-usb-v2-avoid-use-after-free.patch]
3.2-upstream-stable: N/A "Vulnerable code not present"
sid: released (4.9.25-1)
3.16-jessie-security: pending (3.16.43-2+deb8u1) [bugfix/all/media-dvb-usb-v2-avoid-use-after-free.patch]
Modified: active/CVE-2017-8890
===================================================================
--- active/CVE-2017-8890 2017-06-01 13:15:44 UTC (rev 5338)
+++ active/CVE-2017-8890 2017-06-01 14:43:55 UTC (rev 5339)
@@ -5,9 +5,9 @@
bwh> connection-based protocol to a multicast group.
Bugs:
upstream: released (4.12-rc1) [657831ffc38e30092a2d5f03d385d710eb88b09a]
-4.9-upstream-stable: needed
-3.16-upstream-stable: needed
-3.2-upstream-stable: needed
+4.9-upstream-stable: pending (4.9.31) [dccp-tcp-do-not-inherit-mc_list-from-parent.patch]
+3.16-upstream-stable: pending (3.16.44) [dccp-tcp-do-not-inherit-mc_list-from-parent.patch]
+3.2-upstream-stable: pending (3.2.89) [dccp-tcp-do-not-inherit-mc_list-from-parent.patch]
sid: pending (4.9.30-1) [bugfix/all/dccp-tcp-do-not-inherit-mc_list-from-parent.patch]
3.16-jessie-security: pending (3.16.43-2+deb8u1) [bugfix/all/dccp-tcp-do-not-inherit-mc_list-from-parent.patch]
3.2-wheezy-security: pending (3.2.88-2) [bugfix/all/dccp-tcp-do-not-inherit-mc_list-from-parent.patch]
Modified: active/CVE-2017-8924
===================================================================
--- active/CVE-2017-8924 2017-06-01 13:15:44 UTC (rev 5338)
+++ active/CVE-2017-8924 2017-06-01 14:43:55 UTC (rev 5339)
@@ -4,8 +4,8 @@
Bugs:
upstream: released (4.11-rc2) [654b404f2a222f918af9b0cd18ad469d0c941a8e]
4.9-upstream-stable: released (4.9.16) [d0ef6ecee85e17742d8bce1559872cb542d6ccac]
-3.16-upstream-stable: needed
-3.2-upstream-stable: needed
+3.16-upstream-stable: pending (3.16.44) [usb-serial-io_ti-fix-information-leak-in-completion-handler.patch]
+3.2-upstream-stable: pending (3.2.89) [usb-serial-io_ti-fix-information-leak-in-completion-handler.patch]
sid: released (4.9.16-1)
3.16-jessie-security: pending (3.16.43-2+deb8u1) [bugfix/all/usb-serial-io_ti-fix-information-leak-in-completion-.patch]
3.2-wheezy-security: pending (3.2.88-2) [bugfix/all/usb-serial-io_ti-fix-information-leak-in-completion-.patch]
Modified: active/CVE-2017-8925
===================================================================
--- active/CVE-2017-8925 2017-06-01 13:15:44 UTC (rev 5338)
+++ active/CVE-2017-8925 2017-06-01 14:43:55 UTC (rev 5339)
@@ -4,8 +4,8 @@
Bugs:
upstream: released (4.11-rc2) [30572418b445d85fcfe6c8fe84c947d2606767d8]
4.9-upstream-stable: released (4.9.16) [6d6c5895f45431579c20f4183b25183f0e3afc92]
-3.16-upstream-stable: needed
-3.2-upstream-stable: needed
+3.16-upstream-stable: pending (3.16.44) [usb-serial-omninet-fix-reference-leaks-at-open.patch]
+3.2-upstream-stable: pending (3.2.89) [usb-serial-omninet-fix-reference-leaks-at-open.patch]
sid: released (4.9.16-1)
3.16-jessie-security: pending (3.16.43-2+deb8u1) [bugfix/all/usb-serial-omninet-fix-reference-leaks-at-open.patch]
3.2-wheezy-security: pending (3.2.88-2) [bugfix/all/usb-serial-omninet-fix-reference-leaks-at-open.patch]
Modified: active/CVE-2017-9074
===================================================================
--- active/CVE-2017-9074 2017-06-01 13:15:44 UTC (rev 5338)
+++ active/CVE-2017-9074 2017-06-01 14:43:55 UTC (rev 5339)
@@ -7,9 +7,9 @@
bwh> and fix for https://marc.info/?l=linux-netdev&m=149623359417487&w=2
Bugs:
upstream: released (4.12-rc2) [2423496af35d94a87156b063ea5cedffc10a70a1]
-4.9-upstream-stable: needed
-3.16-upstream-stable: needed
-3.2-upstream-stable: needed
+4.9-upstream-stable: pending (4.9.31) [ipv6-prevent-overrun-when-parsing-v6-header-options.patch]
+3.16-upstream-stable: pending (3.16.44) [ipv6-prevent-overrun-when-parsing-v6-header-options.patch]
+3.2-upstream-stable: pending (3.2.89) [ipv6-prevent-overrun-when-parsing-v6-header-options.patch]
sid: pending (4.9.30-1) [bugfix/all/ipv6-prevent-overrun-when-parsing-v6-header-options.patch]
3.16-jessie-security: pending (3.16.43-2+deb8u1) [bugfix/all/ipv6-prevent-overrun-when-parsing-v6-header-options.patch]
3.2-wheezy-security: pending (3.2.88-2) [bugfix/all/ipv6-prevent-overrun-when-parsing-v6-header-options.patch]
