[Git][security-tracker-team/security-tracker][master] Sync status on linux CVEs

Sat May 26 09:53:49 BST 2018

Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker


Commits:
cc5269f1 by Salvatore Bonaccorso at 2018-05-26T10:53:09+02:00
Sync status on linux CVEs

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================

--- a/data/CVE/list
+++ b/data/CVE/list
@@ -2830,6 +2830,7 @@ CVE-2018-10324
 CVE-2018-10323 (The xfs_bmap_extents_to_btree function in fs/xfs/libxfs/xfs_bmap.c in ...)
 	{DSA-4188-1}
 	- linux 4.16.5-1
+	[wheezy] - linux <ignored> (Too much work to backport)
 	NOTE: https://bugzilla.kernel.org/show_bug.cgi?id=199423
 CVE-2018-10322 (The xfs_dinode_verify function in fs/xfs/libxfs/xfs_inode_buf.c in the ...)
 	- linux 4.16.5-1
@@ -10875,6 +10876,7 @@ CVE-2018-7274 (Yab Quarx through 2.4.3 is prone to multiple persistent cross-sit
 	NOT-FOR-US: Yab Quarx
 CVE-2018-7273 (In the Linux kernel through 4.15.4, the floppy driver reveals the ...)
 	- linux 4.15.4-1
+	[wheezy] - linux <ignored> (Minor issue)
 	NOTE: https://lkml.org/lkml/2018/2/20/669
 CVE-2018-7272 (The REST APIs in ForgeRock AM before 5.5.0 include SSOToken IDs as part ...)
 	NOT-FOR-US: ForgeRock AM
@@ -21035,6 +21037,7 @@ CVE-2018-3639 (Systems with microprocessors utilizing speculative execution and 
 	- intel-microcode <unfixed>
 	- amd64-microcode <unfixed>
 	- linux <unfixed>
+	[wheezy] - linux <ignored> (Too much work to backport)
 	- xen <unfixed>
 	NOTE: https://xenbits.xen.org/xsa/advisory-263.html
 	NOTE: https://bugs.chromium.org/p/project-zero/issues/detail?id=1528
@@ -37567,6 +37570,7 @@ CVE-2017-15122
 	RESERVED
 CVE-2017-15121 (A non-privileged user is able to mount a fuse filesystem on RHEL 6 or ...)
 	- linux 3.11.5-1
+	[wheezy] - linux <ignored> (Too much work to backport)
 	NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=1520893
 	NOTE: Fixed by: https://git.kernel.org/linus/5a7203947a1d9b6f3a00a39fda08c2466489555f (v3.11-rc1)
 CVE-2017-15120 [Crafted CNAME answer can cause a denial of service]
@@ -101727,6 +101731,7 @@ CVE-2016-3662
 	RESERVED
 CVE-2015-8839 (Multiple race conditions in the ext4 filesystem implementation in the ...)
 	- linux 4.5.1-1
+	[wheezy] - linux <ignored> (Too much work to backport)
 	NOTE: https://git.kernel.org/linus/ea3d7209ca01da209cda6f0dea8be9cc4b7a933b (v4.5-rc1)
 	NOTE: https://git.kernel.org/linus/17048e8a083fec7ad841d88ef0812707fbc7e39f (v4.5-rc1)
 	NOTE: https://git.kernel.org/linus/32ebffd3bbb4162da5ff88f9a35dd32d0a28ea70 (v4.5-rc1)



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/cc5269f158cc3f72ccf08f48516205355e85ac12

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/cc5269f158cc3f72ccf08f48516205355e85ac12
You're receiving this email because of your account on salsa.debian.org.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20180526/35228aa5/attachment.html>
