[Secure-testing-commits] r50818 - data/CVE

Salvatore Bonaccorso carnil at moszumanska.debian.org
Thu Apr 20 04:33:53 UTC 2017 

Author: carnil
Date: 2017-04-20 04:33:53 +0000 (Thu, 20 Apr 2017)
New Revision: 50818

Modified:
   data/CVE/list
Log:
Fix information with kernel-sec

Modified: data/CVE/list
===================================================================
--- data/CVE/list	2017-04-20 04:33:45 UTC (rev 50817)
+++ data/CVE/list	2017-04-20 04:33:53 UTC (rev 50818)
@@ -5709,7 +5709,7 @@
 	RESERVED
 CVE-2017-5967 (The time subsystem in the Linux kernel through 4.9.9, when ...)
 	- linux 4.9.13-1 (low)
-	[jessie] - linux <no-dsa> (Upstream fix removes feature; not suitable for backporting)
+	[jessie] - linux <no-dsa> (Will be fixed in point release)
 	[wheezy] - linux <no-dsa> (Upstream fix removes feature; not suitable for backporting)
 CVE-2017-5966
 	RESERVED
@@ -6008,6 +6008,7 @@
 	NOTE: https://bugzilla.suse.com/show_bug.cgi?id=1023012
 CVE-2016-10200 (Race condition in the L2TPv3 IP Encapsulation feature in the Linux ...)
 	- linux 4.8.15-1
+	[jessie] - linux <no-dsa> (Will be fixed in point release)
 	NOTE: Fixed by: https://git.kernel.org/linus/32c231164b762dddefa13af5a0101032c70b50ef (v4.9-rc7)
 CVE-2017-5938 (Cross-site scripting (XSS) vulnerability in the nav_path function in ...)
 	{DSA-3784-1 DLA-820-1}
@@ -6063,6 +6064,7 @@
 	[jessie] - zoneminder <no-dsa> (Minor issue)
 CVE-2016-10208 (The ext4_fill_super function in fs/ext4/super.c in the Linux kernel ...)
 	- linux 4.9.10-1
+	[jessie] - linux <no-dsa> (Will be fixed in point release)
 	[wheezy] - linux <not-affected> (Vulnerable code introduced later)
 	NOTE: Fixed by: https://github.com/torvalds/linux/commit/3a4b77cd47bb837b8557595ec7425f281f2ca1fe (4.10-rc1)
 	NOTE: Introduced by: https://github.com/torvalds/linux/commit/952fc18ef9ec707ebdc16c0786ec360295e5ff15 (3.6-rc1)
@@ -11457,6 +11459,7 @@
 	NOT-FOR-US: WampServer
 CVE-2016-10044 (The aio_mount function in fs/aio.c in the Linux kernel before 4.7.7 ...)
 	- linux 4.7.8-1
+	[jessie] - linux <no-dsa> (Will be fixed in point release)
 	[wheezy] - linux <no-dsa> (Changes required are too invasive)
 CVE-2016-10043 (An issue was discovered in Radisys MRF Web Panel (SWMS) 9.0.1. The ...)
 	NOT-FOR-US: Radisys MRF Web Panel
@@ -32363,6 +32366,7 @@
 	NOTE: libv8 is not covered by security support
 CVE-2016-6213 (fs/namespace.c in the Linux kernel before 4.9 does not restrict how ...)
 	- linux 4.8.11-1
+	[jessie] - linux <no-dsa> (Will be fixed in point release)
 	[wheezy] - linux <no-dsa> (Only exploitable by privileged user; too many changes to backport)
 	NOTE: https://lkml.org/lkml/2016/8/28/269
 	NOTE: Fixed by: https://git.kernel.org/linus/d29216842a85c7970c536108e093963f02714498 (v4.9-rc1)

More information about the Secure-testing-commits mailing list