[kernel-sec-discuss] r5340 - active

Salvatore Bonaccorso carnil at moszumanska.debian.org
Sun Jun 4 12:19:13 UTC 2017 

Author: carnil
Date: 2017-06-04 12:19:12 +0000 (Sun, 04 Jun 2017)
New Revision: 5340

Modified:
   active/CVE-2017-0605
   active/CVE-2017-1000363
   active/CVE-2017-7487
   active/CVE-2017-8890
   active/CVE-2017-9059
   active/CVE-2017-9074
   active/CVE-2017-9075
   active/CVE-2017-9076
   active/CVE-2017-9077
   active/CVE-2017-9150
   active/CVE-2017-9211
   active/CVE-2017-9242
Log:
Mark 4.9.30-1 as released

Modified: active/CVE-2017-0605
===================================================================
--- active/CVE-2017-0605	2017-06-01 14:43:55 UTC (rev 5339)
+++ active/CVE-2017-0605	2017-06-04 12:19:12 UTC (rev 5340)
@@ -19,6 +19,6 @@
 4.9-upstream-stable: needed
 3.16-upstream-stable: pending (3.16.44) [tracing-use-strlcpy-instead-of-strcpy-in-__trace_find_cmdline.patch]
 3.2-upstream-stable: pending (3.2.89) [tracing-use-strlcpy-instead-of-strcpy-in-__trace_find_cmdline.patch]
-sid: pending (4.9.30-1) [bugfix/all/tracing-Use-strlcpy-instead-of-strcpy-in-__trace_fin.patch]
+sid: released (4.9.30-1) [bugfix/all/tracing-Use-strlcpy-instead-of-strcpy-in-__trace_fin.patch]
 3.16-jessie-security: pending (3.16.43-2+deb8u1) [bugfix/all/tracing-Use-strlcpy-instead-of-strcpy-in-__trace_fin.patch]
 3.2-wheezy-security: pending (3.2.88-2) [bugfix/all/tracing-Use-strlcpy-instead-of-strcpy-in-__trace_fin.patch]

Modified: active/CVE-2017-1000363
===================================================================
--- active/CVE-2017-1000363	2017-06-01 14:43:55 UTC (rev 5339)
+++ active/CVE-2017-1000363	2017-06-04 12:19:12 UTC (rev 5340)
@@ -6,6 +6,6 @@
 4.9-upstream-stable: released (4.9.30) [5d263d94a870a774a24acb2a2cc1e79ef39c2416]
 3.16-upstream-stable: needed
 3.2-upstream-stable: needed
-sid: pending (4.9.30-1)
+sid: released (4.9.30-1)
 3.16-jessie-security: needed
 3.2-wheezy-security: needed

Modified: active/CVE-2017-7487
===================================================================
--- active/CVE-2017-7487	2017-06-01 14:43:55 UTC (rev 5339)
+++ active/CVE-2017-7487	2017-06-04 12:19:12 UTC (rev 5340)
@@ -6,6 +6,6 @@
 4.9-upstream-stable: released (4.9.30) [820adccd0e3be9bdd2384ca8fc4712108cfdf28b]
 3.16-upstream-stable: pending (3.16.44) [ipx-call-ipxitf_put-in-ioctl-error-path.patch]
 3.2-upstream-stable: pending (3.2.89) [ipx-call-ipxitf_put-in-ioctl-error-path.patch]
-sid: pending (4.9.30-1)
+sid: released (4.9.30-1)
 3.16-jessie-security: pending (3.16.43-2+deb8u1) [bugfix/all/ipx-call-ipxitf_put-in-ioctl-error-path.patch]
 3.2-wheezy-security: pending (3.2.88-2) [bugfix/all/ipx-call-ipxitf_put-in-ioctl-error-path.patch]

Modified: active/CVE-2017-8890
===================================================================
--- active/CVE-2017-8890	2017-06-01 14:43:55 UTC (rev 5339)
+++ active/CVE-2017-8890	2017-06-04 12:19:12 UTC (rev 5340)
@@ -8,6 +8,6 @@
 4.9-upstream-stable: pending (4.9.31) [dccp-tcp-do-not-inherit-mc_list-from-parent.patch]
 3.16-upstream-stable: pending (3.16.44) [dccp-tcp-do-not-inherit-mc_list-from-parent.patch]
 3.2-upstream-stable: pending (3.2.89) [dccp-tcp-do-not-inherit-mc_list-from-parent.patch]
-sid: pending (4.9.30-1) [bugfix/all/dccp-tcp-do-not-inherit-mc_list-from-parent.patch]
+sid: released (4.9.30-1) [bugfix/all/dccp-tcp-do-not-inherit-mc_list-from-parent.patch]
 3.16-jessie-security: pending (3.16.43-2+deb8u1) [bugfix/all/dccp-tcp-do-not-inherit-mc_list-from-parent.patch]
 3.2-wheezy-security: pending (3.2.88-2) [bugfix/all/dccp-tcp-do-not-inherit-mc_list-from-parent.patch]

