[Secure-testing-commits] r29198 - data/CVE
Salvatore Bonaccorso
carnil at moszumanska.debian.org
Thu Oct 2 05:11:04 UTC 2014
Author: carnil
Date: 2014-10-02 05:11:03 +0000 (Thu, 02 Oct 2014)
New Revision: 29198
Modified:
data/CVE/list
Log:
Update entry for CVE-2014-7284/linux
Modified: data/CVE/list
===================================================================
--- data/CVE/list 2014-10-02 05:03:40 UTC (rev 29197)
+++ data/CVE/list 2014-10-02 05:11:03 UTC (rev 29198)
@@ -1,9 +1,10 @@
CVE-2014-7284 [linux kernel net_get_random_once bug]
- linux 3.16.2-1
- - linux-2.6 <removed>
+ [wheezy] - linux <not-affected> (Vulnerable code introduced in 3.13)
+ - linux-2.6 <not-affected> (Vulnerable code introduced in 3.13)
NOTE: Upstream fix: https://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=3d4405226d27b3a215e4d03cfa51f536244e5de7 (v3.15-rc7)
+ NOTE: Introduced by https://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=a48e42920ff38bc90bbf75143fff4555723d4540
NOTE: http://secondlookforensics.com/ngro-linux-kernel-bug/
- TODO: might not affect older releases, according to announce only 3.13 and 3.14.
CVE-2014-XXXX [OutputPage: Remove separation of css and js module allowance]
- mediawiki <unfixed>
NOTE: https://lists.wikimedia.org/pipermail/mediawiki-announce/2014-October/000163.html
More information about the Secure-testing-commits
mailing list