[Git][security-tracker-team/security-tracker][master] Track fixes for 4.9.110-1

Salvatore Bonaccorso carnil at debian.org
Sat Jul 14 09:34:03 BST 2018 

Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker


Commits:
059d4a08 by Salvatore Bonaccorso at 2018-07-14T10:33:27+02:00
Track fixes for 4.9.110-1

- - - - -


2 changed files:

- data/CVE/list
- data/next-point-update.txt


Changes:

=====================================
data/CVE/list
=====================================
--- a/data/CVE/list
+++ b/data/CVE/list
@@ -4471,6 +4471,7 @@ CVE-2017-18287 (An issue was discovered in PvPGN Stats 2.4.6. SQL Injection exis
 CVE-2018-12233 (In the ea_get function in fs/jfs/xattr.c in the Linux kernel through ...)
 	{DLA-1423-1 DLA-1422-1}
 	- linux 4.17.3-1
+	[stretch] - linux 4.9.110-1
 	NOTE: https://lkml.org/lkml/2018/6/2/2
 CVE-2018-12232 (In net/socket.c in the Linux kernel through 4.17.1, there is a race ...)
 	- linux 4.17.3-1
@@ -6272,6 +6273,7 @@ CVE-2018-11507 (An issue was discovered in Free Lossless Image Format (FLIF) 0.3
 CVE-2018-11506 (The sr_do_ioctl function in drivers/scsi/sr_ioctl.c in the Linux kernel ...)
 	{DLA-1423-1 DLA-1422-1}
 	- linux 4.16.16-1
+	[stretch] - linux 4.9.110-1
 	NOTE: Fixed by: https://git.kernel.org/linus/f7068114d45ec55996b9040e98111afa56e010fe
 CVE-2018-11505 (The Werewolf Online application 0.8.8 for Android allows attackers to ...)
 	NOT-FOR-US: Werewolf Online application for Android
@@ -7901,41 +7903,49 @@ CVE-2018-10883
 	RESERVED
 	{DLA-1423-1}
 	- linux 4.17.3-1
+	[stretch] - linux 4.9.110-1
 	NOTE: https://bugzilla.kernel.org/show_bug.cgi?id=200071
 CVE-2018-10882
 	RESERVED
 	{DLA-1423-1}
 	- linux 4.17.3-1
+	[stretch] - linux 4.9.110-1
 	NOTE: https://bugzilla.kernel.org/show_bug.cgi?id=200069
 CVE-2018-10881
 	RESERVED
 	{DLA-1423-1}
 	- linux 4.17.3-1
+	[stretch] - linux 4.9.110-1
 	NOTE: https://bugzilla.kernel.org/show_bug.cgi?id=200015
 CVE-2018-10880
 	RESERVED
 	{DLA-1423-1}
 	- linux 4.17.3-1
+	[stretch] - linux 4.9.110-1
 	NOTE: https://bugzilla.kernel.org/show_bug.cgi?id=200005
 CVE-2018-10879
 	RESERVED
 	{DLA-1423-1}
 	- linux 4.17.3-1
+	[stretch] - linux 4.9.110-1
 	NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=1596806
 CVE-2018-10878
 	RESERVED
 	{DLA-1423-1}
 	- linux 4.17.3-1
+	[stretch] - linux 4.9.110-1
 	NOTE: https://bugzilla.kernel.org/show_bug.cgi?id=199865
 CVE-2018-10877
 	RESERVED
 	{DLA-1423-1}
 	- linux 4.17.3-1
+	[stretch] - linux 4.9.110-1
 	NOTE: https://bugzilla.kernel.org/show_bug.cgi?id=199417
 CVE-2018-10876
 	RESERVED
 	{DLA-1423-1}
 	- linux 4.17.3-1
+	[stretch] - linux 4.9.110-1
 	NOTE: https://bugzilla.kernel.org/show_bug.cgi?id=199403
 CVE-2018-10875 (A flaw was found in ansible. ansible.cfg is read from the current ...)
 	- ansible 2.6.1+dfsg-1
@@ -8016,6 +8026,7 @@ CVE-2018-10853 [kvm: guest userspace to guest kernel write]
 	RESERVED
 	{DLA-1423-1 DLA-1422-1}
 	- linux 4.16.16-1
+	[stretch] - linux 4.9.110-1
 	NOTE: Fixed by: https://git.kernel.org/linus/3c9fa24ca7c9c47605672916491f79e8ccacb9e6
 CVE-2018-10852 (The UNIX pipe which sudo uses to contact SSSD and read the available ...)
 	- sssd <unfixed> (bug #902860)
@@ -35202,6 +35213,7 @@ CVE-2018-1119
 CVE-2018-1118 (Linux kernel vhost since version 4.8 does not properly initialize ...)
 	{DLA-1423-1}
 	- linux 4.17.3-1
+	[stretch] - linux 4.9.110-1
 	[jessie] - linux <not-affected> (Vulnerable code not present)
 	[wheezy] - linux <not-affected> (Vulnerable code not present)
 	NOTE: https://lkml.org/lkml/2018/4/27/833


=====================================
data/next-point-update.txt
=====================================
--- a/data/next-point-update.txt
+++ b/data/next-point-update.txt
@@ -82,30 +82,6 @@ CVE-2018-10360
 	[stretch] - file 1:5.30-1+deb9u2
 CVE-2018-0496
 	[stretch] - freedink-dfarc 3.12-1+deb9u1
-CVE-2018-10853
-	[stretch] - linux 4.9.110-1
-CVE-2018-10876
-	[stretch] - linux 4.9.110-1
-CVE-2018-10877
-	[stretch] - linux 4.9.110-1
-CVE-2018-10878
-	[stretch] - linux 4.9.110-1
-CVE-2018-10879
-	[stretch] - linux 4.9.110-1
-CVE-2018-10880
-	[stretch] - linux 4.9.110-1
-CVE-2018-10881
-	[stretch] - linux 4.9.110-1
-CVE-2018-10882
-	[stretch] - linux 4.9.110-1
-CVE-2018-10883
-	[stretch] - linux 4.9.110-1
-CVE-2018-1118
-	[stretch] - linux 4.9.110-1
-CVE-2018-11506
-	[stretch] - linux 4.9.110-1
-CVE-2018-12233
-	[stretch] - linux 4.9.110-1
 CVE-2018-10857
 	[stretch] - git-annex 6.20170101-1+deb9u2
 CVE-2018-10859



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/059d4a080785765685ca8543c2952ef53f1c5a76

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/059d4a080785765685ca8543c2952ef53f1c5a76
You're receiving this email because of your account on salsa.debian.org.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20180714/2087fe0e/attachment-0001.html>

More information about the debian-security-tracker-commits mailing list