[kernel-sec-discuss] r5368 - active

Salvatore Bonaccorso carnil at moszumanska.debian.org
Mon Jun 19 15:42:01 UTC 2017 

Author: carnil
Date: 2017-06-19 15:42:01 +0000 (Mon, 19 Jun 2017)
New Revision: 5368

Modified:
   active/CVE-2017-0605
   active/CVE-2017-1000364
   active/CVE-2017-7487
   active/CVE-2017-7645
   active/CVE-2017-7895
   active/CVE-2017-8064
   active/CVE-2017-8890
   active/CVE-2017-8924
   active/CVE-2017-8925
   active/CVE-2017-9074
   active/CVE-2017-9075
   active/CVE-2017-9076
   active/CVE-2017-9077
   active/CVE-2017-9242
Log:
mark 3.16.43-2+deb8u1 and 4.9.30-2+deb9u1 as released

Modified: active/CVE-2017-0605
===================================================================
--- active/CVE-2017-0605	2017-06-19 15:09:52 UTC (rev 5367)
+++ active/CVE-2017-0605	2017-06-19 15:42:01 UTC (rev 5368)
@@ -21,5 +21,5 @@
 3.2-upstream-stable: released (3.2.89) [e39e64193a8a611d11d4c62579a7246c1af70d1c]
 sid: released (4.9.30-1) [bugfix/all/tracing-Use-strlcpy-instead-of-strcpy-in-__trace_fin.patch]
 4.9-stretch-security: N/A "Fixed before branching point"
-3.16-jessie-security: pending (3.16.43-2+deb8u1) [bugfix/all/tracing-Use-strlcpy-instead-of-strcpy-in-__trace_fin.patch]
+3.16-jessie-security: released (3.16.43-2+deb8u1) [bugfix/all/tracing-Use-strlcpy-instead-of-strcpy-in-__trace_fin.patch]
 3.2-wheezy-security: pending (3.2.89-1)

Modified: active/CVE-2017-1000364
===================================================================
--- active/CVE-2017-1000364	2017-06-19 15:09:52 UTC (rev 5367)
+++ active/CVE-2017-1000364	2017-06-19 15:42:01 UTC (rev 5368)
@@ -7,6 +7,6 @@
 3.16-upstream-stable: needed 
 3.2-upstream-stable: needed
 sid: needed
-4.9-stretch-security: pending (4.9.30-2+deb9u1)
-3.16-jessie-security: pending (3.16.43-2+deb8u1)
+4.9-stretch-security: released (4.9.30-2+deb9u1)
+3.16-jessie-security: released (3.16.43-2+deb8u1)
 3.2-wheezy-security: needed

Modified: active/CVE-2017-7487
===================================================================
--- active/CVE-2017-7487	2017-06-19 15:09:52 UTC (rev 5367)
+++ active/CVE-2017-7487	2017-06-19 15:42:01 UTC (rev 5368)
@@ -8,5 +8,5 @@
 3.2-upstream-stable: released (3.2.89) [48dc185bcc73e1bb42d007cbaf96ad55cefaf4cb]
 sid: released (4.9.30-1)
 4.9-stretch-security: N/A "Fixed before branching point"
-3.16-jessie-security: pending (3.16.43-2+deb8u1) [bugfix/all/ipx-call-ipxitf_put-in-ioctl-error-path.patch]
+3.16-jessie-security: released (3.16.43-2+deb8u1) [bugfix/all/ipx-call-ipxitf_put-in-ioctl-error-path.patch]
 3.2-wheezy-security: pending (3.2.89-1)

Modified: active/CVE-2017-7645
===================================================================
--- active/CVE-2017-7645	2017-06-19 15:09:52 UTC (rev 5367)
+++ active/CVE-2017-7645	2017-06-19 15:42:01 UTC (rev 5368)
@@ -21,5 +21,5 @@
 3.2-upstream-stable: released (3.2.89) [1eb3e42d91d63fc757a8da38683f417bcdf953a2]
 sid: released (4.9.25-1) [bugfix/all/nfsd-check-for-oversized-NFSv2-v3-arguments.patch]
 4.9-stretch-security: N/A "Fixed before branching point"
-3.16-jessie-security: pending (3.16.43-2+deb8u1) [bugfix/all/nfsd-check-for-oversized-nfsv2-v3-arguments.patch]
+3.16-jessie-security: released (3.16.43-2+deb8u1) [bugfix/all/nfsd-check-for-oversized-nfsv2-v3-arguments.patch]
 3.2-wheezy-security: pending (3.2.89-1)

