[Secure-testing-commits] r31366 - data/CVE

Salvatore Bonaccorso carnil at moszumanska.debian.org
Fri Jan 16 04:47:02 UTC 2015 

Author: carnil
Date: 2015-01-16 04:47:02 +0000 (Fri, 16 Jan 2015)
New Revision: 31366

Modified:
   data/CVE/list
Log:
Add fixed version for linux upload to unstable

Modified: data/CVE/list
===================================================================
--- data/CVE/list	2015-01-15 22:03:40 UTC (rev 31365)
+++ data/CVE/list	2015-01-16 04:47:02 UTC (rev 31366)
@@ -1218,7 +1218,7 @@
 CVE-2015-0565
 	RESERVED
 CVE-2014-9585 (The vdso_addr function in arch/x86/vdso/vma.c in the Linux kernel ...)
-	- linux <unfixed>
+	- linux 3.16.7-ckt4-1
 	- linux-2.6 <removed>
 	NOTE: https://git.kernel.org/cgit/linux/kernel/git/tip/tip.git/commit/?id=fbe1bf140671619508dfa575d74a185ae53c5dbb
 	NOTE: http://marc.info/?l=linux-kernel&m=141911002822659&w=2
@@ -1665,7 +1665,7 @@
 	TODO: check
 CVE-2014-9584 (The parse_rock_ridge_inode_internal function in fs/isofs/rock.c in the ...)
 	{DSA-3128-1}
-	- linux <unfixed>
+	- linux 3.16.7-ckt4-1
 	- linux-2.6 <removed>
 	NOTE: Upstream fix: https://git.kernel.org/linus/4e2024624e678f0ebb916e6192bd23c1f9fdf696 (v3.19-rc3)
 CVE-2015-1038 [directory traversal]
@@ -1751,7 +1751,7 @@
 	- arj <unfixed> (bug #774434)
 CVE-2014-9529 (Race condition in the key_gc_unused_keys function in ...)
 	{DSA-3128-1}
-	- linux <unfixed>
+	- linux 3.16.7-ckt4-1
 	- linux-2.6 <removed>
 	NOTE: http://marc.info/?l=linux-kernel&m=141986398232547&w=2
 	NOTE: http://marc.info/?l=linux-kernel&m=142047362307894&w=2
@@ -1838,7 +1838,7 @@
 	- libnokogiri-ruby <removed>
 	NOTE: https://github.com/sparklemotion/nokogiri/issues/693
 CVE-2014-9428 (The batadv_frag_merge_packets function in ...)
-	- linux <unfixed> (bug #774155)
+	- linux 3.16.7-ckt4-1 (bug #774155)
 	[wheezy] - linux <not-affected> (Introduced in 3.13)
 	- linux-2.6 <not-affected> (Introduced in 3.13)
 	NOTE: http://thread.gmane.org/gmane.linux.network/343494
@@ -2350,11 +2350,11 @@
 	NOTE: https://phabricator.wikimedia.org/T77028
 CVE-2014-9419 (The __switch_to function in arch/x86/kernel/process_64.c in the Linux ...)
 	{DSA-3128-1}
-	- linux <unfixed>
+	- linux 3.16.7-ckt4-1
 	- linux-2.6 <removed>
 	NOTE: https://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/arch/x86?id=f647d7c155f069c1a068030255c300663516420e (v3.19-rc1)
 CVE-2014-9420 (The rock_continue function in fs/isofs/rock.c in the Linux kernel ...)
-	- linux <unfixed>
+	- linux 3.16.7-ckt4-1
 	[wheezy] - linux 3.2.65-1
 	- linux-2.6 <removed>
 	NOTE: Upstream fix: https://git.kernel.org/linus/f54e18f1b831c92f6512d2eedb224cd63d607d3d (v3.19-rc1)
@@ -4239,7 +4239,7 @@
 CVE-2014-8994 (The check_diskio plugin 3.2.6 and earlier for Nagios and Icinga allows ...)
 	NOT-FOR-US: check_diskio nagios/icinga plugin
 CVE-2014-8989 (The Linux kernel through 3.17.4 does not properly restrict dropping of ...)
-	- linux <unfixed>
+	- linux 3.16.7-ckt4-1
 	[wheezy] - linux <not-affected> (User namespaces only usable in later kernels)
 	- linux-2.6 <not-affected> (User namespaces only usable in later kernels)
 	NOTE: http://thread.gmane.org/gmane.linux.man/7385/
@@ -5474,7 +5474,7 @@
 	NOTE: also required: https://github.com/axkibe/lsyncd/commit/e9ffda07f0145f50f2756f8ee3fb0775b455122b
 	NOTE: the initial commit would be an incomplete fix and needs additional changes
 CVE-2014-8559 (The d_walk function in fs/dcache.c in the Linux kernel through 3.17.2 ...)
-	- linux <unfixed>
+	- linux 3.16.7-ckt4-1
 	- linux-2.6 <not-affected> (Introduced in 2.6.38)
 	NOTE: References in http://www.openwall.com/lists/oss-security/2014/10/30/7
 	NOTE: Upstream fix: https://git.kernel.org/linus/ca5358ef75fc69fee5322a38a340f5739d997c10 (v3.19-rc1)
@@ -6347,7 +6347,7 @@
 	RESERVED
 CVE-2014-8160 [iptables restriction bypass if a protocol handler kernel module not loaded]
 	RESERVED
-	- linux <unfixed>
+	- linux 3.16.7-ckt4-1
 	- linux-2.6 <removed>
 	NOTE: Upstream commit: https://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=db29a9508a9246e77087c5531e45b2c88ec6988b (v3.18-rc1)
 	NOTE: http://www.spinics.net/lists/netfilter-devel/msg33430.html
@@ -6442,13 +6442,13 @@
 	NOTE: Upstream fix: http://libvirt.org/git/?p=libvirt.git;a=commit;h=87b9437f8951f9d24f9a85c6bbfff0e54df8c984 (v1.2.11-rc1)
 	NOTE: Introduced by http://libvirt.org/git/?p=libvirt.git;a=commitdiff;h=4a85bf3e2fa703fdc14e8c49d5017ef04832a1d7 (v1.2.8-rc1)
 CVE-2014-8134 (The paravirt_ops_setup function in arch/x86/kernel/kvm.c in the Linux ...)
-	- linux <unfixed>
+	- linux 3.16.7-ckt4-1
 	[wheezy] - linux 3.2.65-1
 	- linux-2.6 <removed>
 	NOTE: http://www.spinics.net/lists/kvm/msg111458.html
 CVE-2014-8133 (arch/x86/kernel/tls.c in the Thread Local Storage (TLS) implementation ...)
 	{DSA-3128-1}
-	- linux <unfixed>
+	- linux 3.16.7-ckt4-1
 	- linux-2.6 <removed>
 	NOTE: https://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/arch/x86?id=41bdc78544b8a93a9c6814b8bbbfef966272abbe
 CVE-2014-8132 (Double free vulnerability in the ssh_packet_kexinit function in kex.c ...)

More information about the Secure-testing-commits mailing list