[Secure-testing-commits] r25607 - in data: . CVE
Moritz Muehlenhoff
jmm at moszumanska.debian.org
Sat Feb 8 15:37:51 UTC 2014
Author: jmm
Date: 2014-02-08 15:37:51 +0000 (Sat, 08 Feb 2014)
New Revision: 25607
Modified:
data/CVE/list
data/next-point-update.txt
Log:
add kernel fixes from wheezy point update
Modified: data/CVE/list
===================================================================
--- data/CVE/list 2014-02-08 15:29:35 UTC (rev 25606)
+++ data/CVE/list 2014-02-08 15:37:51 UTC (rev 25607)
@@ -1224,19 +1224,22 @@
CVE-2014-1446 (The yam_ioctl function in drivers/net/hamradio/yam.c in the Linux ...)
- linux 3.12.8-1 (low)
- linux-2.6 <removed> (low)
+ [wheezy] - linux 3.2.54-1
NOTE: https://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=8e3fbf870481eb53b2d3a322d1fc395ad8b367ed
- NOTE: Fix contained in v3.13-rc7
CVE-2014-1445 (The wanxl_ioctl function in drivers/net/wan/wanxl.c in the Linux ...)
- linux 3.12.6-1 (low)
- linux-2.6 <removed> (low)
+ [wheezy] - linux 3.2.53-1
NOTE: https://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=2b13d06c9584b4eb773f1e80bbaedab9a1c344e1
CVE-2014-1444 (The fst_get_iface function in drivers/net/wan/farsync.c in the Linux ...)
- linux 3.12.6-1 (low)
- linux-2.6 <removed> (low)
+ [wheezy] - linux 3.2.53-1
NOTE: https://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=96b340406724d87e4621284ebac5e059d67b2194
CVE-2014-1438 (The restore_fpu_checking function in ...)
- linux 3.12.8-1 (bug #733551)
- linux-2.6 <removed>
+ [wheezy] - linux 3.2.54-1
NOTE: http://www.halfdog.net/Security/2013/Vm86SyscallTaskSwitchKernelPanic/
NOTE: http://git.kernel.org/cgit/linux/kernel/git/tip/tip.git/commit/?id=26bef1318adc1b3a530ecc807ef99346db2aa8b0
CVE-2014-1448
@@ -6275,13 +6278,16 @@
CVE-2013-6382 (Multiple buffer underflows in the XFS implementation in the Linux ...)
- linux-2.6 <removed> (low)
- linux 3.11.10-1 (low)
+ [wheezy] - linux 3.2.53-1
CVE-2013-6381 (Buffer overflow in the qeth_snmp_command function in ...)
- linux-2.6 <removed> (low)
- linux 3.11.10-1 (low)
+ [wheezy] - linux 3.2.53-1
NOTE: http://git.kernel.org/linus/6fb392b1a63ae36c31f62bc3fc8630b49d602b62
CVE-2013-6380 (The aac_send_raw_srb function in drivers/scsi/aacraid/commctrl.c in ...)
- linux-2.6 <removed>
- linux 3.11.10-1
+ [wheezy] - linux 3.2.53-1
NOTE: http://git.kernel.org/linus/b4789b8e6be3151a955ade74872822f30e8cd914
CVE-2013-6379
REJECTED
@@ -6293,6 +6299,7 @@
CVE-2013-6378 (The lbs_debugfs_write function in ...)
- linux-2.6 <removed> (low)
- linux 3.11.10-1 (low)
+ [wheezy] - linux 3.2.53-1
NOTE: http://git.kernel.org/linus/a497e47d4aec37aaf8f13509f3ef3d1f6a717d88
CVE-2013-6377
REJECTED
@@ -6319,9 +6326,11 @@
CVE-2013-6368 (The KVM subsystem in the Linux kernel through 3.12.5 allows local ...)
- linux 3.12.5-1
- linux-2.6 <removed>
+ [wheezy] - linux 3.2.54-1
CVE-2013-6367 (The apic_get_tmcct function in arch/x86/kvm/lapic.c in the KVM ...)
