[Secure-testing-commits] r54719 - data/CVE
Salvatore Bonaccorso
carnil at moszumanska.debian.org
Sun Aug 13 16:04:10 UTC 2017
Author: carnil
Date: 2017-08-13 16:04:10 +0000 (Sun, 13 Aug 2017)
New Revision: 54719
Modified:
data/CVE/list
Log:
Add fixing version for src:linux upload to unstable
Modified: data/CVE/list
===================================================================
--- data/CVE/list 2017-08-13 15:29:41 UTC (rev 54718)
+++ data/CVE/list 2017-08-13 16:04:10 UTC (rev 54719)
@@ -133,12 +133,12 @@
CVE-2017-12778
RESERVED
CVE-2017-1000112 [Exploitable memory corruption due to UFO to non-UFO path switch]
- - linux <unfixed> (low)
+ - linux 4.12.6-1 (low)
NOTE: Introduced by: https://git.kernel.org/linus/e89e9cf539a28df7d0eb1d0a545368e9920b34ac (2.6.15-rc1)
NOTE: Fixed by: https://git.kernel.org/linus/85f1bd9a7b5a79d5baa8bf44af19658f7bf77bfa
NOTE: Harmless in Debian since unprivileged user namespaces are disabled
CVE-2017-1000111 [heap out-of-bounds in AF_PACKET sockets]
- - linux <unfixed>
+ - linux 4.12.6-1
NOTE: Introduced by: https://git.kernel.org/linus/8913336a7e8d56e984109a3137d6c0e3362596a4 (2.6.27-rc1)
NOTE: Fixed by: https://git.kernel.org/linus/c27927e372f0785f3303e8fad94b85945e2c97b7
NOTE: Non-privileged user namespaces disabled by default, only exploitable by arbitrary user if sysctl kernel.unprivileged_userns_clone=1
@@ -2984,7 +2984,7 @@
CVE-2017-11601
RESERVED
CVE-2017-11600 (net/xfrm/xfrm_policy.c in the Linux kernel through 4.12.3, when ...)
- - linux <unfixed>
+ - linux 4.12.6-1
NOTE: http://seclists.org/bugtraq/2017/Jul/30
CVE-2017-11599
RESERVED
@@ -5713,7 +5713,7 @@
NOTE: Fixed by (master): http://git.qemu.org/?p=qemu.git;a=commitdiff;h=041e32b8d9d076980b4e35317c0339e57ab888f1
CVE-2017-10663 [f2fs: sanity check checkpoint segno and blkoff]
RESERVED
- - linux <unfixed>
+ - linux 4.12.6-1
NOTE: Fixed by: https://git.kernel.org/linus/15d3042a937c13f5d9244241c7a9c8416ff6e82a (v4.13-rc1)
CVE-2017-10662 [f2fs: sanity check segment count]
RESERVED
@@ -10909,7 +10909,7 @@
CVE-2017-8832 (Allen Disk 1.6 has XSS in the id parameter to downfile.php. ...)
NOT-FOR-US: Allen Disk
CVE-2017-8831 (The saa7164_bus_get function in drivers/media/pci/saa7164/saa7164-bus.c ...)
- - linux <unfixed>
+ - linux 4.12.6-1
NOTE: https://bugzilla.kernel.org/show_bug.cgi?id=195559
CVE-2017-8830 (In ImageMagick 7.0.5-6, the ReadBMPImage function in bmp.c:1379 allows ...)
{DSA-3863-1 DLA-960-1}
@@ -14712,11 +14712,11 @@
NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=1473792
CVE-2017-7542 (The ip6_find_1stfragopt function in net/ipv6/output_core.c in the Linux ...)
{DSA-3927-1}
- - linux <unfixed>
+ - linux 4.12.6-1
NOTE: Fixed by: https://git.kernel.org/linus/6399f1fae4ec29fab5ec76070435555e256ca3a6
CVE-2017-7541 (The brcmf_cfg80211_mgmt_tx function in ...)
{DSA-3927-1}
- - linux <unfixed>
+ - linux 4.12.6-1
[wheezy] - linux <not-affected> (Vulnerable code not present)
NOTE: Fixed by: https://git.kernel.org/linus/8f44c9a41386729fea410e688959ddaa9d51be7c
CVE-2017-7540 (rubygem-safemode, as used in Foreman, versions 1.3.2 and earlier are ...)
@@ -14744,7 +14744,7 @@
RESERVED
CVE-2017-7533 (Race condition in the fsnotify implementation in the Linux kernel ...)
{DSA-3927-1}
- - linux <unfixed>
+ - linux 4.12.6-1
[wheezy] - linux <not-affected> (Vulnerable code not present)
NOTE: http://www.openwall.com/lists/oss-security/2017/08/03/2
NOTE: Fixed by: https://git.kernel.org/linus/49d31c2f389acfe83417083e1208422b4091cd9 (v4.13-rc1)
More information about the Secure-testing-commits
mailing list