[Secure-testing-commits] r45050 - data/CVE
Salvatore Bonaccorso
carnil at moszumanska.debian.org
Wed Oct 5 04:47:22 UTC 2016
Author: carnil
Date: 2016-10-05 04:47:22 +0000 (Wed, 05 Oct 2016)
New Revision: 45050
Modified:
data/CVE/list
Log:
Triage CVE-2016-7117 and update fixing versions
Modified: data/CVE/list
===================================================================
--- data/CVE/list 2016-10-05 04:47:04 UTC (rev 45049)
+++ data/CVE/list 2016-10-05 04:47:22 UTC (rev 45050)
@@ -3702,11 +3702,10 @@
CVE-2016-7119 (Cross-site scripting (XSS) vulnerability in the user-profile biography ...)
TODO: check
CVE-2016-7117 [use after free in the recvmmsg exit path]
- - linux 4.5.5-1
- TODO: check if jessie is really affected
- NOTE: https://people.canonical.com/~ubuntu-security/cve/2016/CVE-2016-7117.html
- NOTE: according to this, 3.16.36 is affected: http://www.securityfocus.com/bid/93304/info
- NOTE: patch: http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=34b88a68f26a75e4fded796f1a49c40f82234b7d
+ - linux 4.5.2-1
+ [jessie] - linux 3.16.36-1
+ [wheezy] - linux 3.2.81-1
+ NOTE: Fixed by: https://git.kernel.org/linus/34b88a68f26a75e4fded796f1a49c40f82234b7d (4.6-rc1)
CVE-2016-7115 (Buffer overflow in the handle_packet function in mactelnet.c in the ...)
{DLA-639-1}
- mactelnet <unfixed> (bug #836320)
More information about the Secure-testing-commits
mailing list