[Secure-testing-commits] r53586 - data/CVE
Salvatore Bonaccorso
carnil at moszumanska.debian.org
Mon Jul 17 19:43:01 UTC 2017
Author: carnil
Date: 2017-07-17 19:43:01 +0000 (Mon, 17 Jul 2017)
New Revision: 53586
Modified:
data/CVE/list
Log:
Record fixes for src:linux to unstable
Modified: data/CVE/list
===================================================================
--- data/CVE/list 2017-07-17 19:34:57 UTC (rev 53585)
+++ data/CVE/list 2017-07-17 19:43:01 UTC (rev 53586)
@@ -461,7 +461,7 @@
CVE-2017-11177
RESERVED
CVE-2017-11176 (The mq_notify function in the Linux kernel through 4.11.9 does not set ...)
- - linux <unfixed>
+ - linux 4.11.11-1
NOTE: Fixed by: https://git.kernel.org/linus/f991af3daabaecff34684fd51fac80319d1baad1
CVE-2017-11175
RESERVED
@@ -1616,7 +1616,7 @@
CVE-2017-10811
RESERVED
CVE-2017-10810 (Memory leak in the virtio_gpu_object_create function in ...)
- - linux <unfixed> (low)
+ - linux 4.11.11-1 (low)
[jessie] - linux <not-affected> (Vulnerable code not present)
[wheezy] - linux <not-affected> (Vulnerable code not present)
NOTE: Fixed by: https://git.kernel.org/linux/385aee965b4e4c36551c362a334378d2985b722a
@@ -3976,7 +3976,7 @@
- xen <unfixed>
NOTE: https://xenbits.xen.org/xsa/advisory-217.html
CVE-2017-10911 (The make_response function in drivers/block/xen-blkback/blkback.c in ...)
- - linux <unfixed>
+ - linux 4.11.11-1
- qemu <unfixed>
NOTE: https://xenbits.xen.org/xsa/advisory-216.html
CVE-2017-1000381 (The c-ares function `ares_parse_naptr_reply()`, which is used for ...)
@@ -4030,7 +4030,7 @@
[stretch] - linux 4.9.30-2+deb9u1
NOTE: https://www.qualys.com/2017/06/19/stack-clash/stack-clash.txt
CVE-2017-1000365 (The Linux Kernel imposes a size restriction on the arguments and ...)
- - linux <unfixed>
+ - linux 4.11.11-1
NOTE: https://www.qualys.com/2017/06/19/stack-clash/stack-clash.txt
NOTE: Fixed by: https://git.kernel.org/linus/98da7d08850fb8bdeb395d6368ed15753304aa0c
CVE-2017-1000366 (glibc contains a vulnerability that allows specially crafted ...)
@@ -4043,11 +4043,11 @@
- exim4 4.89-3
NOTE: https://www.qualys.com/2017/06/19/stack-clash/stack-clash.txt
CVE-2017-1000370 (The offset2lib patch as used in the Linux Kernel contains a ...)
- - linux <unfixed>
+ - linux 4.11.11-1
[wheezy] - linux <not-affected> (Memory layout is different)
NOTE: https://www.qualys.com/2017/06/19/stack-clash/stack-clash.txt
CVE-2017-1000371 (The offset2lib patch as used by the Linux Kernel contains a ...)
- - linux <unfixed>
+ - linux 4.11.11-1
[wheezy] - linux <not-affected> (Memory layout is different)
NOTE: https://www.qualys.com/2017/06/19/stack-clash/stack-clash.txt
CVE-2017-1000376 (libffi requests an executable stack allowing attackers to more easily ...)
@@ -10682,7 +10682,7 @@
NOTE: http://tracker.ceph.com/issues/20240
CVE-2017-7518 [debug exception via syscall emulation]
RESERVED
- - linux <unfixed>
+ - linux 4.11.11-1
[wheezy] - linux <not-affected> (Vulnerable code not present)
NOTE: http://www.openwall.com/lists/oss-security/2017/06/23/5
NOTE: https://www.spinics.net/lists/kvm/msg151817.html
@@ -10835,7 +10835,7 @@
NOTE: http://www.openwall.com/lists/oss-security/2017/05/01/15
CVE-2017-7482
RESERVED
- - linux <unfixed>
+ - linux 4.11.11-1
NOTE: Fixed by: https://git.kernel.org/linus/5f2f97656ada8d811d3c1bef503ced266fcd53a0
CVE-2017-7481 [Security issue with lookup return not tainting the jinja2 environment]
RESERVED
More information about the Secure-testing-commits
mailing list