[Git][security-tracker-team/security-tracker][master] Mark CVEs for linux fixed with 4.17.3-1 as fixed

Salvatore Bonaccorso carnil at debian.org
Tue Jul 3 05:33:58 BST 2018 

Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker


Commits:
fb136e12 by Salvatore Bonaccorso at 2018-07-03T06:33:05+02:00
Mark CVEs for linux fixed with 4.17.3-1 as fixed

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
--- a/data/CVE/list
+++ b/data/CVE/list
@@ -1086,7 +1086,7 @@ CVE-2018-12635 (CirCarLife Scada v4.2.4 allows unauthorized upgrades via request
 CVE-2018-12634 (CirCarLife Scada v4.2.4 allows remote attackers to obtain sensitive ...)
 	NOT-FOR-US: CirCarLife Scada
 CVE-2018-12633 (An issue was discovered in the Linux kernel through 4.17.2. ...)
-	- linux <unfixed>
+	- linux 4.17.3-1
 	[stretch] - linux <not-affected> (Vulnerable code not present)
 	[jessie] - linux <not-affected> (Vulnerable code not present)
 	NOTE: https://git.kernel.org/linus/bd23a7269834dc7c1f93e83535d16ebc44b75eba (4.18-rc1)
@@ -2209,10 +2209,10 @@ CVE-2017-18288 (An issue was discovered in PvPGN Stats 2.4.6. SQL Injection exis
 CVE-2017-18287 (An issue was discovered in PvPGN Stats 2.4.6. SQL Injection exists in ...)
 	NOT-FOR-US: PvPGN Stats (relates to pvpgn, but the PHP utilities allowing integration with a PvPGN game server)
 CVE-2018-12233 (In the ea_get function in fs/jfs/xattr.c in the Linux kernel through ...)
-	- linux <unfixed>
+	- linux 4.17.3-1
 	NOTE: https://lkml.org/lkml/2018/6/2/2
 CVE-2018-12232 (In net/socket.c in the Linux kernel through 4.17.1, there is a race ...)
-	- linux <unfixed>
+	- linux 4.17.3-1
 	[stretch] - linux <not-affected> (Vulnerable code not present)
 	[jessie] - linux <not-affected> (Vulnerable code not present)
 	NOTE: Fixed by: https://git.kernel.org/linus/6d8c50dcb029872b298eea68cc6209c866fd3e14
@@ -4203,7 +4203,7 @@ CVE-2018-11414 (An issue was discovered in BearAdmin 0.5. There is ...)
 CVE-2018-11413 (An issue was discovered in BearAdmin 0.5. Remote attackers can download ...)
 	NOT-FOR-US: BearAdmin
 CVE-2018-11412 (In the Linux kernel 4.13 through 4.16.11, ext4_read_inline_data() in ...)
-	- linux <unfixed>
+	- linux 4.17.3-1
 	[stretch] - linux <not-affected> (Introduced in e50e5129f384 in 4.13)
 	[jessie] - linux <not-affected> (Introduced in e50e5129f384 in 4.13)
 	[wheezy] - linux <not-affected> (Introduced in e50e5129f384 in 4.13)
@@ -5581,35 +5581,35 @@ CVE-2018-10884
 	RESERVED
 CVE-2018-10883
 	RESERVED
-	- linux <unfixed>
+	- linux 4.17.3-1
 	NOTE: https://bugzilla.kernel.org/show_bug.cgi?id=200071
 CVE-2018-10882
 	RESERVED
-	- linux <unfixed>
+	- linux 4.17.3-1
 	NOTE: https://bugzilla.kernel.org/show_bug.cgi?id=200069
 CVE-2018-10881
 	RESERVED
-	- linux <unfixed>
+	- linux 4.17.3-1
 	NOTE: https://bugzilla.kernel.org/show_bug.cgi?id=200015
 CVE-2018-10880
 	RESERVED
-	- linux <unfixed>
+	- linux 4.17.3-1
 	NOTE: https://bugzilla.kernel.org/show_bug.cgi?id=200005
 CVE-2018-10879
 	RESERVED
-	- linux <unfixed>
+	- linux 4.17.3-1
 	NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=1596806
 CVE-2018-10878
 	RESERVED
-	- linux <unfixed>
+	- linux 4.17.3-1
 	NOTE: https://bugzilla.kernel.org/show_bug.cgi?id=199865
 CVE-2018-10877
 	RESERVED
-	- linux <unfixed>
+	- linux 4.17.3-1
 	NOTE: https://bugzilla.kernel.org/show_bug.cgi?id=199417
 CVE-2018-10876
 	RESERVED
-	- linux <unfixed>
+	- linux 4.17.3-1
 	NOTE: https://bugzilla.kernel.org/show_bug.cgi?id=199403
 CVE-2018-10875
 	RESERVED
@@ -5724,7 +5724,7 @@ CVE-2018-10841 (glusterfs is vulnerable to privilege escalation on gluster serve
 	NOTE: http://git.gluster.org/cgit/glusterfs.git/commit/?id=e8d928e34680079e42be6947ffacc4ddd7defca2
 CVE-2018-10840 [ext4: correctly handle a zero-length xattr with a non-zero e_value_offs]
 	RESERVED
-	- linux <unfixed>
+	- linux 4.17.3-1
 	[stretch] - linux <not-affected> (Vulnerable code not present)
 	[jessie] - linux <not-affected> (Vulnerable code not present)
 	[wheezy] - linux <not-affected> (Vulnerable code not present)
@@ -32761,7 +32761,7 @@ CVE-2018-1120 (A flaw was found affecting the Linux kernel before version 4.17. 
 CVE-2018-1119
 	REJECTED
 CVE-2018-1118 (Linux kernel vhost since version 4.8 does not properly initialize ...)
-	- linux <unfixed>
+	- linux 4.17.3-1
 	[jessie] - linux <not-affected> (Vulnerable code not present)
 	[wheezy] - linux <not-affected> (Vulnerable code not present)
 	NOTE: https://lkml.org/lkml/2018/4/27/833



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/fb136e1280089b0a48914bff217469f69a5fc950

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/fb136e1280089b0a48914bff217469f69a5fc950
You're receiving this email because of your account on salsa.debian.org.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20180703/4ac3a7fa/attachment.html>

More information about the debian-security-tracker-commits mailing list