[Secure-testing-commits] r31646 - data/CVE
Salvatore Bonaccorso
carnil at moszumanska.debian.org
Sat Jan 24 18:43:42 UTC 2015
Author: carnil
Date: 2015-01-24 18:43:42 +0000 (Sat, 24 Jan 2015)
New Revision: 31646
Modified:
data/CVE/list
Log:
Mark CVE-2013-7421 and CVE-2014-9644 as not-affected
Left linux-2.6 as <removed> since linux-2.6/2.6.38-1 existed at one
point in the archive before the linux-2.6 -> linux source package
rename.
Modified: data/CVE/list
===================================================================
--- data/CVE/list 2015-01-24 18:34:29 UTC (rev 31645)
+++ data/CVE/list 2015-01-24 18:43:42 UTC (rev 31646)
@@ -14,12 +14,14 @@
CVE-2013-7421 [Linux kernel crypto api unprivileged arbitrary module load]
- linux <unfixed>
- linux-2.6 <removed>
+ [squeeze] - linux-2.6 <not-affected> (Introduced in v2.6.38-rc1)
NOTE: https://lkml.org/lkml/2013/3/4/70
NOTE: https://plus.google.com/+MathiasKrause/posts/PqFCo4bfrWu
NOTE: https://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=5d26a105b5a7 (v3.19-rc1)
CVE-2014-9644 [related to CVE-2013-7421, not handling crypto templates correctly]
- linux <unfixed>
- linux-2.6 <removed>
+ [squeeze] - linux-2.6 <not-affected> (Introduced in v2.6.38-rc1)
NOTE: https://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=4943ba16bbc2 (v3.19-rc1)
CVE-2014-9645 [modprobe wrongly accepts paths as module names]
- busybox <unfixed>
More information about the Secure-testing-commits
mailing list