[Secure-testing-commits] r47227 - data/CVE
Salvatore Bonaccorso
carnil at moszumanska.debian.org
Mon Dec 19 18:49:10 UTC 2016
Author: carnil
Date: 2016-12-19 18:49:10 +0000 (Mon, 19 Dec 2016)
New Revision: 47227
Modified:
data/CVE/list
Log:
Mark 4.8.15-1 as released
Modified: data/CVE/list
===================================================================
--- data/CVE/list 2016-12-19 17:51:56 UTC (rev 47226)
+++ data/CVE/list 2016-12-19 18:49:10 UTC (rev 47227)
@@ -1393,7 +1393,7 @@
CVE-2016-9867
RESERVED
CVE-2016-9919 (The icmp6_send function in net/ipv6/icmp.c in the Linux kernel through ...)
- - linux <unfixed>
+ - linux 4.8.15-1
[jessie] - linux <not-affected> (Vulnerable code introduced later)
[wheezy] - linux <not-affected> (Vulnerable code introduced later)
NOTE: https://bugzilla.kernel.org/show_bug.cgi?id=189851
@@ -7637,7 +7637,7 @@
NOTE: http://seclists.org/oss-sec/2016/q4/576
CVE-2016-9793 [Linux: signed overflows for SO_{SND|RCV}BUFFORCE]
RESERVED
- - linux <unfixed>
+ - linux 4.8.15-1
NOTE: Fixed by: https://git.kernel.org/linus/b98b0bc8c431e3ceb4b26b0dfc8db509518fb290
CVE-2016-9775 [tomcat8: privilege escalation during package removal]
RESERVED
@@ -7659,7 +7659,7 @@
NOTE: http://www.openwall.com/lists/oss-security/2016/12/02/5
CVE-2016-9777 [kvm: out of bounds memory access via vcpu_id]
RESERVED
- - linux <unfixed>
+ - linux 4.8.15-1
[jessie] - linux <not-affected> (Vulnerable code introduced later)
[wheezy] - linux <not-affected> (Vulnerable code introduced later)
NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=1400804
@@ -7677,12 +7677,12 @@
NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=1400829
CVE-2016-9756 [kvm: stack memory information leakage]
RESERVED
- - linux <unfixed>
+ - linux 4.8.15-1
NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=1400468
NOTE: Fixed by: https://git.kernel.org/linus/2117d5398c81554fbf803f5fd1dc55eb78216c0c
CVE-2016-9755 [net: out-of-bounds due do a signedness issue when defragging ipv6]
RESERVED
- - linux <unfixed>
+ - linux 4.8.15-1
[jessie] - linux <not-affected> (Vulnerable code introduced later)
[wheezy] - linux <not-affected> (Vulnerable code introduced later)
NOTE: Fixed by: https://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=9b57da0630c9fd36ed7a20fc0f98dc82cc0777fa (v4.9-rc8)
@@ -8069,7 +8069,7 @@
RESERVED
CVE-2016-9576 [use-after-free in SCSI generic device interface]
RESERVED
- - linux <unfixed>
+ - linux 4.8.15-1
NOTE: https://marc.info/?l=linux-scsi&m=148010092224801&w=2
NOTE: https://gist.githubusercontent.com/dvyukov/80cd94b4e4c288f16ee4c787d404118b/raw/10536069562444da51b758bb39655b514ff93b45/gistfile1.txt
NOTE: Fixed by: https://git.kernel.org/linus/a0ac402cfcdc904f9772e1762b3fda112dcc56a0
@@ -11242,7 +11242,7 @@
RESERVED
NOT-FOR-US: Red Hat JBoss; jbossas init script
CVE-2016-8655 (Race condition in net/packet/af_packet.c in the Linux kernel through ...)
- - linux <unfixed>
+ - linux 4.8.15-1
[wheezy] - linux <no-dsa> (Minor issue)
NOTE: http://seclists.org/oss-sec/2016/q4/607
NOTE: Introduced by: https://git.kernel.org/linus/f6fb8f100b807378fda19e83e5ac6828b638603a (v3.2-rc1)
@@ -11353,7 +11353,7 @@
NOTE: https://git.kernel.org/linus/667121ace9dbafb368618dbabcf07901c962ddac
NOTE: https://eyalitkin.wordpress.com/2016/11/06/cve-publication-cve-2016-8633/
CVE-2016-8632 (The tipc_msg_build function in net/tipc/msg.c in the Linux kernel ...)
- - linux <unfixed>
+ - linux 4.8.15-1
[jessie] - linux <not-affected> (Vulnerable code introduced in 3.17-rc1)
[wheezy] - linux <not-affected> (Vulnerable code introduced in 3.17-rc1)
NOTE: https://www.mail-archive.com/netdev@vger.kernel.org/msg133205.html
@@ -12053,7 +12053,7 @@
RESERVED
CVE-2016-8399
RESERVED
- - linux <unfixed>
+ - linux 4.8.15-1
NOTE: Fixed by: https://git.kernel.org/linus/0eab121ef8750a5c8637d51534d5e9143fb0633f
CVE-2016-8398
RESERVED
More information about the Secure-testing-commits
mailing list