[Secure-testing-commits] r33545 - data/CVE

Mon Apr 13 05:10:09 UTC 2015

Author: carnil
Date: 2015-04-13 05:10:09 +0000 (Mon, 13 Apr 2015)
New Revision: 33545

Modified:
   data/CVE/list
Log:
Remove explicity unfixed tagged entries in wheezy and squeeze

Modified: data/CVE/list
===================================================================

--- data/CVE/list	2015-04-12 21:25:13 UTC (rev 33544)
+++ data/CVE/list	2015-04-13 05:10:09 UTC (rev 33545)
@@ -456,9 +456,7 @@
 CVE-2015-2922 [IPv6 Hop limit lowering via RA messages]
 	RESERVED
 	- linux 3.16.7-ckt9-1
-	[wheezy] - linux <unfixed>
 	- linux-2.6 <removed>
-	[squeeze] - linux-2.6 <unfixed>
 	NOTE: Upstream commit: https://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=6fd99094de2b83d1d4c8457f2c83483b2828e75a
 CVE-2015-2829
 	RESERVED
@@ -503,9 +501,7 @@
 CVE-2015-2830 [Linux mishandles int80 fork from 64-bit tasks]
 	RESERVED
 	- linux 3.16.7-ckt9-1
-	[wheezy] - linux <unfixed>
 	- linux-2.6 <removed>
-	[squeeze] - linux-2.6 <unfixed>
 	NOTE: Upstream commit: https://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=956421fbb74c3a6261903f3836c0740187cf038b (v4.0-rc3)
 	NOTE: http://www.openwall.com/lists/oss-security/2015/04/02/1
 CVE-2015-XXXX [Signature Bypass in several JSON Web Token Libraries]
@@ -1953,7 +1949,6 @@
 	RESERVED
 	- linux 3.2.20-1
 	- linux-2.6 3.2.1-1
-	[squeeze] - linux-2.6 <unfixed>
 	NOTE: Upstream fix: https://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=c290f8358acaeffd8e0c551ddcc24d1206143376 (v3.2-rc1)
 	NOTE: Introduced by: https://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=4a2b5fddd53b80efcb3266ee36e23b8de28e761a (v2.6.28-rc1)
 	NOTE: 3.2.20-1 is the first version after the src:linux-2.6 -> src:linux rename.
@@ -3704,7 +3699,6 @@
 	{DSA-3170-1}
 	- linux 3.16.7-ckt4-1
 	- linux-2.6 <removed>
-	[squeeze] - linux-2.6 <unfixed>
 	NOTE: Upstream fix: https://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=942080643bce061c3dd9d5718d3b745dcb39a8bc (v3.19-rc1)
 CVE-2013-7436 [session hijack through insecurely set session token cookies]
 	RESERVED
@@ -4262,7 +4256,6 @@
 	- linux 3.6.4-1
 	[wheezy] - linux 3.2.30-1
 	- linux-2.6 <removed>
-	[squeeze] - linux-2.6 <unfixed>
 	NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=848949
 	NOTE: http://www.openwall.com/lists/oss-security/2015/02/06/13
 	NOTE: Upstream commit: https://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=20e1db19db5d6b9e4e83021595eab0dc8f107bef (v3.6-rc5)
@@ -12597,9 +12590,7 @@
 	NOTE: http://www.spinics.net/lists/netfilter-devel/msg33430.html
 CVE-2014-8159 (The InfiniBand (IB) implementation in the Linux kernel package before ...)
 	- linux 3.16.7-ckt9-1
-	[wheezy] - linux <unfixed>
 	- linux-2.6 <removed>
-	[squeeze] - linux-2.6 <unfixed>
 CVE-2014-8158 (Multiple stack-based buffer overflows in jpc_qmfb.c in JasPer 1.900.1 ...)
 	{DSA-3138-1 DLA-138-1}
 	- jasper 1.900.1-debian1-2.4 (bug #775970)
@@ -25120,7 +25111,6 @@
 	- linux 3.16.2-2
 	[wheezy] - linux 3.2.63-1
 	- linux-2.6 <removed>
-	[squeeze] - linux-2.6 <unfixed>
 	NOTE: https://code.google.com/p/google-security-research/issues/detail?id=91
 	NOTE: Upstream fix: https://git.kernel.org/linus/4ab25786c87eb20857bbb715c3ae34ec8fd6a214 (v3.17-rc2)
 CVE-2014-3183 (Heap-based buffer overflow in the logi_dj_ll_raw_request function in ...)


