[kernel-sec-discuss] r5346 - active

Salvatore Bonaccorso carnil at moszumanska.debian.org
Tue Jun 6 09:41:02 UTC 2017 

Author: carnil
Date: 2017-06-06 09:41:02 +0000 (Tue, 06 Jun 2017)
New Revision: 5346

Modified:
   active/CVE-2017-7616
   active/CVE-2017-7618
   active/CVE-2017-7645
   active/CVE-2017-7895
   active/CVE-2017-8064
   active/CVE-2017-8890
   active/CVE-2017-8924
   active/CVE-2017-8925
   active/CVE-2017-9074
   active/CVE-2017-9075
   active/CVE-2017-9076
   active/CVE-2017-9077
   active/CVE-2017-9242
Log:
Record more upstream commits directly

Modified: active/CVE-2017-7616
===================================================================
--- active/CVE-2017-7616	2017-06-06 09:25:19 UTC (rev 5345)
+++ active/CVE-2017-7616	2017-06-06 09:41:02 UTC (rev 5346)
@@ -9,8 +9,8 @@
 Bugs:
 upstream: released (4.11-rc6) [cf01fb9985e8deb25ccf0ea54d916b8871ae0e62]
 4.9-upstream-stable: released (4.9.22) [cddab768d13469d1e254fb8c0e1629f93c8dfaca]
-3.16-upstream-stable: released (3.16.44) [mm-mempolicy.c-fix-error-handling-in-set_mempolicy-and-mbind.patch]
-3.2-upstream-stable: released (3.2.89) [mm-mempolicy.c-fix-error-handling-in-set_mempolicy-and-mbind.patch]
+3.16-upstream-stable: released (3.16.44) [4474624a1a496e4dc93a2cd49ea915d9c90d80e9]
+3.2-upstream-stable: released (3.2.89) [3f3b4a9db31af279e793229177b63ea201e24629]
 sid: released (4.9.25-1)
 3.16-jessie-security: released (3.16.43-1) [bugfix/all/mm-mempolicy.c-fix-error-handling-in-set_mempolicy-a.patch]
 3.2-wheezy-security: released (3.2.88-1) [bugfix/all/mm-mempolicy.c-fix-error-handling-in-set_mempolicy-a.patch]

Modified: active/CVE-2017-7618
===================================================================
--- active/CVE-2017-7618	2017-06-06 09:25:19 UTC (rev 5345)
+++ active/CVE-2017-7618	2017-06-06 09:41:02 UTC (rev 5346)
@@ -10,8 +10,8 @@
 Bugs:
 upstream: released (4.11-rc8) [ef0579b64e93188710d48667cb5e014926af9f1b]
 4.9-upstream-stable: released (4.9.24) [c10479591869177ae7ac0570b54ace6fbdeb57c2]
-3.16-upstream-stable: released (3.16.44) [crypto-ahash-fix-einprogress-notification-callback.patch]
-3.2-upstream-stable: released (3.2.89) [crypto-ahash-fix-einprogress-notification-callback.patch]
+3.16-upstream-stable: released (3.16.44) [13af702256f8b7d9bb51b86c982fe08e96c589c8]
+3.2-upstream-stable: released (3.2.89) [82ef3e7b16e777db114a0c3699b91134417fe8c9]
 sid: released (4.9.25-1)
 3.16-jessie-security: released (3.16.43-1) [bugfix/all/crypto-ahash-fix-einprogress-notification-callback.patch]
 3.2-wheezy-security: released (3.2.88-1) [bugfix/all/crypto-ahash-fix-einprogress-notification-callback.patch]