Modified: active/CVE-2017-7895
===================================================================
--- active/CVE-2017-7895	2017-06-19 15:09:52 UTC (rev 5367)
+++ active/CVE-2017-7895	2017-06-19 15:42:01 UTC (rev 5368)
@@ -10,5 +10,5 @@
 3.2-upstream-stable: released (3.2.89) [6b9ba0c00cb068a50a409bbdc7cfbe473f1c01a3]
 sid: released (4.9.25-1) [bugfix/all/nfsd-stricter-decoding-of-write-like-NFSv2-v3-ops.patch]
 4.9-stretch-security: N/A "Fixed before branching point"
-3.16-jessie-security: pending (3.16.43-2+deb8u1) [bugfix/all/nfsd-stricter-decoding-of-write-like-nfsv2-v3-ops.patch]
+3.16-jessie-security: released (3.16.43-2+deb8u1) [bugfix/all/nfsd-stricter-decoding-of-write-like-nfsv2-v3-ops.patch]
 3.2-wheezy-security: pending (3.2.89-1)

Modified: active/CVE-2017-8064
===================================================================
--- active/CVE-2017-8064	2017-06-19 15:09:52 UTC (rev 5367)
+++ active/CVE-2017-8064	2017-06-19 15:42:01 UTC (rev 5368)
@@ -10,5 +10,5 @@
 3.2-upstream-stable: N/A "Vulnerable code not present"
 sid: released (4.9.25-1)
 4.9-stretch-security: N/A "Fixed before branching point"
-3.16-jessie-security: pending (3.16.43-2+deb8u1) [bugfix/all/media-dvb-usb-v2-avoid-use-after-free.patch]
+3.16-jessie-security: released (3.16.43-2+deb8u1) [bugfix/all/media-dvb-usb-v2-avoid-use-after-free.patch]
 3.2-wheezy-security: N/A "Vulnerable code not present"

Modified: active/CVE-2017-8890
===================================================================
--- active/CVE-2017-8890	2017-06-19 15:09:52 UTC (rev 5367)
+++ active/CVE-2017-8890	2017-06-19 15:42:01 UTC (rev 5368)
@@ -10,5 +10,5 @@
 3.2-upstream-stable: released (3.2.89) [3d221359fedfc759661fb4a72804b6e798886e8f]
 sid: released (4.9.30-1) [bugfix/all/dccp-tcp-do-not-inherit-mc_list-from-parent.patch]
 4.9-stretch-security: N/A "Fixed before branching point"
-3.16-jessie-security: pending (3.16.43-2+deb8u1) [bugfix/all/dccp-tcp-do-not-inherit-mc_list-from-parent.patch]
+3.16-jessie-security: released (3.16.43-2+deb8u1) [bugfix/all/dccp-tcp-do-not-inherit-mc_list-from-parent.patch]
 3.2-wheezy-security: pending (3.2.89-1)

Modified: active/CVE-2017-8924
===================================================================
--- active/CVE-2017-8924	2017-06-19 15:09:52 UTC (rev 5367)
+++ active/CVE-2017-8924	2017-06-19 15:42:01 UTC (rev 5368)
@@ -8,5 +8,5 @@
 3.2-upstream-stable: released (3.2.89) [6d0c587048c85ca94723fc1bd900130cbe875eb3]
 sid: released (4.9.16-1)
 4.9-stretch-security: N/A "Fixed before branching point"
-3.16-jessie-security: pending (3.16.43-2+deb8u1) [bugfix/all/usb-serial-io_ti-fix-information-leak-in-completion-.patch]
+3.16-jessie-security: released (3.16.43-2+deb8u1) [bugfix/all/usb-serial-io_ti-fix-information-leak-in-completion-.patch]
 3.2-wheezy-security: pending (3.2.89-1)

Modified: active/CVE-2017-8925
===================================================================
--- active/CVE-2017-8925	2017-06-19 15:09:52 UTC (rev 5367)
+++ active/CVE-2017-8925	2017-06-19 15:42:01 UTC (rev 5368)
@@ -8,5 +8,5 @@
 3.2-upstream-stable: released (3.2.89) [8b236342396140be22ab9b486c412666f161af78]
 sid: released (4.9.16-1)
 4.9-stretch-security: N/A "Fixed before branching point"
-3.16-jessie-security: pending (3.16.43-2+deb8u1) [bugfix/all/usb-serial-omninet-fix-reference-leaks-at-open.patch]
+3.16-jessie-security: released (3.16.43-2+deb8u1) [bugfix/all/usb-serial-omninet-fix-reference-leaks-at-open.patch]
 3.2-wheezy-security: pending (3.2.89-1)