- linux 3.12.5-1
- linux-2.6 <removed>
+ [wheezy] - linux 3.2.54-1
CVE-2013-6363
RESERVED
CVE-2013-6362
@@ -6518,7 +6527,7 @@
CVE-2013-6282 (The (1) get_user and (2) put_user API functions in the Linux kernel ...)
- linux 3.6.4-1~experimental.1
- linux-2.6 <removed>
- NOTE: issue present in wheezy and squeeze
+ [wheezy] - linux 3.2.53-1
NOTE: https://www.codeaurora.org/projects/security-advisories/missing-access-checks-putusergetuser-kernel-api-cve-2013-6282
NOTE: https://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/arch/arm/include/asm/uaccess.h?id=8404663f81d212918ff85f493649a7991209fa04
CVE-2013-6281 (Cross-site scripting (XSS) vulnerability in codebase/spreadsheet.php ...)
@@ -10499,6 +10508,7 @@
CVE-2013-4592 (Memory leak in the __kvm_set_memory_region function in ...)
- linux 3.8-1
- linux-2.6 <removed>
+ [wheezy] - linux 3.2.53-1
CVE-2013-4591 (Buffer overflow in the __nfs4_get_acl_uncached function in ...)
- linux 3.8-1
[wheezy] - linux <not-affected> (Introduced in 3.6)
@@ -10520,6 +10530,7 @@
CVE-2013-4587 (Array index error in the kvm_vm_ioctl_create_vcpu function in ...)
- linux 3.12.5-1
- linux-2.6 <removed>
+ [wheezy] - linux 3.2.54-1
CVE-2013-4586
RESERVED
CVE-2013-4585
@@ -10544,6 +10555,7 @@
CVE-2013-4579 (The ath9k_htc_set_bssid_mask function in ...)
- linux-2.6 <not-affected> (ath9k not yet present)
- linux 3.12.8-1 (bug #729573)
+ [wheezy] - linux 3.2.54-1
NOTE: http://www.mathyvanhoef.com/2013/11/unmasking-spoofed-mac-address.html
CVE-2013-4578
RESERVED
@@ -10748,10 +10760,12 @@
CVE-2013-4512 (Buffer overflow in the exitcode_proc_write function in ...)
- linux 3.11.8-1 (low)
- linux-2.6 <removed> (low)
+ [wheezy] - linux 3.2.53-1
NOTE: https://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=201f99f170df14ba52ea4c52847779042b7a623b
CVE-2013-4511 (Multiple integer overflows in Alchemy LCD frame-buffer drivers in the ...)
- linux 3.11.8-1
- linux-2.6 <removed>
+ [wheezy] - linux 3.2.53-1
NOTE: https://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=7314e613d
CVE-2013-4510 (Directory traversal vulnerability in the client in Tryton 3.0.0, as ...)
{DSA-2791-1}
@@ -10908,6 +10922,7 @@
CVE-2013-4470 (The Linux kernel before 3.12, when UDP Fragmentation Offload (UFO) is ...)
- linux 3.11.7-1
- linux-2.6 <removed>
+ [wheezy] - linux 3.2.53-1
CVE-2013-4469 (OpenStack Compute (Nova) Folsom, Grizzly, and Havana, when ...)
- nova 2013.2-3 (bug #728605)
NOTE: CVE for incomplete fix of CVE-2013-2096
@@ -11184,6 +11199,7 @@
CVE-2013-4387 (net/ipv6/ip6_output.c in the Linux kernel through 3.11.4 does not ...)
- linux-2.6 <removed>
- linux 3.11.5-1
+ [wheezy] - linux 3.2.53-1
CVE-2013-4386 (Multiple SQL injection vulnerabilities in ...)
- foreman <itp> (bug #663101)
CVE-2013-4385 (Buffer overflow in the "read-string!" procedure in the "extras" unit ...)
@@ -11309,6 +11325,7 @@
CVE-2013-4350 (The IPv6 SCTP implementation in net/sctp/ipv6.c in the Linux kernel ...)