Modified: active/CVE-2017-7645
===================================================================
--- active/CVE-2017-7645	2017-06-06 09:25:19 UTC (rev 5345)
+++ active/CVE-2017-7645	2017-06-06 09:41:02 UTC (rev 5346)
@@ -17,8 +17,8 @@
 Bugs:
 upstream: released (4.11) [e6838a29ecb484c97e4efef9429643b9851fba6e]
 4.9-upstream-stable: released (4.9.26) [fc6445df466f37291a70937642068bda78802a5b]
-3.16-upstream-stable: released (3.16.44) [nfsd-check-for-oversized-nfsv2-v3-arguments.patch]
-3.2-upstream-stable: released (3.2.89) [nfsd-check-for-oversized-nfsv2-v3-arguments.patch]
+3.16-upstream-stable: released (3.16.44) [1d4ab03084d4bace93b1573c57a309e954d05c09]
+3.2-upstream-stable: released (3.2.89) [1eb3e42d91d63fc757a8da38683f417bcdf953a2]
 sid: released (4.9.25-1) [bugfix/all/nfsd-check-for-oversized-NFSv2-v3-arguments.patch]
 3.16-jessie-security: pending (3.16.43-2+deb8u1) [bugfix/all/nfsd-check-for-oversized-nfsv2-v3-arguments.patch]
 3.2-wheezy-security: pending (3.2.88-2) [bugfix/all/nfsd-check-for-oversized-nfsv2-v3-arguments.patch]

Modified: active/CVE-2017-7895
===================================================================
--- active/CVE-2017-7895	2017-06-06 09:25:19 UTC (rev 5345)
+++ active/CVE-2017-7895	2017-06-06 09:41:02 UTC (rev 5346)
@@ -6,8 +6,8 @@
 Bugs:
 upstream: released (4.11) [13bf9fbff0e5e099e2b6f003a0ab8ae145436309]
 4.9-upstream-stable: released (4.9.26) [d7809b9e99bb75e83bdd13dc70ce27df61faf5de]
-3.16-upstream-stable: released (3.16.44) [nfsd-stricter-decoding-of-write-like-nfsv2-v3-ops.patch]
-3.2-upstream-stable: released (3.2.89) [nfsd-stricter-decoding-of-write-like-nfsv2-v3-ops.patch]
+3.16-upstream-stable: released (3.16.44) [bb0ea8af0b69259f5ea1d2fcff52948c98129c5e]
+3.2-upstream-stable: released (3.2.89) [6b9ba0c00cb068a50a409bbdc7cfbe473f1c01a3]
 sid: released (4.9.25-1) [bugfix/all/nfsd-stricter-decoding-of-write-like-NFSv2-v3-ops.patch]
 3.16-jessie-security: pending (3.16.43-2+deb8u1) [bugfix/all/nfsd-stricter-decoding-of-write-like-nfsv2-v3-ops.patch]
 3.2-wheezy-security: pending (3.2.88-2) [bugfix/all/nfsd-stricter-decoding-of-write-like-nfsv2-v3-ops.patch]

Modified: active/CVE-2017-8064
===================================================================
--- active/CVE-2017-8064	2017-06-06 09:25:19 UTC (rev 5345)
+++ active/CVE-2017-8064	2017-06-06 09:41:02 UTC (rev 5346)
@@ -6,7 +6,7 @@
 Bugs:
 upstream: released (4.11-rc1) [005145378c9ad7575a01b6ce1ba118fb427f583a]
 4.9-upstream-stable: released (4.9.24) [1992564156b5dc4ac73418e5b95e1a43f12f3cb1]
-3.16-upstream-stable: released (3.16.44) [dvb-usb-v2-avoid-use-after-free.patch]
+3.16-upstream-stable: released (3.16.44) [522182342410708c54eb2b33ff36e85f0b045a6d]
 3.2-upstream-stable: N/A "Vulnerable code not present"
 sid: released (4.9.25-1)
 3.16-jessie-security: pending (3.16.43-2+deb8u1) [bugfix/all/media-dvb-usb-v2-avoid-use-after-free.patch]

