[Secure-testing-commits] r32764 - data/CVE

Ben Hutchings benh at moszumanska.debian.org
Tue Mar 10 21:53:49 UTC 2015 

Author: benh
Date: 2015-03-10 21:53:49 +0000 (Tue, 10 Mar 2015)
New Revision: 32764

Modified:
   data/CVE/list
Log:
Mark the linux-2.6 issues not planned to be fixed in squeeze-lts as <no-dsa>

Modified: data/CVE/list
===================================================================
--- data/CVE/list	2015-03-10 21:10:14 UTC (rev 32763)
+++ data/CVE/list	2015-03-10 21:53:49 UTC (rev 32764)
@@ -6052,9 +6052,8 @@
 	{DSA-3128-1}
 	- linux 3.16.7-ckt4-1
 	- linux-2.6 <removed>
-	[squeeze] - linux-2.6 <unfixed>
+	[squeeze] - linux-2.6 <no-dsa> (Too risky to backport)
 	NOTE: https://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/arch/x86?id=f647d7c155f069c1a068030255c300663516420e (v3.19-rc1)
-	NOTE: No plan to fix in squeeze as it is too risky to backport
 CVE-2014-9420 (The rock_continue function in fs/isofs/rock.c in the Linux kernel ...)
 	{DLA-155-1}
 	- linux 3.16.7-ckt4-1
@@ -7054,9 +7053,8 @@
 CVE-2010-5313 (Race condition in arch/x86/kvm/x86.c in the Linux kernel before 2.6.38 ...)
 	- linux 2.6.38-1
 	- linux-2.6 2.6.38-1
-	[squeeze] - linux-2.6 <unfixed>
+	[squeeze] - linux-2.6 <no-dsa> (KVM not supported in Squeeze LTS)
 	NOTE: https://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=fc3a9157d314 (v2.6.38-rc1)
-	NOTE: KVM not supported in Squeeze LTS
 CVE-2014-9156 (The FileField module 6.x-3.x before 6.x-3.13 for Drupal does not ...)
 	NOT-FOR-US: Drupal module FileField
 CVE-2014-9129 (Cross-site request forgery (CSRF) vulnerability in the CreativeMinds ...)
@@ -7527,11 +7525,10 @@
 	{DSA-3170-1}
 	- linux 3.16.7-ckt4-2
 	- linux-2.6 <removed>
-	[squeeze] - linux-2.6 <unfixed>
+	[squeeze] - linux-2.6 <no-dsa> (KVM not supported in Squeeze LTS)
 	NOTE: Introduced by: https://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=8c60435261deaefeb53ce3222d04d7d5bea81296
 	NOTE: Fixed by: https://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=f3747379accba8e95d70cec0eae0582c8c182050
 	NOTE: http://permalink.gmane.org/gmane.linux.kernel.commits.head/502245
-	NOTE: KVM not supported in Squeeze LTS
 CVE-2015-0238
 	RESERVED
 	NOT-FOR-US: selinux-policy as shipped with Red Hat OpenShift 2

More information about the Secure-testing-commits mailing list