- linux-2.6 <removed>
- linux 3.11.5-1
+ [wheezy] - linux 3.2.53-1
NOTE: http://www.openwall.com/lists/oss-security/2013/09/13/2
NOTE: http://git.kernel.org/cgit/linux/kernel/git/davem/net.git/commit/?id=95ee62083cb6453e056562d91f597552021e6ae7
CVE-2013-4349 [IcedTeaScriptableJavaObject::invoke off-by-one heap-based buffer overflow]
@@ -11320,6 +11337,7 @@
CVE-2013-4348 (The skb_flow_dissect function in net/core/flow_dissector.c in the ...)
- linux 3.11.6-2
- linux-2.6 <not-affected> (Introduced in 3.2)
+ [wheezy] - linux 3.2.53-2
CVE-2013-4347 [Uses poor PRNG]
RESERVED
- python-oauth2 <unfixed> (low; bug #722657)
@@ -11335,6 +11353,7 @@
CVE-2013-4345 (Off-by-one error in the get_prng_bytes function in crypto/ansi_cprng.c ...)
- linux-2.6 <removed>
- linux 3.11.5-1
+ [wheezy] - linux 3.2.53-1
CVE-2013-4344 (Buffer overflow in the SCSI implementation in QEMU, as used in Xen, ...)
- xen 4.2-1
- qemu 1.6.0+dfsg-2 (unimportant; bug #725944)
@@ -11482,6 +11501,7 @@
CVE-2013-4299 (Interpretation conflict in drivers/md/dm-snap-persistent.c in the ...)
- linux-2.6 <unfixed>
- linux 3.11.6-2
+ [wheezy] - linux 3.2.53-1
NOTE: upstream commit: http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=e9c6a182649f4259db704ae15a91ac820e63b0ca
CVE-2013-4297 (The virFileNBDDeviceAssociate function in util/virfile.c in libvirt ...)
- libvirt 1.1.2-2
@@ -14780,6 +14800,7 @@
CVE-2013-2929 (The Linux kernel before 3.12.2 does not properly use the get_dumpable ...)
- linux-2.6 <removed>
- linux 3.11.10-1
+ [wheezy] - linux 3.2.53-2
CVE-2013-2928 (Multiple unspecified vulnerabilities in Google Chrome before ...)
{DSA-2785-1}
- chromium-browser 30.0.1599.101-1
@@ -14909,6 +14930,7 @@
CVE-2013-2897 (Multiple array index errors in drivers/hid/hid-multitouch.c in the ...)
- linux 3.11.5-1 (low)
- linux-2.6 <not-affected> (driver introduced in 2.6.38)
+ [wheezy] - linux 3.2.53-1
CVE-2013-2896 (drivers/hid/hid-ntrig.c in the Human Interface Device (HID) subsystem ...)
- linux 3.10.11-1 (low)
[wheezy] - linux 3.2.51-1
@@ -14916,6 +14938,7 @@
CVE-2013-2895 (drivers/hid/hid-logitech-dj.c in the Human Interface Device (HID) ...)
- linux 3.11.5-1 (low)
- linux-2.6 <not-affected> (driver introduced in 3.2)
+ [wheezy] - linux 3.2.53-1
CVE-2013-2894 (drivers/hid/hid-lenovo-tpkbd.c in the Human Interface Device (HID) ...)
- linux 3.11.5-1 (low)
[wheezy] - linux <not-affected> (driver introduced in 3.6)
@@ -14923,6 +14946,7 @@
CVE-2013-2893 (The Human Interface Device (HID) subsystem in the Linux kernel through ...)
- linux 3.11.5-1 (low)
- linux-2.6 <removed> (low)
+ [wheezy] - linux 3.2.53-1
CVE-2013-2892 (drivers/hid/hid-pl.c in the Human Interface Device (HID) subsystem in ...)
{DSA-2766-1}
- linux 3.10.11-1 (low)
@@ -14938,6 +14962,7 @@
CVE-2013-2889 (drivers/hid/hid-zpff.c in the Human Interface Device (HID) subsystem ...)
- linux 3.11.5-1 (low)
- linux-2.6 <removed> (low)
+ [wheezy] - linux 3.2.53-1
CVE-2013-2888 (Multiple array index errors in drivers/hid/hid-core.c in the Human ...)