Modified: active/CVE-2017-8890
===================================================================
--- active/CVE-2017-8890	2017-06-06 09:25:19 UTC (rev 5345)
+++ active/CVE-2017-8890	2017-06-06 09:41:02 UTC (rev 5346)
@@ -6,8 +6,8 @@
 Bugs:
 upstream: released (4.12-rc1) [657831ffc38e30092a2d5f03d385d710eb88b09a]
 4.9-upstream-stable: pending (4.9.31) [dccp-tcp-do-not-inherit-mc_list-from-parent.patch]
-3.16-upstream-stable: released (3.16.44) [dccp-tcp-do-not-inherit-mc_list-from-parent.patch]
-3.2-upstream-stable: released (3.2.89) [dccp-tcp-do-not-inherit-mc_list-from-parent.patch]
+3.16-upstream-stable: released (3.16.44) [e4d8daa3b0d195c8aead116dd70aad8124be60c3]
+3.2-upstream-stable: released (3.2.89) [3d221359fedfc759661fb4a72804b6e798886e8f]
 sid: released (4.9.30-1) [bugfix/all/dccp-tcp-do-not-inherit-mc_list-from-parent.patch]
 3.16-jessie-security: pending (3.16.43-2+deb8u1) [bugfix/all/dccp-tcp-do-not-inherit-mc_list-from-parent.patch]
 3.2-wheezy-security: pending (3.2.88-2) [bugfix/all/dccp-tcp-do-not-inherit-mc_list-from-parent.patch]

Modified: active/CVE-2017-8924
===================================================================
--- active/CVE-2017-8924	2017-06-06 09:25:19 UTC (rev 5345)
+++ active/CVE-2017-8924	2017-06-06 09:41:02 UTC (rev 5346)
@@ -4,8 +4,8 @@
 Bugs:
 upstream: released (4.11-rc2) [654b404f2a222f918af9b0cd18ad469d0c941a8e]
 4.9-upstream-stable: released (4.9.16) [d0ef6ecee85e17742d8bce1559872cb542d6ccac]
-3.16-upstream-stable: released (3.16.44) [usb-serial-io_ti-fix-information-leak-in-completion-handler.patch]
-3.2-upstream-stable: released (3.2.89) [usb-serial-io_ti-fix-information-leak-in-completion-handler.patch]
+3.16-upstream-stable: released (3.16.44) [f7287278eea268132ab71b30a0425ccf3a13a323]
+3.2-upstream-stable: released (3.2.89) [6d0c587048c85ca94723fc1bd900130cbe875eb3]
 sid: released (4.9.16-1)
 3.16-jessie-security: pending (3.16.43-2+deb8u1) [bugfix/all/usb-serial-io_ti-fix-information-leak-in-completion-.patch]
 3.2-wheezy-security: pending (3.2.88-2) [bugfix/all/usb-serial-io_ti-fix-information-leak-in-completion-.patch]

Modified: active/CVE-2017-8925
===================================================================
--- active/CVE-2017-8925	2017-06-06 09:25:19 UTC (rev 5345)
+++ active/CVE-2017-8925	2017-06-06 09:41:02 UTC (rev 5346)
@@ -4,8 +4,8 @@
 Bugs:
 upstream: released (4.11-rc2) [30572418b445d85fcfe6c8fe84c947d2606767d8]
 4.9-upstream-stable: released (4.9.16) [6d6c5895f45431579c20f4183b25183f0e3afc92]
-3.16-upstream-stable: released (3.16.44) [usb-serial-omninet-fix-reference-leaks-at-open.patch]
-3.2-upstream-stable: released (3.2.89) [usb-serial-omninet-fix-reference-leaks-at-open.patch]
+3.16-upstream-stable: released (3.16.44) [e766215595e90b7a307cc7c7054ff43e96340731]
+3.2-upstream-stable: released (3.2.89) [8b236342396140be22ab9b486c412666f161af78]
 sid: released (4.9.16-1)
 3.16-jessie-security: pending (3.16.43-2+deb8u1) [bugfix/all/usb-serial-omninet-fix-reference-leaks-at-open.patch]
 3.2-wheezy-security: pending (3.2.88-2) [bugfix/all/usb-serial-omninet-fix-reference-leaks-at-open.patch]