Modified: active/CVE-2017-9059
===================================================================
--- active/CVE-2017-9059	2017-06-01 14:43:55 UTC (rev 5339)
+++ active/CVE-2017-9059	2017-06-04 12:19:12 UTC (rev 5340)
@@ -13,6 +13,6 @@
 4.9-upstream-stable: needed
 3.16-upstream-stable: N/A "Vulnerable code not present"
 3.2-upstream-stable: N/A "Vulnerable code not present"
-sid: pending (4.9.30-1) [bugfix/all/sunrpc-refactor-svc_set_num_threads.patch, bugfix/all/nfsv4-fix-callback-server-shutdown.patch]
+sid: released (4.9.30-1) [bugfix/all/sunrpc-refactor-svc_set_num_threads.patch, bugfix/all/nfsv4-fix-callback-server-shutdown.patch]
 3.16-jessie-security: N/A "Vulnerable code not present"
 3.2-wheezy-security: N/A "Vulnerable code not present"

Modified: active/CVE-2017-9074
===================================================================
--- active/CVE-2017-9074	2017-06-01 14:43:55 UTC (rev 5339)
+++ active/CVE-2017-9074	2017-06-04 12:19:12 UTC (rev 5340)
@@ -10,6 +10,6 @@
 4.9-upstream-stable: pending (4.9.31) [ipv6-prevent-overrun-when-parsing-v6-header-options.patch]
 3.16-upstream-stable: pending (3.16.44) [ipv6-prevent-overrun-when-parsing-v6-header-options.patch]
 3.2-upstream-stable: pending (3.2.89) [ipv6-prevent-overrun-when-parsing-v6-header-options.patch]
-sid: pending (4.9.30-1) [bugfix/all/ipv6-prevent-overrun-when-parsing-v6-header-options.patch]
+sid: released (4.9.30-1) [bugfix/all/ipv6-prevent-overrun-when-parsing-v6-header-options.patch]
 3.16-jessie-security: pending (3.16.43-2+deb8u1) [bugfix/all/ipv6-prevent-overrun-when-parsing-v6-header-options.patch]
 3.2-wheezy-security: pending (3.2.88-2) [bugfix/all/ipv6-prevent-overrun-when-parsing-v6-header-options.patch]

Modified: active/CVE-2017-9075
===================================================================
--- active/CVE-2017-9075	2017-06-01 14:43:55 UTC (rev 5339)
+++ active/CVE-2017-9075	2017-06-04 12:19:12 UTC (rev 5340)
@@ -6,6 +6,6 @@
 4.9-upstream-stable: pending (4.9.31) [sctp-do-not-inherit-ipv6_-mc-ac-fl-_list-from-parent.patch]
 3.16-upstream-stable: pending (3.16.44) [sctp-do-not-inherit-ipv6_-mc-ac-fl-_list-from-parent.patch]
 3.2-upstream-stable: pending (3.2.89) [sctp-do-not-inherit-ipv6_-mc-ac-fl-_list-from-parent.patch]
-sid: pending (4.9.30-1) [bugfix/all/sctp-do-not-inherit-ipv6_-mc-ac-fl-_list-from-parent.patch]
+sid: released (4.9.30-1) [bugfix/all/sctp-do-not-inherit-ipv6_-mc-ac-fl-_list-from-parent.patch]
 3.16-jessie-security: pending (3.16.43-2+deb8u1) [bugfix/all/sctp-do-not-inherit-ipv6_-mc-ac-fl-_list-from-parent.patch]
 3.2-wheezy-security: pending (3.2.88-2) [bugfix/all/sctp-do-not-inherit-ipv6_-mc-ac-fl-_list-from-parent.patch]

Modified: active/CVE-2017-9076
===================================================================
--- active/CVE-2017-9076	2017-06-01 14:43:55 UTC (rev 5339)
+++ active/CVE-2017-9076	2017-06-04 12:19:12 UTC (rev 5340)
@@ -6,6 +6,6 @@
 4.9-upstream-stable: pending (4.9.31) [ipv6-dccp-do-not-inherit-ipv6_mc_list-from-parent.patch]
 3.16-upstream-stable: pending (3.16.44) [ipv6-dccp-do-not-inherit-ipv6_mc_list-from-parent.patch]
 3.2-upstream-stable: pending (3.2.89) [ipv6-dccp-do-not-inherit-ipv6_mc_list-from-parent.patch]
-sid: pending (4.9.30-1) [bugfix/all/ipv6-dccp-do-not-inherit-ipv6_mc_list-from-parent.patch]
+sid: released (4.9.30-1) [bugfix/all/ipv6-dccp-do-not-inherit-ipv6_mc_list-from-parent.patch]
 3.16-jessie-security: pending (3.16.43-2+deb8u1) [bugfix/all/ipv6-dccp-do-not-inherit-ipv6_mc_list-from-parent.patch]
 3.2-wheezy-security: pending (3.2.88-2) [bugfix/all/ipv6-dccp-do-not-inherit-ipv6_mc_list-from-parent.patch]

