[Secure-testing-commits] r40927 - data/CVE

Thu Apr 14 14:42:07 UTC 2016

Author: jmm
Date: 2016-04-14 14:42:07 +0000 (Thu, 14 Apr 2016)
New Revision: 40927

Modified:
   data/CVE/list
Log:
more linux fixes in sid


Modified: data/CVE/list
===================================================================

--- data/CVE/list	2016-04-14 14:39:52 UTC (rev 40926)
+++ data/CVE/list	2016-04-14 14:42:07 UTC (rev 40927)
@@ -245,7 +245,7 @@
 	RESERVED
 CVE-2016-3951 [usbnet: memory corruption triggered by invalid USB descriptor]
 	RESERVED
-	- linux <unfixed>
+	- linux 4.5.1-1
 	NOTE: https://git.kernel.org/linus/4d06dd537f95683aba3651098ae288b7cbff8274 (v4.5)
 	NOTE: https://git.kernel.org/linus/1666984c8625b3db19a9abc298931d35ab7bc64b (v4.5)
 	NOTE: https://www.spinics.net/lists/netdev/msg367669.html
@@ -831,7 +831,7 @@
 	RESERVED
 CVE-2016-3689 [crash on invalid USB device descriptors (ims-pcu driver)]
 	RESERVED
-	- linux <unfixed>
+	- linux 4.5.1-1
 	NOTE: Upstream fix: https://git.kernel.org/linus/a0ad220c96692eda76b2e3fd7279f3dcd1d8a8ff (v4.6-rc1)
 	NOTE: https://bugzilla.novell.com/show_bug.cgi?id=971628
 	NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=1320060
@@ -892,7 +892,7 @@
 	RESERVED
 CVE-2015-8839 [ext4 data corruption due to punch hole races]
 	RESERVED
-	- linux <unfixed>
+	- linux 4.5.1-1
 	NOTE: https://git.kernel.org/linus/ea3d7209ca01da209cda6f0dea8be9cc4b7a933b (v4.5-rc1)
 	NOTE: https://git.kernel.org/linus/17048e8a083fec7ad841d88ef0812707fbc7e39f (v4.5-rc1)
 	NOTE: https://git.kernel.org/linus/32ebffd3bbb4162da5ff88f9a35dd32d0a28ea70 (v4.5-rc1)
@@ -2001,7 +2001,7 @@
 	NOTE: on later versions).  Ie for the second hunk in xsa172.patch (the only
 	NOTE: hunk in xsa172-4.3.patch), which patches the function xrstor.
 CVE-2016-3157 (The __switch_to function in arch/x86/kernel/process_64.c in the Linux ...)
-	- linux <unfixed>
+	- linux 4.5.1-1
 	NOTE: http://xenbits.xen.org/xsa/advisory-171.html
 	NOTE: https://git.kernel.org/linus/b7a584598aea7ca73140cb87b40319944dd3393f
 CVE-2016-3155 (Siemens APOGEE Insight uses weak permissions for the application ...)
@@ -2274,7 +2274,7 @@
 	NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=1283377
 CVE-2016-3138 [crash on invalid USB device descriptors (cdc_acm driver)]
 	RESERVED
-	- linux <unfixed> (low)
+	- linux 4.5.1-1 (low)
 	[jessie] - linux <no-dsa> (Minor issue)
 	[wheezy] - linux <no-dsa> (Minor issue)
 	NOTE: http://seclists.org/bugtraq/2016/Mar/54
@@ -5058,7 +5058,7 @@
 	RESERVED
 CVE-2016-2186 [Kernel panic on invalid USB device descriptor (powermate driver)]
 	RESERVED
-	- linux <unfixed> (low)
+	- linux 4.5.1-1 (low)
 	[jessie] - linux <no-dsa> (Minor issue)
 	[wheezy] - linux <no-dsa> (Minor issue)
 	NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=1317015
@@ -5067,7 +5067,7 @@
 	NOTE: http://marc.info/?l=linux-usb&m=145796479528669&w=2
 CVE-2016-2185 [Kernel panic on invalid USB device descriptor (ati_remote2 driver)]
 	RESERVED
-	- linux <unfixed> (low)
+	- linux 4.5.1-1 (low)
 	[jessie] - linux <no-dsa> (Minor issue)
 	[wheezy] - linux <no-dsa> (Minor issue)
 	NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=1317014
@@ -5075,7 +5075,7 @@
 	NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=1283363
 CVE-2016-2184 [Kernel panic on invalid USB device descriptor (snd_usb_audio driver)]
 	RESERVED
-	- linux <unfixed> (low)
+	- linux 4.5.1-1 (low)
 	[jessie] - linux <no-dsa> (Minor issue)
 	[wheezy] - linux <no-dsa> (Minor issue)
 	NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=1317012