Modified: active/CVE-2017-9074
===================================================================
--- active/CVE-2017-9074	2017-06-06 09:25:19 UTC (rev 5345)
+++ active/CVE-2017-9074	2017-06-06 09:41:02 UTC (rev 5346)
@@ -8,8 +8,8 @@
 Bugs:
 upstream: released (4.12-rc2) [2423496af35d94a87156b063ea5cedffc10a70a1]
 4.9-upstream-stable: pending (4.9.31) [ipv6-prevent-overrun-when-parsing-v6-header-options.patch]
-3.16-upstream-stable: released (3.16.44) [ipv6-prevent-overrun-when-parsing-v6-header-options.patch]
-3.2-upstream-stable: released (3.2.89) [ipv6-prevent-overrun-when-parsing-v6-header-options.patch]
+3.16-upstream-stable: released (3.16.44) [3bff722de601acaf593a1ade13fbbee54b688e9b]
+3.2-upstream-stable: released (3.2.89) [ad8a4d9d3f255a783d534a47d4b4ac611bb291d8]
 sid: released (4.9.30-1) [bugfix/all/ipv6-prevent-overrun-when-parsing-v6-header-options.patch]
 3.16-jessie-security: pending (3.16.43-2+deb8u1) [bugfix/all/ipv6-prevent-overrun-when-parsing-v6-header-options.patch]
 3.2-wheezy-security: pending (3.2.88-2) [bugfix/all/ipv6-prevent-overrun-when-parsing-v6-header-options.patch]

Modified: active/CVE-2017-9075
===================================================================
--- active/CVE-2017-9075	2017-06-06 09:25:19 UTC (rev 5345)
+++ active/CVE-2017-9075	2017-06-06 09:41:02 UTC (rev 5346)
@@ -4,8 +4,8 @@
 Bugs:
 upstream: released (4.12-rc2) [fdcee2cbb8438702ea1b328fb6e0ac5e9a40c7f8]
 4.9-upstream-stable: pending (4.9.31) [sctp-do-not-inherit-ipv6_-mc-ac-fl-_list-from-parent.patch]
-3.16-upstream-stable: released (3.16.44) [sctp-do-not-inherit-ipv6_-mc-ac-fl-_list-from-parent.patch]
-3.2-upstream-stable: released (3.2.89) [sctp-do-not-inherit-ipv6_-mc-ac-fl-_list-from-parent.patch]
+3.16-upstream-stable: released (3.16.44) [60e7579f4b71e2e8b252d2f1b3ef5ffb3b971a4e]
+3.2-upstream-stable: released (3.2.89) [cc1fa7814bdb7ebee2ee79bbce181c0783de9ad5]
 sid: released (4.9.30-1) [bugfix/all/sctp-do-not-inherit-ipv6_-mc-ac-fl-_list-from-parent.patch]
 3.16-jessie-security: pending (3.16.43-2+deb8u1) [bugfix/all/sctp-do-not-inherit-ipv6_-mc-ac-fl-_list-from-parent.patch]
 3.2-wheezy-security: pending (3.2.88-2) [bugfix/all/sctp-do-not-inherit-ipv6_-mc-ac-fl-_list-from-parent.patch]

