[Secure-testing-commits] r35877 - data/CVE
Moritz Muehlenhoff
jmm at moszumanska.debian.org
Tue Aug 4 11:38:10 UTC 2015
Author: jmm
Date: 2015-08-04 11:38:10 +0000 (Tue, 04 Aug 2015)
New Revision: 35877
Modified:
data/CVE/list
Log:
linux fixed
record status of aslr issue in 3.2.x
Modified: data/CVE/list
===================================================================
--- data/CVE/list 2015-08-04 11:13:09 UTC (rev 35876)
+++ data/CVE/list 2015-08-04 11:38:10 UTC (rev 35877)
@@ -258,7 +258,7 @@
RESERVED
CVE-2015-5697 [information leak in md driver]
RESERVED
- - linux <unfixed>
+ - linux 4.1.3-1
- linux-2.6 <removed>
NOTE: https://git.kernel.org/cgit/linux/kernel/git/next/linux-next.git/commit/?id=77ba0569d4c8389c0a2162ab0c7c16a6f3b199e4
NOTE: http://www.openwall.com/lists/oss-security/2015/07/28/2
@@ -11397,7 +11397,7 @@
[squeeze] - linux-2.6 <not-affected> (powerpc not supported in Squeeze LTS)
NOTE: http://hmarco.org/bugs/linux-ASLR-reducing-mmap-by-half.html
NOTE: arm64 affected from v3.7 to v3.18 (fixed in 3.16.7-ckt12)
- NOTE: powerpc affected from v2.6.30 to 3.2
+ NOTE: powerpc affected from v2.6.30 to 3.2 (pending for 3.2.70)
NOTE: Fix for arm64: http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=d6c763afab
NOTE: Fix for ppc: http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?fa8cbaaf5a68
CVE-2015-2060 [directory traversal; related to overlong utf-8 encoding for /]
@@ -12498,7 +12498,7 @@
[squeeze] - lxc <not-affected> (Affects 0.9.0 and higher)
CVE-2015-1333 [Linux: keyring DoS]
RESERVED
- - linux <unfixed>
+ - linux 4.1.3-1
[wheezy] - linux <not-affected> (Introduced in 3.13)
- linux-2.6 <not-affected> (Introduced in 3.13)
NOTE: Introduced by https://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=034faeb9ef390d58239e1dce748143f6b35a0d9b (v3.13-rc1)
More information about the Secure-testing-commits
mailing list