[Secure-testing-commits] r55943 - in data: . CVE DSA

Salvatore Bonaccorso carnil at moszumanska.debian.org
Wed Sep 20 20:33:26 UTC 2017 

Author: carnil
Date: 2017-09-20 20:33:26 +0000 (Wed, 20 Sep 2017)
New Revision: 55943

Modified:
   data/CVE/list
   data/DSA/list
   data/dsa-needed.txt
Log:
Reserve DSA text for linux

Modified: data/CVE/list
===================================================================
--- data/CVE/list	2017-09-20 18:30:31 UTC (rev 55942)
+++ data/CVE/list	2017-09-20 20:33:26 UTC (rev 55943)
@@ -272,6 +272,7 @@
 	NOT-FOR-US: SilverStripe CMS
 CVE-2017-14497 (The tpacket_rcv function in net/packet/af_packet.c in the Linux kernel ...)
 	- linux 4.12.13-1
+	[stretch] - linux 4.9.30-2+deb9u5
 	[jessie] - linux <not-affected> (Vulnerable code not present)
 	[wheezy] - linux <not-affected> (Vulnerable code not present)
 	NOTE: Fixed by: https://git.kernel.org/linus/edbd58be15a957f6a760c4a514cd475217eb97fd (v4.13)
@@ -1188,6 +1189,7 @@
 	NOTE: https://github.com/uclouvain/openjpeg/issues/982
 CVE-2017-1000252 [KVM denial of service with posted interrupts on Intel systems]
 	- linux 4.12.13-1
+	[stretch] - linux 4.9.30-2+deb9u5
 	[jessie] - linux <not-affected> (Vulnerable code not present)
 	[wheezy] - linux <not-affected> (Vulnerable code not present)
 	NOTE: Fixed by: https://git.kernel.org/linus/3a8b0677fc6180a467e26cc32ce6b0c09a32f9bb (v4.14-rc1)
@@ -6768,6 +6770,7 @@
 	RESERVED
 CVE-2017-12146 (The driver_override implementation in drivers/base/platform.c in the ...)
 	- linux 4.11.11-1
+	[stretch] - linux 4.9.30-2+deb9u5
 	[jessie] - linux <not-affected> (Vulnerable code introduced later)
 	[wheezy] - linux <not-affected> (Vulnerable code introduced later)
 	NOTE: Fixed by: https://git.kernel.org/linus/6265539776a0810b7ce6398c27866ddb9c6bd154 (v4.13-rc1)
@@ -11073,6 +11076,7 @@
 CVE-2017-10661 (Race condition in fs/timerfd.c in the Linux kernel before 4.10.15 ...)
 	{DLA-1099-1}
 	- linux 4.9.30-1
+	[jessie] - linux 3.16.43-2+deb8u5
 	NOTE: Fixed by: https://git.kernel.org/linus/1e38da300e1e395a15048b0af1e5305bd91402f6 (v4.11-rc1)
 CVE-2017-10660
 	RESERVED
@@ -20148,6 +20152,7 @@
 CVE-2017-7558 [sctp: out-of-bounds read in inet_diag_msg_sctp{,l}addr_fill() and sctp_get_sctp_info()]
 	RESERVED
 	- linux 4.12.13-1
+	[stretch] - linux 4.9.30-2+deb9u5
 	[jessie] - linux <not-affected> (Vulnerable code introduced later 4.7 and not backported)
 	[wheezy] - linux <not-affected> (Vulnerable code introduced later 4.7 and not backported)
 CVE-2017-7557 (dnsdist version 1.1.0 is vulnerable to a flaw in authentication ...)

Modified: data/DSA/list
===================================================================
--- data/DSA/list	2017-09-20 18:30:31 UTC (rev 55942)
+++ data/DSA/list	2017-09-20 20:33:26 UTC (rev 55943)
@@ -1,3 +1,7 @@
+[20 Sep 2017] DSA-3981-1 linux - security update
+	{CVE-2017-7518 CVE-2017-11600 CVE-2017-12134 CVE-2017-12153 CVE-2017-12154 CVE-2017-14106 CVE-2017-14140 CVE-2017-14156 CVE-2017-14340 CVE-2017-14489 CVE-2017-1000111 CVE-2017-1000112 CVE-2017-1000251 CVE-2017-1000370 CVE-2017-1000371 CVE-2017-1000380}
+	[jessie] - linux 3.16.43-2+deb8u5
+	[stretch] - linux 4.9.30-2+deb9u5
 [20 Sep 2017] DSA-3980-1 apache2 - security update
 	{CVE-2017-9798}
 	[jessie] - apache2 2.4.10-10+deb8u11

Modified: data/dsa-needed.txt
===================================================================
--- data/dsa-needed.txt	2017-09-20 18:30:31 UTC (rev 55942)
+++ data/dsa-needed.txt	2017-09-20 20:33:26 UTC (rev 55943)
@@ -55,7 +55,7 @@
 --
 libytnef
 --
-linux (benh, carnil)
+linux
   Wait until more issues have piled up
 --
 openjpeg2

More information about the Secure-testing-commits mailing list