Modified: active/CVE-2017-9077
===================================================================
--- active/CVE-2017-9077	2017-06-01 14:43:55 UTC (rev 5339)
+++ active/CVE-2017-9077	2017-06-04 12:19:12 UTC (rev 5340)
@@ -6,6 +6,6 @@
 4.9-upstream-stable: pending (4.9.31) [ipv6-dccp-do-not-inherit-ipv6_mc_list-from-parent.patch]
 3.16-upstream-stable: pending (3.16.44) [ipv6-dccp-do-not-inherit-ipv6_mc_list-from-parent.patch]
 3.2-upstream-stable: pending (3.2.89) [ipv6-dccp-do-not-inherit-ipv6_mc_list-from-parent.patch]
-sid: pending (4.9.30-1) [bugfix/all/ipv6-dccp-do-not-inherit-ipv6_mc_list-from-parent.patch]
+sid: released (4.9.30-1) [bugfix/all/ipv6-dccp-do-not-inherit-ipv6_mc_list-from-parent.patch]
 3.16-jessie-security: pending (3.16.43-2+deb8u1) [bugfix/all/ipv6-dccp-do-not-inherit-ipv6_mc_list-from-parent.patch]
 3.2-wheezy-security: pending (3.2.88-2) [bugfix/all/ipv6-dccp-do-not-inherit-ipv6_mc_list-from-parent.patch]

Modified: active/CVE-2017-9150
===================================================================
--- active/CVE-2017-9150	2017-06-01 14:43:55 UTC (rev 5339)
+++ active/CVE-2017-9150	2017-06-04 12:19:12 UTC (rev 5340)
@@ -8,6 +8,6 @@
 4.9-upstream-stable: released (4.9.28) [ced0a31e667fbf618591f0a76a8213018407cde0]
 3.16-upstream-stable: N/A "Vulnerable code introduced later"
 3.2-upstream-stable: N/A "Vulnerable code introduced later"
-sid: pending (4.9.30-1)
+sid: released (4.9.30-1)
 3.16-jessie-security: N/A "Vulnerable code not present"
 3.2-wheezy-security: N/A "Vulnerable code not present"

Modified: active/CVE-2017-9211
===================================================================
--- active/CVE-2017-9211	2017-06-01 14:43:55 UTC (rev 5339)
+++ active/CVE-2017-9211	2017-06-04 12:19:12 UTC (rev 5340)
@@ -6,6 +6,6 @@
 4.9-upstream-stable: needed
 3.16-upstream-stable: N/A "Vulnerable code introduced in 4.8-rc1 with 4e6c3df4d729"
 3.2-upstream-stable: N/A "Vulnerable code introduced in 4.8-rc1 with 4e6c3df4d729"
-sid: pending (4.9.30-1) [bugfix/all/crypto-skcipher-Add-missing-api-setkey-checks.patch]
+sid: released (4.9.30-1) [bugfix/all/crypto-skcipher-Add-missing-api-setkey-checks.patch]
 3.16-jessie-security: N/A "Vulnerable code not present"
 3.2-wheezy-security: N/A "Vulnerable code not present"

Modified: active/CVE-2017-9242
===================================================================
--- active/CVE-2017-9242	2017-06-01 14:43:55 UTC (rev 5339)
+++ active/CVE-2017-9242	2017-06-04 12:19:12 UTC (rev 5340)
@@ -6,6 +6,6 @@
 4.9-upstream-stable: pending (4.9.31) [ipv6-fix-out-of-bound-writes-in-__ip6_append_data.patch]
 3.16-upstream-stable: pending (3.16.44) [ipv6-fix-out-of-bound-writes-in-__ip6_append_data.patch]
 3.2-upstream-stable: pending (3.2.89) [ipv6-fix-out-of-bound-writes-in-__ip6_append_data.patch]
-sid: pending (4.9.30-1) [bugfix/all/ipv6-fix-out-of-bound-writes-in-__ip6_append_data.patch]
+sid: released (4.9.30-1) [bugfix/all/ipv6-fix-out-of-bound-writes-in-__ip6_append_data.patch]
 3.16-jessie-security: pending (3.16.43-2+deb8u1) [bugfix/all/ipv6-fix-out-of-bound-writes-in-__ip6_append_data.patch]
 3.2-wheezy-security: pending (3.2.88-2) [bugfix/all/ipv6-fix-out-of-bound-writes-in-__ip6_append_data.patch]

More information about the kernel-sec-discuss mailing list