[Secure-testing-commits] r28912 - data/CVE

[Salvatore Bonaccorso]

Author: carnil
Date: 2014-09-19 14:48:48 +0000 (Fri, 19 Sep 2014)
New Revision: 28912

Modified:
   data/CVE/list
Log:
Add fixed version for various linux CVEs

Modified: data/CVE/list
===================================================================
--- data/CVE/list	2014-09-19 14:22:16 UTC (rev 28911)
+++ data/CVE/list	2014-09-19 14:48:48 UTC (rev 28912)
@@ -477,21 +477,21 @@
 	TODO: check
 CVE-2014-6418 [libceph: missing validation of the auth reply]
 	RESERVED
-	- linux <unfixed>
+	- linux 3.16.3-1
 	- linux-2.6 <removed>
 	[squeeze] - linux-2.6 <not-affected> (Introduced in 2.6.34)
 	NOTE: Upstream fix: https://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=c27a3e4d667fdcad3db7b104f75659478e0c68d8 (v3.17-rc5)
 	NOTE: http://tracker.ceph.com/issues/8979
 CVE-2014-6417 [libceph: issue of incorrect handling of kmalloc failures]
 	RESERVED
-	- linux <unfixed>
+	- linux 3.16.3-1
 	- linux-2.6 <removed>
 	[squeeze] - linux-2.6 <not-affected> (Introduced in 2.6.34)
 	NOTE: Upstream fix: https://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=c27a3e4d667fdcad3db7b104f75659478e0c68d8 (v3.17-rc5)
 	NOTE: http://tracker.ceph.com/issues/8979
 CVE-2014-6416 [libceph: buffer overflow]
 	RESERVED
-	- linux <unfixed>
+	- linux 3.16.3-1
 	- linux-2.6 <removed>
 	[squeeze] - linux-2.6 <not-affected> (Introduced in 2.6.34)
 	NOTE: Upstream fix: https://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=c27a3e4d667fdcad3db7b104f75659478e0c68d8 (v3.17-rc5)
@@ -6858,7 +6858,7 @@
 	NOTE: Regression of fix for CVE-2013-6433, possibly Red Hat specific in RedHat Enterprise Open Stack Platform 5.0
 CVE-2014-3631 [keys: incorrect termination condition in assoc array garbage collection]
 	RESERVED
-	- linux 3.13-1
+	- linux 3.16.3-1
 	- linux-2.6 <removed>
 	NOTE: http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=b2a4df200d570b2c33a57e1ebfa5896e4bc81b69
 CVE-2014-3630