[Secure-testing-commits] r29196 - data/CVE

Salvatore Bonaccorso carnil at moszumanska.debian.org
Thu Oct 2 05:02:58 UTC 2014


Author: carnil
Date: 2014-10-02 05:02:58 +0000 (Thu, 02 Oct 2014)
New Revision: 29196

Modified:
   data/CVE/list
Log:
Add new kernel issue

Modified: data/CVE/list
===================================================================
--- data/CVE/list	2014-10-02 04:54:35 UTC (rev 29195)
+++ data/CVE/list	2014-10-02 05:02:58 UTC (rev 29196)
@@ -1,3 +1,9 @@
+CVE-2014-XXXX [linux kernel net_get_random_once bug]
+	- linux 3.16.2-1
+	- linux-2.6 <removed>
+	NOTE: Upstream fix: https://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=3d4405226d27b3a215e4d03cfa51f536244e5de7 (v3.15-rc7)
+	NOTE: http://secondlookforensics.com/ngro-linux-kernel-bug/
+	TODO: might not affect older releases, according to announce only 3.13 and 3.14.
 CVE-2014-XXXX [OutputPage: Remove separation of css and js module allowance]
 	- mediawiki <unfixed>
 	NOTE: https://lists.wikimedia.org/pipermail/mediawiki-announce/2014-October/000163.html




More information about the Secure-testing-commits mailing list