[Secure-testing-commits] r42134 - data/CVE

Salvatore Bonaccorso carnil at moszumanska.debian.org
Mon May 30 04:50:36 UTC 2016 

Author: carnil
Date: 2016-05-30 04:50:36 +0000 (Mon, 30 May 2016)
New Revision: 42134

Modified:
   data/CVE/list
Log:
Add fixed version for some CVEs for src:linux

Modified: data/CVE/list
===================================================================
--- data/CVE/list	2016-05-30 04:48:08 UTC (rev 42133)
+++ data/CVE/list	2016-05-30 04:50:36 UTC (rev 42134)
@@ -532,7 +532,7 @@
 	NOTE: https://lists.gnu.org/archive/html/qemu-devel/2016-05/msg03774.html
 	NOTE: Introduced in: http://git.qemu.org/?p=qemu.git;a=commit;h=881d588a98bf0dce98ddb65c15aa0854c0ac41ed (v1.5.0-rc0)
 CVE-2016-4951 (The tipc_nl_publ_dump function in net/tipc/socket.c in the Linux ...)
-	- linux <unfixed>
+	- linux 4.5.5-1
 	[jessie] - linux <not-affected> (Introduced in 3.19)
 	[wheezy] - linux <not-affected> (Introduced in 3.19)
 	NOTE: http://lists.openwall.net/netdev/2016/05/14/28
@@ -1302,7 +1302,7 @@
 CVE-2016-4582
 	RESERVED
 CVE-2016-4580 (The x25_negotiate_facilities function in net/x25/x25_facilities.c in ...)
-	- linux <unfixed>
+	- linux 4.5.5-1
 	NOTE: Fixed by: https://git.kernel.org/linus/79e48650320e6fba48369fccf13fd045315b19b8 (v4.6)
 CVE-2016-4577 (Buffer overflow in the Smart DNS functionality in the Huawei NGFW ...)
 	TODO: check
@@ -1345,12 +1345,12 @@
 	NOTE: Fixed by: http://git.gnupg.org/cgi-bin/gitweb.cgi?p=libksba.git;a=commit;h=6be61daac047d8e6aa941eb103f8e71a1d4e3c75
 	NOTE: Introduced by: http://git.gnupg.org/cgi-bin/gitweb.cgi?p=libksba.git;a=commit;h=243d12fdec66a4360fbb3e307a046b39b5b4ffc3
 CVE-2016-4578 (sound/core/timer.c in the Linux kernel through 4.6 does not initialize ...)
-	- linux <unfixed>
+	- linux 4.5.5-1
 	NOTE: https://git.kernel.org/cgit/linux/kernel/git/tiwai/sound.git/commit/?h=for-next&id=9a47e9cff994f37f7f0dbd9ae23740d0f64f9fe6
 	NOTE: https://git.kernel.org/cgit/linux/kernel/git/tiwai/sound.git/commit/?h=for-next&id=e4ec8cc8039a7063e24204299b462bd1383184a5
 	NOTE: Both commits not yet in Linus tree
 CVE-2016-4569 (The snd_timer_user_params function in sound/core/timer.c in the Linux ...)
-	- linux <unfixed>
+	- linux 4.5.5-1
 	NOTE: http://comments.gmane.org/gmane.linux.kernel/2214250
 	NOTE: https://git.kernel.org/cgit/linux/kernel/git/tiwai/sound.git/commit/?h=for-next&id=cec8f96e49d9be372fdb0c3836dcf31ec71e457e (not yet merged in Linus tree)
 CVE-2016-4564
@@ -1835,7 +1835,7 @@
 	NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=1337505
 CVE-2016-4440 [kvm: vmx: incorrect state update leading to MSR access]
 	RESERVED
-	- linux <unfixed>
+	- linux 4.5.5-1
 	[jessie] - linux <not-affected> (Introduced in 4.5)
 	[wheezy] - linux <not-affected> (Introduced in 4.5)
 	NOTE: Upstream patch: http://permalink.gmane.org/gmane.comp.emulators.kvm.devel/152191
@@ -1912,7 +1912,7 @@
 	[jessie] - dotclear <no-dsa> (Minor issue)
 	NOTE: CVE Request: http://www.openwall.com/lists/oss-security/2016/05/04/9
 CVE-2016-4482 (The proc_connectinfo function in drivers/usb/core/devio.c in the Linux ...)
-	- linux <unfixed>
+	- linux 4.5.5-1
 	NOTE: http://www.spinics.net/lists/linux-usb/msg140243.html
 	NOTE: http://www.openwall.com/lists/oss-security/2016/05/04/2
 CVE-2016-4483

More information about the Secure-testing-commits mailing list