[Secure-testing-commits] r44291 - data/CVE
Salvatore Bonaccorso
carnil at moszumanska.debian.org
Sat Sep 3 13:13:26 UTC 2016
Author: carnil
Date: 2016-09-03 13:13:25 +0000 (Sat, 03 Sep 2016)
New Revision: 44291
Modified:
data/CVE/list
Log:
Mark CVE-2016-3689 as fixed with 3.16.36-1
Rationale: With the DSA for linux based upon 3.16.36-1 (versioned
3.16.36-1+deb8u1) this fix will automatically included, and the version
appearing in the main archive will be as well 3.16.36-1. Thus IMHO it is
better to mark that version and not mention the CVE in the DSA, since
the driver is not enabled in Debian build.
Modified: data/CVE/list
===================================================================
--- data/CVE/list 2016-09-03 12:32:01 UTC (rev 44290)
+++ data/CVE/list 2016-09-03 13:13:25 UTC (rev 44291)
@@ -11090,7 +11090,7 @@
RESERVED
CVE-2016-3689 (The ims_pcu_parse_cdc_data function in drivers/input/misc/ims-pcu.c in ...)
- linux 4.5.1-1
- [jessie] - linux <no-dsa> (Driver is not enabled)
+ [jessie] - linux 3.16.36-1
[wheezy] - linux <not-affected> (Vulnerable code not present)
NOTE: Upstream fix: https://git.kernel.org/linus/a0ad220c96692eda76b2e3fd7279f3dcd1d8a8ff (v4.6-rc1)
NOTE: https://bugzilla.novell.com/show_bug.cgi?id=971628
More information about the Secure-testing-commits
mailing list