[Secure-testing-commits] r56717 - data/CVE

Salvatore Bonaccorso carnil at moszumanska.debian.org
Sun Oct 15 13:39:35 UTC 2017 

Author: carnil
Date: 2017-10-15 13:39:35 +0000 (Sun, 15 Oct 2017)
New Revision: 56717

Modified:
   data/CVE/list
Log:
Some CVEs fixed with 4.13.4-2 upload

Modified: data/CVE/list
===================================================================
--- data/CVE/list	2017-10-15 12:01:47 UTC (rev 56716)
+++ data/CVE/list	2017-10-15 13:39:35 UTC (rev 56717)
@@ -248,7 +248,7 @@
 	NOTE: Fixed by: https://gnunet.org/git/libextractor.git/commit/?id=b577d5452c5c4ee9d552da62a24b95f461551fe2
 CVE-2017-15265 [use-after-free in /dev/snd/seq]
 	RESERVED
-	- linux <unfixed>
+	- linux 4.13.4-2
 	NOTE: https://bugzilla.suse.com/show_bug.cgi?id=1062520
 	NOTE: http://mailman.alsa-project.org/pipermail/alsa-devel/2017-October/126292.html
 CVE-2017-15264 (IrfanView version 4.44 (32bit) allows attackers to cause a denial of ...)
@@ -714,7 +714,7 @@
 	NOTE: https://pagure.io/koji/c/ba7b5a3cbed11ade11c3af5e834c9a6de4f6d7c3
 CVE-2017-1000255 [kernel memory overwrite in transactional memory handling]
 	RESERVED
-	- linux <unfixed>
+	- linux 4.13.4-2
 	[jessie] - linux <not-affected> (Vulnerable code introduced later)
 	[wheezy] - linux <not-affected> (Vulnerable code introduced later)
 	NOTE: Fixed by: https://git.kernel.org/linus/265e60a170d0a0ecfc2d20490134ed2c48dd45ab
@@ -8894,7 +8894,7 @@
 CVE-2017-12193
 	RESERVED
 CVE-2017-12192 (A vulnerability was found in the Key Management sub component of the ...)
-	- linux <unfixed>
+	- linux 4.13.4-2
 	[wheezy] - linux <not-affected> (Vulnerable code introduced later)
 	NOTE: Fixed by: https://git.kernel.org/linus/37863c43b2c6464f252862bf2e9768264e961678 (4.14-rc3)
 	NOTE: Introduced by: https://git.kernel.org/linus/61ea0c0ba904a55f55317d850c1072ff7835ac92 (3.13-rc1)
@@ -8907,7 +8907,7 @@
 CVE-2017-12189
 	RESERVED
 CVE-2017-12188 (arch/x86/kvm/mmu.c in the Linux kernel through 4.13.5, when nested ...)
-	- linux <unfixed>
+	- linux 4.13.4-2
 	NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=1500380
 	NOTE: https://www.spinics.net/lists/kvm/msg156651.html
 CVE-2017-12187
@@ -30737,7 +30737,7 @@
 	RESERVED
 CVE-2017-5123 [waitid() not calling access_ok()]
 	RESERVED
-	- linux <unfixed>
+	- linux 4.13.4-2
 	[stretch] - linux <not-affected> (Vulnerable code not present)
 	[jessie] - linux <not-affected> (Vulnerable code not present)
 	[wheezy] - linux <not-affected> (Vulnerable code not present)
@@ -41856,7 +41856,7 @@
 CVE-2017-0787 (A elevation of privilege vulnerability in the Broadcom wi-fi driver. ...)
 	NOT-FOR-US: Broadcom driver for Android
 CVE-2017-0786 (A elevation of privilege vulnerability in the Broadcom wi-fi driver. ...)
-	- linux <unfixed>
+	- linux 4.13.4-2
 	NOTE: Fixed by: https://git.kernel.org/linus/17df6453d4be17910456e99c5a85025aa1b7a246 (v4.14-rc4)
 CVE-2017-0785 (A information disclosure vulnerability in the Android system ...)
 	NOT-FOR-US: Android

More information about the Secure-testing-commits mailing list