[Secure-testing-commits] r29088 - data/CVE

Moritz Muehlenhoff jmm at moszumanska.debian.org
Fri Sep 26 20:04:56 UTC 2014 

Author: jmm
Date: 2014-09-26 20:04:56 +0000 (Fri, 26 Sep 2014)
New Revision: 29088

Modified:
   data/CVE/list
Log:
kernel updates


Modified: data/CVE/list
===================================================================
--- data/CVE/list	2014-09-26 19:57:28 UTC (rev 29087)
+++ data/CVE/list	2014-09-26 20:04:56 UTC (rev 29088)
@@ -4813,7 +4813,8 @@
 	RESERVED
 CVE-2014-5045 (The mountpoint_last function in fs/namei.c in the Linux kernel before ...)
 	- linux 3.14.15-1
-	- linux-2.6 <removed>
+	[wheezy] - linux <not-affected> (Introduced in 3.12)
+	- linux-2.6 <not-affected> (Introduced in 3.12)
 	NOTE: https://lkml.org/lkml/2014/7/21/98
 CVE-2014-5044 [gfortran integer overflows]
 	RESERVED
@@ -5863,7 +5864,7 @@
 	- libav 6:10.2-1
 	NOTE: http://git.libav.org/?p=libav.git;a=commit;h=ccda51b14c0fcae2fad73a24872dce75a7964996
 CVE-2014-4608 (** DISPUTED ** Multiple integer overflows in the lzo1x_decompress_safe ...)
-	- linux 3.14.9-1
+	- linux 3.14.9-1 (unimportant)
 	- linux-2.6 <removed> (unimportant)
 	NOTE: http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=206a81c18401c0cde6e579164f752c4b147324ce
 	NOTE: Not exploitable with the block sizes used in kernel images
@@ -8203,6 +8204,7 @@
 	NOT-FOR-US: OpenShift
 CVE-2014-3601 (The kvm_iommu_map_pages function in virt/kvm/iommu.c in the Linux ...)
 	- linux 3.16.2-1
+	[wheezy] - linux <no-dsa> (Will be fixed in next point release)
 	- linux-2.6 <removed>
 	[squeeze] - linux-2.6 <end-of-life> (Unsupported in squeeze-lts)
 	NOTE: https://git.kernel.org/cgit/virt/kvm/kvm.git/commit/?id=350b8bdd689cd2ab2c67c8a86a0be86cfa0751a7
@@ -18109,7 +18111,7 @@
 	- linux 3.14.9-1 (bug #746738)
 	- linux-2.6 <removed>
 	[squeeze] - linux-2.6 <no-dsa> (Too intrusive to backport to 2.6.32)
-	[wheezy] - linux-2.6 <no-dsa> (Too intrusive to backport to 3.2)
+	[wheezy] - linux <no-dsa> (Too intrusive to backport to 3.2)
 CVE-2014-0180 (The wait_for_task function in ...)
 	NOT-FOR-US: RedHat CloudForms Management Engine
 CVE-2014-0179 (libvirt 0.7.5 through 1.2.x before 1.2.5 allows local users to cause a ...)

More information about the Secure-testing-commits mailing list