Modified: active/CVE-2017-9075
===================================================================
--- active/CVE-2017-9075 2017-06-01 13:15:44 UTC (rev 5338)
+++ active/CVE-2017-9075 2017-06-01 14:43:55 UTC (rev 5339)
@@ -3,9 +3,9 @@
Notes:
Bugs:
upstream: released (4.12-rc2) [fdcee2cbb8438702ea1b328fb6e0ac5e9a40c7f8]
-4.9-upstream-stable: needed
-3.16-upstream-stable: needed
-3.2-upstream-stable: needed
+4.9-upstream-stable: pending (4.9.31) [sctp-do-not-inherit-ipv6_-mc-ac-fl-_list-from-parent.patch]
+3.16-upstream-stable: pending (3.16.44) [sctp-do-not-inherit-ipv6_-mc-ac-fl-_list-from-parent.patch]
+3.2-upstream-stable: pending (3.2.89) [sctp-do-not-inherit-ipv6_-mc-ac-fl-_list-from-parent.patch]
sid: pending (4.9.30-1) [bugfix/all/sctp-do-not-inherit-ipv6_-mc-ac-fl-_list-from-parent.patch]
3.16-jessie-security: pending (3.16.43-2+deb8u1) [bugfix/all/sctp-do-not-inherit-ipv6_-mc-ac-fl-_list-from-parent.patch]
3.2-wheezy-security: pending (3.2.88-2) [bugfix/all/sctp-do-not-inherit-ipv6_-mc-ac-fl-_list-from-parent.patch]
Modified: active/CVE-2017-9076
===================================================================
--- active/CVE-2017-9076 2017-06-01 13:15:44 UTC (rev 5338)
+++ active/CVE-2017-9076 2017-06-01 14:43:55 UTC (rev 5339)
@@ -3,9 +3,9 @@
Notes:
Bugs:
upstream: released (4.12-rc2) [83eaddab4378db256d00d295bda6ca997cd13a52]
-4.9-upstream-stable: needed
-3.16-upstream-stable: needed
-3.2-upstream-stable: needed
+4.9-upstream-stable: pending (4.9.31) [ipv6-dccp-do-not-inherit-ipv6_mc_list-from-parent.patch]
+3.16-upstream-stable: pending (3.16.44) [ipv6-dccp-do-not-inherit-ipv6_mc_list-from-parent.patch]
+3.2-upstream-stable: pending (3.2.89) [ipv6-dccp-do-not-inherit-ipv6_mc_list-from-parent.patch]
sid: pending (4.9.30-1) [bugfix/all/ipv6-dccp-do-not-inherit-ipv6_mc_list-from-parent.patch]
3.16-jessie-security: pending (3.16.43-2+deb8u1) [bugfix/all/ipv6-dccp-do-not-inherit-ipv6_mc_list-from-parent.patch]
3.2-wheezy-security: pending (3.2.88-2) [bugfix/all/ipv6-dccp-do-not-inherit-ipv6_mc_list-from-parent.patch]
Modified: active/CVE-2017-9077
===================================================================
--- active/CVE-2017-9077 2017-06-01 13:15:44 UTC (rev 5338)
+++ active/CVE-2017-9077 2017-06-01 14:43:55 UTC (rev 5339)
@@ -3,9 +3,9 @@
Notes:
Bugs:
upstream: released (4.12-rc2) [83eaddab4378db256d00d295bda6ca997cd13a52]
-4.9-upstream-stable: needed
-3.16-upstream-stable: needed
-3.2-upstream-stable: needed
+4.9-upstream-stable: pending (4.9.31) [ipv6-dccp-do-not-inherit-ipv6_mc_list-from-parent.patch]
+3.16-upstream-stable: pending (3.16.44) [ipv6-dccp-do-not-inherit-ipv6_mc_list-from-parent.patch]
+3.2-upstream-stable: pending (3.2.89) [ipv6-dccp-do-not-inherit-ipv6_mc_list-from-parent.patch]
sid: pending (4.9.30-1) [bugfix/all/ipv6-dccp-do-not-inherit-ipv6_mc_list-from-parent.patch]
3.16-jessie-security: pending (3.16.43-2+deb8u1) [bugfix/all/ipv6-dccp-do-not-inherit-ipv6_mc_list-from-parent.patch]
3.2-wheezy-security: pending (3.2.88-2) [bugfix/all/ipv6-dccp-do-not-inherit-ipv6_mc_list-from-parent.patch]
Modified: active/CVE-2017-9242
===================================================================
--- active/CVE-2017-9242 2017-06-01 13:15:44 UTC (rev 5338)
+++ active/CVE-2017-9242 2017-06-01 14:43:55 UTC (rev 5339)
@@ -3,9 +3,9 @@
Notes:
Bugs:
upstream: released (4.12-rc3) [232cd35d0804cc241eb887bb8d4d9b3b9881c64a]
-4.9-upstream-stable: needed
-3.16-upstream-stable: needed
-3.2-upstream-stable: needed
+4.9-upstream-stable: pending (4.9.31) [ipv6-fix-out-of-bound-writes-in-__ip6_append_data.patch]
+3.16-upstream-stable: pending (3.16.44) [ipv6-fix-out-of-bound-writes-in-__ip6_append_data.patch]
+3.2-upstream-stable: pending (3.2.89) [ipv6-fix-out-of-bound-writes-in-__ip6_append_data.patch]
sid: pending (4.9.30-1) [bugfix/all/ipv6-fix-out-of-bound-writes-in-__ip6_append_data.patch]
3.16-jessie-security: pending (3.16.43-2+deb8u1) [bugfix/all/ipv6-fix-out-of-bound-writes-in-__ip6_append_data.patch]
3.2-wheezy-security: pending (3.2.88-2) [bugfix/all/ipv6-fix-out-of-bound-writes-in-__ip6_append_data.patch]
More information about the kernel-sec-discuss
mailing list