[Secure-testing-commits] r38675 - in data: . CVE

Ben Hutchings benh at moszumanska.debian.org
Sun Jan 3 23:59:02 UTC 2016 

Author: benh
Date: 2016-01-03 23:59:02 +0000 (Sun, 03 Jan 2016)
New Revision: 38675

Modified:
   data/CVE/list
   data/dla-needed.txt
Log:
Triage linux-2.6 issues for squeeze

Several were already marked ignored in kernel-sec.
The remainder have no fix available but might yet be fixed.


Modified: data/CVE/list
===================================================================
--- data/CVE/list	2016-01-03 23:57:33 UTC (rev 38674)
+++ data/CVE/list	2016-01-03 23:59:02 UTC (rev 38675)
@@ -1623,6 +1623,7 @@
 	RESERVED
 	- linux <unfixed>
 	- linux-2.6 <removed>
+	[squeeze] - linux-2.6 <no-dsa> (Xen not supported in Squeeze LTS)
 	NOTE: CVE for the incomplete patches from XSA-120 and supplied in
 	NOTE: XSA-120 v5+ addendum patch.
 	NOTE: Cf. https://bugzilla.redhat.com/show_bug.cgi?id=1289128#c2
@@ -3710,6 +3711,7 @@
 	[jessie] - linux 3.16.7-ckt20-1+deb8u1
 	[wheezy] - linux <no-dsa> (Minor issue, BTRFS only tech-preview in wheezy; can be fixed in a point release)
 	- linux-2.6 <removed>
+	[squeeze] - linux-2.6 <no-dsa> (btrfs in 2.6.32 is just a tech preview and not usable for production)
 	NOTE: https://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=0305cd5f7fca85dae392b9ba85b116896eb7c1c7 (v4.4-rc1)
 	NOTE: http://www.openwall.com/lists/oss-security/2015/11/27/2
 	NOTE: CVE assignment for the vulnerability with the impact of "User B now
@@ -6176,6 +6178,7 @@
 	RESERVED
 	- linux 4.3.3-3
 	- linux-2.6 <removed>
+	[squeeze] - linux-2.6 <no-dsa> (KVM not supported in Squeeze LTS)
 	NOTE:  https://git.kernel.org/linus/0185604c2d82c560dab2f2933a18f797e74ab5a8 (v4.4-rc7)
 CVE-2015-7512 [net: pcnet: buffer overflow in non-loopback mode]
 	RESERVED

Modified: data/dla-needed.txt
===================================================================
--- data/dla-needed.txt	2016-01-03 23:57:33 UTC (rev 38674)
+++ data/dla-needed.txt	2016-01-03 23:59:02 UTC (rev 38675)
@@ -28,6 +28,8 @@
   NOTE: a fix is probably not trivial, as thread safety has to be backported to 0.9.7
   NOTE: possibly ending up in ABI breakage, second opinion welcome!
 --
+linux-2.6 (Ben Hutchings)
+--
 lxc (Mike Gabriel)
 --
 macopix (Paul Liu)

More information about the Secure-testing-commits mailing list