Modified: active/CVE-2017-9076
===================================================================
--- active/CVE-2017-9076	2017-06-06 09:25:19 UTC (rev 5345)
+++ active/CVE-2017-9076	2017-06-06 09:41:02 UTC (rev 5346)
@@ -4,8 +4,8 @@
 Bugs:
 upstream: released (4.12-rc2) [83eaddab4378db256d00d295bda6ca997cd13a52]
 4.9-upstream-stable: pending (4.9.31) [ipv6-dccp-do-not-inherit-ipv6_mc_list-from-parent.patch]
-3.16-upstream-stable: released (3.16.44) [ipv6-dccp-do-not-inherit-ipv6_mc_list-from-parent.patch]
-3.2-upstream-stable: released (3.2.89) [ipv6-dccp-do-not-inherit-ipv6_mc_list-from-parent.patch]
+3.16-upstream-stable: released (3.16.44) [53d48f98b800059504da76d12bf0074581aa0fe2]
+3.2-upstream-stable: released (3.2.89) [0767192a2c4ac9145a7e8fb00370963bc145a920]
 sid: released (4.9.30-1) [bugfix/all/ipv6-dccp-do-not-inherit-ipv6_mc_list-from-parent.patch]
 3.16-jessie-security: pending (3.16.43-2+deb8u1) [bugfix/all/ipv6-dccp-do-not-inherit-ipv6_mc_list-from-parent.patch]
 3.2-wheezy-security: pending (3.2.88-2) [bugfix/all/ipv6-dccp-do-not-inherit-ipv6_mc_list-from-parent.patch]

Modified: active/CVE-2017-9077
===================================================================
--- active/CVE-2017-9077	2017-06-06 09:25:19 UTC (rev 5345)
+++ active/CVE-2017-9077	2017-06-06 09:41:02 UTC (rev 5346)
@@ -4,8 +4,8 @@
 Bugs:
 upstream: released (4.12-rc2) [83eaddab4378db256d00d295bda6ca997cd13a52]
 4.9-upstream-stable: pending (4.9.31) [ipv6-dccp-do-not-inherit-ipv6_mc_list-from-parent.patch]
-3.16-upstream-stable: released (3.16.44) [ipv6-dccp-do-not-inherit-ipv6_mc_list-from-parent.patch]
-3.2-upstream-stable: released (3.2.89) [ipv6-dccp-do-not-inherit-ipv6_mc_list-from-parent.patch]
+3.16-upstream-stable: released (3.16.44) [53d48f98b800059504da76d12bf0074581aa0fe2]
+3.2-upstream-stable: released (3.2.89) [0767192a2c4ac9145a7e8fb00370963bc145a920]
 sid: released (4.9.30-1) [bugfix/all/ipv6-dccp-do-not-inherit-ipv6_mc_list-from-parent.patch]
 3.16-jessie-security: pending (3.16.43-2+deb8u1) [bugfix/all/ipv6-dccp-do-not-inherit-ipv6_mc_list-from-parent.patch]
 3.2-wheezy-security: pending (3.2.88-2) [bugfix/all/ipv6-dccp-do-not-inherit-ipv6_mc_list-from-parent.patch]

Modified: active/CVE-2017-9242
===================================================================
--- active/CVE-2017-9242	2017-06-06 09:25:19 UTC (rev 5345)
+++ active/CVE-2017-9242	2017-06-06 09:41:02 UTC (rev 5346)
@@ -4,8 +4,8 @@
 Bugs:
 upstream: released (4.12-rc3) [232cd35d0804cc241eb887bb8d4d9b3b9881c64a]
 4.9-upstream-stable: pending (4.9.31) [ipv6-fix-out-of-bound-writes-in-__ip6_append_data.patch]
-3.16-upstream-stable: released (3.16.44) [ipv6-fix-out-of-bound-writes-in-__ip6_append_data.patch]
-3.2-upstream-stable: released (3.2.89) [ipv6-fix-out-of-bound-writes-in-__ip6_append_data.patch]
+3.16-upstream-stable: released (3.16.44) [55c51263ff43e3bf5deb1425f4221696f94db1be]
+3.2-upstream-stable: released (3.2.89) [e5238fca9694d61861096d5fb80685c9f6581555]
 sid: released (4.9.30-1) [bugfix/all/ipv6-fix-out-of-bound-writes-in-__ip6_append_data.patch]
 3.16-jessie-security: pending (3.16.43-2+deb8u1) [bugfix/all/ipv6-fix-out-of-bound-writes-in-__ip6_append_data.patch]
 3.2-wheezy-security: pending (3.2.88-2) [bugfix/all/ipv6-fix-out-of-bound-writes-in-__ip6_append_data.patch]

More information about the kernel-sec-discuss mailing list