Modified: active/CVE-2017-9074
===================================================================
--- active/CVE-2017-9074	2017-06-19 15:09:52 UTC (rev 5367)
+++ active/CVE-2017-9074	2017-06-19 15:42:01 UTC (rev 5368)
@@ -12,5 +12,5 @@
 3.2-upstream-stable: released (3.2.89) [ad8a4d9d3f255a783d534a47d4b4ac611bb291d8]
 sid: released (4.9.30-1) [bugfix/all/ipv6-prevent-overrun-when-parsing-v6-header-options.patch]
 4.9-stretch-security: N/A "Fixed before branching point"
-3.16-jessie-security: pending (3.16.43-2+deb8u1) [bugfix/all/ipv6-prevent-overrun-when-parsing-v6-header-options.patch]
+3.16-jessie-security: released (3.16.43-2+deb8u1) [bugfix/all/ipv6-prevent-overrun-when-parsing-v6-header-options.patch]
 3.2-wheezy-security: pending (3.2.89-1)

Modified: active/CVE-2017-9075
===================================================================
--- active/CVE-2017-9075	2017-06-19 15:09:52 UTC (rev 5367)
+++ active/CVE-2017-9075	2017-06-19 15:42:01 UTC (rev 5368)
@@ -8,5 +8,5 @@
 3.2-upstream-stable: released (3.2.89) [cc1fa7814bdb7ebee2ee79bbce181c0783de9ad5]
 sid: released (4.9.30-1) [bugfix/all/sctp-do-not-inherit-ipv6_-mc-ac-fl-_list-from-parent.patch]
 4.9-stretch-security: N/A "Fixed before branching point"
-3.16-jessie-security: pending (3.16.43-2+deb8u1) [bugfix/all/sctp-do-not-inherit-ipv6_-mc-ac-fl-_list-from-parent.patch]
+3.16-jessie-security: released (3.16.43-2+deb8u1) [bugfix/all/sctp-do-not-inherit-ipv6_-mc-ac-fl-_list-from-parent.patch]
 3.2-wheezy-security: pending (3.2.89-1)

Modified: active/CVE-2017-9076
===================================================================
--- active/CVE-2017-9076	2017-06-19 15:09:52 UTC (rev 5367)
+++ active/CVE-2017-9076	2017-06-19 15:42:01 UTC (rev 5368)
@@ -8,5 +8,5 @@
 3.2-upstream-stable: released (3.2.89) [0767192a2c4ac9145a7e8fb00370963bc145a920]
 sid: released (4.9.30-1) [bugfix/all/ipv6-dccp-do-not-inherit-ipv6_mc_list-from-parent.patch]
 4.9-stretch-security: N/A "Fixed before branching point"
-3.16-jessie-security: pending (3.16.43-2+deb8u1) [bugfix/all/ipv6-dccp-do-not-inherit-ipv6_mc_list-from-parent.patch]
+3.16-jessie-security: released (3.16.43-2+deb8u1) [bugfix/all/ipv6-dccp-do-not-inherit-ipv6_mc_list-from-parent.patch]
 3.2-wheezy-security: pending (3.2.89-1)

Modified: active/CVE-2017-9077
===================================================================
--- active/CVE-2017-9077	2017-06-19 15:09:52 UTC (rev 5367)
+++ active/CVE-2017-9077	2017-06-19 15:42:01 UTC (rev 5368)
@@ -8,5 +8,5 @@
 3.2-upstream-stable: released (3.2.89) [0767192a2c4ac9145a7e8fb00370963bc145a920]
 sid: released (4.9.30-1) [bugfix/all/ipv6-dccp-do-not-inherit-ipv6_mc_list-from-parent.patch]
 4.9-stretch-security: N/A "Fixed before branching point"
-3.16-jessie-security: pending (3.16.43-2+deb8u1) [bugfix/all/ipv6-dccp-do-not-inherit-ipv6_mc_list-from-parent.patch]
+3.16-jessie-security: released (3.16.43-2+deb8u1) [bugfix/all/ipv6-dccp-do-not-inherit-ipv6_mc_list-from-parent.patch]
 3.2-wheezy-security: pending (3.2.89-1)

Modified: active/CVE-2017-9242
===================================================================
--- active/CVE-2017-9242	2017-06-19 15:09:52 UTC (rev 5367)
+++ active/CVE-2017-9242	2017-06-19 15:42:01 UTC (rev 5368)
@@ -8,5 +8,5 @@
 3.2-upstream-stable: released (3.2.89) [e5238fca9694d61861096d5fb80685c9f6581555]
 sid: released (4.9.30-1) [bugfix/all/ipv6-fix-out-of-bound-writes-in-__ip6_append_data.patch]
 4.9-stretch-security: N/A "Fixed before branching point"
-3.16-jessie-security: pending (3.16.43-2+deb8u1) [bugfix/all/ipv6-fix-out-of-bound-writes-in-__ip6_append_data.patch]
+3.16-jessie-security: released (3.16.43-2+deb8u1) [bugfix/all/ipv6-fix-out-of-bound-writes-in-__ip6_append_data.patch]
 3.2-wheezy-security: pending (3.2.89-1)

More information about the kernel-sec-discuss mailing list