[Secure-testing-commits] r36844 - data/CVE
Salvatore Bonaccorso
carnil at moszumanska.debian.org
Sat Sep 26 17:17:53 UTC 2015
Author: carnil
Date: 2015-09-26 17:17:53 +0000 (Sat, 26 Sep 2015)
New Revision: 36844
Modified:
data/CVE/list
Log:
Three CVEs in linux fixed in unstable
Modified: data/CVE/list
===================================================================
--- data/CVE/list 2015-09-26 17:16:06 UTC (rev 36843)
+++ data/CVE/list 2015-09-26 17:17:53 UTC (rev 36844)
@@ -1089,7 +1089,7 @@
CVE-2015-6937 [NULL pointer dereference in net/rds/connection.c]
RESERVED
{DSA-3364-1 DLA-310-1}
- - linux <unfixed>
+ - linux 4.2.1-1
- linux-2.6 <removed>
NOTE: Fixed by: https://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=74e98eb085889b0d2d4908f59f6e00026063014f (v4.3-rc1)
CVE-2015-6908 (The ber_get_next function in libraries/liblber/io.c in OpenLDAP 2.4.42 ...)
@@ -5131,7 +5131,7 @@
RESERVED
CVE-2015-5257 [USB: whiteheat: potential null-deref at probe]
RESERVED
- - linux <unfixed>
+ - linux 4.2.1-1
- linux-2.6 <removed>
NOTE: Patch: https://marc.info/?l=linux-usb&m=144303376328355
CVE-2015-5256
@@ -11942,7 +11942,7 @@
NOTE: libv8 is not covered by security support
CVE-2015-2925 [It is possible to escape from bind mounts]
RESERVED
- - linux <unfixed>
+ - linux 4.2.1-1
[jessie] - linux 3.16.7-ckt11-1+deb8u4
[wheezy] - linux <not-affected> (user namespaces known broken before 3.5, see kernel-sec info)
- linux-2.6 <not-affected> (user namespaces known broken before 3.5, see kernel-sec info)
More information about the Secure-testing-commits
mailing list