[Secure-testing-commits] r55967 - data/CVE

Moritz Muehlenhoff jmm at moszumanska.debian.org
Thu Sep 21 09:50:35 UTC 2017 

Author: jmm
Date: 2017-09-21 09:50:35 +0000 (Thu, 21 Sep 2017)
New Revision: 55967

Modified:
   data/CVE/list
Log:
one older kernel issue fixed in jessie
mark several older no-dsa issues in Linux properly as <ignored>


Modified: data/CVE/list
===================================================================
--- data/CVE/list	2017-09-21 09:36:15 UTC (rev 55966)
+++ data/CVE/list	2017-09-21 09:50:35 UTC (rev 55967)
@@ -25215,7 +25215,7 @@
 	NOTE: http://www.openwall.com/lists/oss-security/2017/02/13/11
 CVE-2017-5972 (The TCP stack in the Linux kernel 3.x does not properly implement a ...)
 	- linux 4.4.2-1
-	[jessie] - linux <no-dsa> (Known perfomance limitation)
+	[jessie] - linux <ignored> (Known perfomance limitation)
 	[wheezy] - linux <no-dsa> (Known perfomance limitation)
 CVE-2016-10225 (The sunxi-debug driver in Allwinner 3.4 legacy kernel for H3, A83T and ...)
 	NOT-FOR-US: sunxi-debug driver in Allwinner kernel
@@ -50153,7 +50153,7 @@
 	NOTE: Fixed by: https://git.kernel.org/linus/ab79efab0a0ba01a74df782eb7fa44b044dae8b5 (v4.3)
 CVE-2015-8952 (The mbcache feature in the ext2 and ext4 filesystem implementations in ...)
 	- linux 4.6.1-1 (low)
-	[jessie] - linux <no-dsa> (Minor issue and too intrusive to backport, workaround exists with the no_mbcache mount flag)
+	[jessie] - linux <ignored> (Minor issue and too intrusive to backport, workaround exists with the no_mbcache mount flag)
 	[wheezy] - linux <no-dsa> (Minor issue and too intrusive to backport)
 	NOTE: https://git.kernel.org/linus/f9a61eb4e2471c56a63cd804c7474128138c38ac (v4.6-rc1)
 	NOTE: https://git.kernel.org/linus/82939d7999dfc1f1998c4b1c12e2f19edbdff272 (v4.6-rc1)
@@ -62373,7 +62373,7 @@
 	NOTE: https://marc.info/?l=linux-usb&m=145796765030590&w=2
 CVE-2016-3139 (The wacom_probe function in drivers/input/tablet/wacom_sys.c in the ...)
 	- linux 4.0.2-1 (low)
-	[jessie] - linux <no-dsa> (Minor issue)
+	[jessie] - linux <ignored> (Minor issue)
 	[wheezy] - linux <no-dsa> (Minor issue)
 	NOTE: http://seclists.org/bugtraq/2016/Mar/60
 	NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=1283375
@@ -63014,7 +63014,7 @@
 	NOTE: http://www.openwall.com/lists/oss-security/2016/03/03/9
 CVE-2016-2854 (The aufs module for the Linux kernel 3.x and 4.x does not properly ...)
 	- linux 3.18-1~exp1
-	[jessie] - linux <no-dsa> (Not exploitable in default configuration)
+	[jessie] - linux <ignored> (Not exploitable in default configuration)
 	[wheezy] - linux <not-affected> (Vulnerable code is not present)
 	NOTE: http://www.halfdog.net/Security/2016/AufsPrivilegeEscalationInUserNamespaces/
 	NOTE: https://sourceforge.net/p/aufs/mailman/message/34864744/
@@ -63023,7 +63023,7 @@
 	NOTE: wheezy: User namespaces are non-functional.
 CVE-2016-2853 (The aufs module for the Linux kernel 3.x and 4.x does not properly ...)
 	- linux 3.18-1~exp1
-	[jessie] - linux <no-dsa> (Not exploitable in default configuration)
+	[jessie] - linux <ignored> (Not exploitable in default configuration)
 	[wheezy] - linux <not-affected> (Vulnerable code is not present)
 	NOTE: http://www.halfdog.net/Security/2016/AufsPrivilegeEscalationInUserNamespaces/
 	NOTE: https://sourceforge.net/p/aufs/mailman/message/34864744/
@@ -70616,7 +70616,7 @@
 	RESERVED
 CVE-2016-0758 (Integer overflow in lib/asn1_decoder.c in the Linux kernel before 4.6 ...)
 	- linux 4.5.4-1
-	[jessie] - linux <no-dsa> (Vulnerable code not built)
+	[jessie] - linux 3.16.36-1
 	[wheezy] - linux <not-affected> (Vulnerable code introduced in v3.10-rc1)
 	NOTE: https://lkml.org/lkml/2016/5/12/270
 	NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=1300257
@@ -70944,8 +70944,8 @@
 	NOTE: http://xenbits.xen.org/xsa/advisory-164.html
 CVE-2015-8553 (Xen allows guest OS users to obtain sensitive information from ...)
 	- linux <unfixed>
-	[jessie] - linux <no-dsa> (Intrusive; breaks qemu as used in Jessie; cf. kernel-sec for more details)
-	[wheezy] - linux <no-dsa> (Intrusive; breaks qemu as used in Wheezy; cf. kernel-sec for more details)
+	[jessie] - linux <ignored> (Intrusive; breaks qemu as used in Jessie; cf. kernel-sec for more details)
+	[wheezy] - linux <ignored> (Intrusive; breaks qemu as used in Wheezy; cf. kernel-sec for more details)
 	- linux-2.6 <removed>
 	[squeeze] - linux-2.6 <no-dsa> (Xen not supported in Squeeze LTS)
 	NOTE: CVE for the incomplete patches from XSA-120 and supplied in
@@ -74978,7 +74978,8 @@
 	NOTE: http://xenbits.xen.org/xsa/advisory-145.html
 CVE-2013-7445 (The Direct Rendering Manager (DRM) subsystem in the Linux kernel ...)
 	- linux <unfixed>
-	[jessie] - linux <no-dsa> (Minor issue, requires invasive changes)
+	[stretch] - linux <ignored> (Minor issue, requires invasive changes)
+	[jessie] - linux <ignored> (Minor issue, requires invasive changes)
 	[wheezy] - linux <no-dsa> (Minor issue, requires invasive changes)
 	- linux-2.6 <removed>
 	NOTE: https://bugzilla.kernel.org/show_bug.cgi?id=60533
@@ -87505,7 +87506,7 @@
 	NOT-FOR-US: Lenovo USB Enhanced Performance Keyboard software
 CVE-2014-9717 (fs/namespace.c in the Linux kernel before 4.0.2 processes MNT_DETACH ...)
 	- linux 4.0.2-1 (low)
-	[jessie] - linux <no-dsa> (Too intrusive to backport)
+	[jessie] - linux <ignored> (Too intrusive to backport)
 	[wheezy] - linux <not-affected> (user namespaces known broken before 3.5, see kernel-sec info)
 	- linux-2.6 <not-affected> (user namespaces known broken before 3.5, see kernel-sec info)
 	NOTE: https://groups.google.com/forum/#!topic/linux.kernel/HnegnbXk0Vs

More information about the Secure-testing-commits mailing list