{DSA-2766-1}
- linux 3.10.11-1
@@ -17004,6 +17029,7 @@
CVE-2013-2147 (The HP Smart Array controller disk-array driver and Compaq SMART2 ...)
- linux-2.6 <removed> (low)
- linux 3.11.5-1 (low)
+ [wheezy] - linux 3.2.53-1
CVE-2013-2146 (arch/x86/kernel/cpu/perf_event_intel.c in the Linux kernel before ...)
- linux-2.6 <not-affected> (Introduced in 3.1)
- linux 3.9.4-1
@@ -34241,6 +34267,7 @@
[squeeze] - linux-2.6 <not-affected> (Vulnerable code not present)
CVE-2012-2372 (The rds_ib_xmit function in net/rds/ib_send.c in the Reliable Datagram ...)
- linux 3.11.10-1 (unimportant)
+ [wheezy] - linux 3.2.53-1
NOTE: rds is not included in distributed kernel images, only marked as "experimental"
CVE-2012-2371 (Cross-site scripting (XSS) vulnerability in index.php in the ...)
NOT-FOR-US: WP-FaceThumb plugin for WordPress
Modified: data/next-point-update.txt
===================================================================
--- data/next-point-update.txt 2014-02-08 15:29:35 UTC (rev 25606)
+++ data/next-point-update.txt 2014-02-08 15:37:51 UTC (rev 25607)
@@ -1,49 +1,3 @@
-CVE-2013-4348
- [wheezy] - linux 3.2.53-2
-CVE-2012-2372
- [wheezy] - linux 3.2.53-1
-CVE-2013-2147
- [wheezy] - linux 3.2.53-1
-CVE-2013-2889
- [wheezy] - linux 3.2.53-1
-CVE-2013-2893
- [wheezy] - linux 3.2.53-1
-CVE-2013-2895
- [wheezy] - linux 3.2.53-1
-CVE-2013-2897
- [wheezy] - linux 3.2.53-1
-CVE-2013-2929
- [wheezy] - linux 3.2.53-2
-CVE-2013-4299
- [wheezy] - linux 3.2.53-1
-CVE-2013-4350
- [wheezy] - linux 3.2.53-1
-CVE-2013-4345
- [wheezy] - linux 3.2.53-1
-CVE-2013-4387
- [wheezy] - linux 3.2.53-1
-CVE-2013-4470
- [wheezy] - linux 3.2.53-1
-CVE-2013-4511
- [wheezy] - linux 3.2.53-1
-CVE-2013-4512
- [wheezy] - linux 3.2.53-1
-CVE-2014-1445
- [wheezy] - linux 3.2.53-1
-CVE-2014-1444
- [wheezy] - linux 3.2.53-1
-CVE-2013-4592
- [wheezy] - linux 3.2.53-1
-CVE-2013-6282
- [wheezy] - linux 3.2.53-1
-CVE-2013-6378
- [wheezy] - linux 3.2.53-1
-CVE-2013-6380
- [wheezy] - linux 3.2.53-1
-CVE-2013-6381
- [wheezy] - linux 3.2.53-1
-CVE-2013-6382
- [wheezy] - linux 3.2.53-1
CVE-2012-4412
[wheezy] - eglibc 2.13-38+deb7u1
CVE-2012-4424
@@ -82,18 +36,6 @@
[wheezy] - kfreebsd-8 8.3-6+deb7u1
CVE-2013-5710
[wheezy] - kfreebsd-8 8.3-6+deb7u1
-CVE-2013-4587
- [wheezy] - linux 3.2.54-1
-CVE-2013-6367
- [wheezy] - linux 3.2.54-1
-CVE-2013-4579
- [wheezy] - linux 3.2.54-1
-CVE-2013-6368
- [wheezy] - linux 3.2.54-1
-CVE-2014-1438
- [wheezy] - linux 3.2.54-1
-CVE-2014-1446
- [wheezy] - linux 3.2.54-1
CVE-2013-1896
[wheezy] - apache2 2.2.22-13+deb7u1
CVE-2013-1862
More information about the Secure-testing-commits
mailing list