[Secure-testing-commits] r34694 - data/CVE

Salvatore Bonaccorso carnil at moszumanska.debian.org
Wed Jun 3 18:18:53 UTC 2015 

Author: carnil
Date: 2015-06-03 18:18:53 +0000 (Wed, 03 Jun 2015)
New Revision: 34694

Modified:
   data/CVE/list
Log:
Three more CVEs assigned for linux

Modified: data/CVE/list
===================================================================
--- data/CVE/list	2015-06-03 18:15:19 UTC (rev 34693)
+++ data/CVE/list	2015-06-03 18:18:53 UTC (rev 34694)
@@ -12,13 +12,25 @@
 	- sharutils <unfixed> (unimportant)
 	NOTE: Negligable security impact
 	NOTE: CVE Request: http://www.openwall.com/lists/oss-security/2015/06/02/8
-CVE-2015-XXXX [fs: udf heap overflow in __udf_adinicb_readpage]
+CVE-2014-9730 [properly ignore component length for component types that do not use it]
 	- linux 4.0.2-1
 	- linux-2.6 <removed>
+	NOTE: https://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=e237ec37ec154564f8690c5bd1795339955eeef9 (v3.19-rc3)
+	NOTE: http://www.openwall.com/lists/oss-security/2015/06/02/7
+	TODO: check remaining affected versions
+CVE-2014-9729 [iinfo->i_lenAlloc != inode->i_size]
+	- linux 4.0.2-1
+	- linux-2.6 <removed>
 	NOTE: https://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=e159332b9af4b04d882dbcfe1bb0117f0a6d4b58 (v3.19-rc3)
+	NOTE: http://www.openwall.com/lists/oss-security/2015/06/02/7
+	TODO: check remaining affected versions
+CVE-2014-9728 [length can be too long (addressed in three commits)]
+	- linux 4.0.2-1
+	- linux-2.6 <removed>
+	NOTE: https://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=e159332b9af4b04d882dbcfe1bb0117f0a6d4b58 (v3.19-rc3)
 	NOTE: https://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=e237ec37ec154564f8690c5bd1795339955eeef9 (v3.19-rc3)
 	NOTE: https://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=a1d47b262952a45aae62bd49cfaf33dd76c11a2c (v3.19-rc3)
-	NOTE: CVE Request: http://www.openwall.com/lists/oss-security/2015/06/02/7
+	NOTE: http://www.openwall.com/lists/oss-security/2015/06/02/7
 	TODO: check remaining affected versions
 CVE-2015-4167 [fs: udf kernel oops]
 	- linux 4.0.2-1

More information about the Secure-testing-commits mailing list