[Secure-testing-commits] r29199 - data/CVE
Salvatore Bonaccorso
carnil at moszumanska.debian.org
Thu Oct 2 05:33:50 UTC 2014
Author: carnil
Date: 2014-10-02 05:33:50 +0000 (Thu, 02 Oct 2014)
New Revision: 29199
Modified:
data/CVE/list
Log:
Add CVE-2014-7283/linux
Modified: data/CVE/list
===================================================================
--- data/CVE/list 2014-10-02 05:11:03 UTC (rev 29198)
+++ data/CVE/list 2014-10-02 05:33:50 UTC (rev 29199)
@@ -5,6 +5,13 @@
NOTE: Upstream fix: https://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=3d4405226d27b3a215e4d03cfa51f536244e5de7 (v3.15-rc7)
NOTE: Introduced by https://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=a48e42920ff38bc90bbf75143fff4555723d4540
NOTE: http://secondlookforensics.com/ngro-linux-kernel-bug/
+CVE-2014-7283 [xfs directory hash ordering bug]
+ - linux 3.16.2-1
+ [wheezy] - linux <not-affected> (Vulnerable code introduced in 3.10 upstream)
+ - linux-2.6 <not-affected> (Vulnerable code introduced in 3.10 upstream)
+ NOTE: Upstream fix: https://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=c88547a8119e3b581318ab65e9b72f27f23e641d (v3.15-rc1)
+ NOTE: http://marc.info/?l=linux-xfs&m=139590613002926&w=2
+ NOTE: Reproducer: http://oss.sgi.com/cgi-bin/gitweb.cgi?p=xfs/cmds/xfstests.git;a=commitdiff;h=947ee8bd4b59770534297572b14c695e9c6e001e
CVE-2014-XXXX [OutputPage: Remove separation of css and js module allowance]
- mediawiki <unfixed>
NOTE: https://lists.wikimedia.org/pipermail/mediawiki-announce/2014-October/000163.html
More information about the Secure-testing-commits
mailing list