[Secure-testing-commits] r53586 - data/CVE

Salvatore Bonaccorso carnil at moszumanska.debian.org
Mon Jul 17 19:43:01 UTC 2017


Author: carnil
Date: 2017-07-17 19:43:01 +0000 (Mon, 17 Jul 2017)
New Revision: 53586

Modified:
   data/CVE/list
Log:
Record fixes for src:linux to unstable

Modified: data/CVE/list
===================================================================
--- data/CVE/list	2017-07-17 19:34:57 UTC (rev 53585)
+++ data/CVE/list	2017-07-17 19:43:01 UTC (rev 53586)
@@ -461,7 +461,7 @@
 CVE-2017-11177
 	RESERVED
 CVE-2017-11176 (The mq_notify function in the Linux kernel through 4.11.9 does not set ...)
-	- linux <unfixed>
+	- linux 4.11.11-1
 	NOTE: Fixed by: https://git.kernel.org/linus/f991af3daabaecff34684fd51fac80319d1baad1
 CVE-2017-11175
 	RESERVED
@@ -1616,7 +1616,7 @@
 CVE-2017-10811
 	RESERVED
 CVE-2017-10810 (Memory leak in the virtio_gpu_object_create function in ...)
-	- linux <unfixed> (low)
+	- linux 4.11.11-1 (low)
 	[jessie] - linux <not-affected> (Vulnerable code not present)
 	[wheezy] - linux <not-affected> (Vulnerable code not present)
 	NOTE: Fixed by: https://git.kernel.org/linux/385aee965b4e4c36551c362a334378d2985b722a
@@ -3976,7 +3976,7 @@
 	- xen <unfixed>
 	NOTE: https://xenbits.xen.org/xsa/advisory-217.html
 CVE-2017-10911 (The make_response function in drivers/block/xen-blkback/blkback.c in ...)
-	- linux <unfixed>
+	- linux 4.11.11-1
 	- qemu <unfixed>
 	NOTE: https://xenbits.xen.org/xsa/advisory-216.html
 CVE-2017-1000381 (The c-ares function `ares_parse_naptr_reply()`, which is used for ...)
@@ -4030,7 +4030,7 @@
 	[stretch] - linux 4.9.30-2+deb9u1
 	NOTE: https://www.qualys.com/2017/06/19/stack-clash/stack-clash.txt
 CVE-2017-1000365 (The Linux Kernel imposes a size restriction on the arguments and ...)
-	- linux <unfixed>
+	- linux 4.11.11-1
 	NOTE: https://www.qualys.com/2017/06/19/stack-clash/stack-clash.txt
 	NOTE: Fixed by: https://git.kernel.org/linus/98da7d08850fb8bdeb395d6368ed15753304aa0c
 CVE-2017-1000366 (glibc contains a vulnerability that allows specially crafted ...)
@@ -4043,11 +4043,11 @@
 	- exim4 4.89-3
 	NOTE: https://www.qualys.com/2017/06/19/stack-clash/stack-clash.txt
 CVE-2017-1000370 (The offset2lib patch as used in the Linux Kernel contains a ...)
-	- linux <unfixed>
+	- linux 4.11.11-1
 	[wheezy] - linux <not-affected> (Memory layout is different)
 	NOTE: https://www.qualys.com/2017/06/19/stack-clash/stack-clash.txt
 CVE-2017-1000371 (The offset2lib patch as used by the Linux Kernel contains a ...)
-	- linux <unfixed>
+	- linux 4.11.11-1
 	[wheezy] - linux <not-affected> (Memory layout is different)
 	NOTE: https://www.qualys.com/2017/06/19/stack-clash/stack-clash.txt
 CVE-2017-1000376 (libffi requests an executable stack allowing attackers to more easily ...)
@@ -10682,7 +10682,7 @@
 	NOTE: http://tracker.ceph.com/issues/20240
 CVE-2017-7518 [debug exception via syscall emulation]
 	RESERVED
-	- linux <unfixed>
+	- linux 4.11.11-1
 	[wheezy] - linux <not-affected> (Vulnerable code not present)
 	NOTE: http://www.openwall.com/lists/oss-security/2017/06/23/5
 	NOTE: https://www.spinics.net/lists/kvm/msg151817.html
@@ -10835,7 +10835,7 @@
 	NOTE: http://www.openwall.com/lists/oss-security/2017/05/01/15
 CVE-2017-7482
 	RESERVED
-	- linux <unfixed>
+	- linux 4.11.11-1
 	NOTE: Fixed by: https://git.kernel.org/linus/5f2f97656ada8d811d3c1bef503ced266fcd53a0
 CVE-2017-7481 [Security issue with lookup return not tainting the jinja2 environment]
 	RESERVED




More information about the Secure-testing-commits mailing list