[Git][security-tracker-team/security-tracker][master] 2 commits: Sync status for some linux CVE with kernel-sec

Salvatore Bonaccorso carnil at debian.org
Mon Aug 19 14:07:08 BST 2019 


Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker


Commits:
6277d26f by Salvatore Bonaccorso at 2019-08-19T13:06:52Z
Sync status for some linux CVE with kernel-sec

- - - - -
94786aac by Salvatore Bonaccorso at 2019-08-19T13:06:53Z
Drop some pending entries which were included in recent linux DSA

- - - - -


2 changed files:

- data/CVE/list
- data/next-oldstable-point-update.txt


Changes:

=====================================
data/CVE/list
=====================================
@@ -27,6 +27,8 @@ CVE-2018-20976 (An issue was discovered in fs/xfs/xfs_super.c in the Linux kerne
 	NOTE: https://git.kernel.org/linus/c9fbd7bbc23dbdd73364be4d045e5d3612cf6e82
 CVE-2017-18552 (An issue was discovered in net/rds/af_rds.c in the Linux kernel before ...)
 	- linux 4.11.6-1
+	[stretch] - linux <not-affected> (Vulnerable code not present)
+	[jessie] - linux <not-affected> (Vulnerable code not present)
 	NOTE: https://git.kernel.org/linus/780e982905bef61d13496d9af5310bf4af3a64d3
 CVE-2017-18551 (An issue was discovered in drivers/i2c/i2c-core-smbus.c in the Linux k ...)
 	- linux 4.14.17-1
@@ -35,12 +37,17 @@ CVE-2017-18551 (An issue was discovered in drivers/i2c/i2c-core-smbus.c in the L
 	NOTE: https://git.kernel.org/linus/89c6efa61f5709327ecfa24bff18e57a4e80c7fa
 CVE-2017-18550 (An issue was discovered in drivers/scsi/aacraid/commctrl.c in the Linu ...)
 	- linux 4.13.4-1
+	[stretch] - linux <not-affected> (Vulnerable code not present)
+	[jessie] - linux <not-affected> (Vulnerable code not present)
 	NOTE: https://git.kernel.org/linus/342ffc26693b528648bdc9377e51e4f2450b4860
 CVE-2017-18549 (An issue was discovered in drivers/scsi/aacraid/commctrl.c in the Linu ...)
 	- linux 4.13.4-1
+	[stretch] - linux <not-affected> (Vulnerable code not present)
+	[jessie] - linux <not-affected> (Vulnerable code not present)
 	NOTE: https://git.kernel.org/linus/342ffc26693b528648bdc9377e51e4f2450b4860
 CVE-2016-10907 (An issue was discovered in drivers/iio/dac/ad5755.c in the Linux kerne ...)
 	- linux 4.9.2-1
+	[jessie] - linux <not-affected> (Vulnerable code not present)
 	NOTE: https://git.kernel.org/linus/9d47964bfd471f0dd4c89f28556aec68bffa0020
 CVE-2016-10906 (An issue was discovered in drivers/net/ethernet/arc/emac_main.c in the ...)
 	- linux 4.5.1-1
@@ -79741,7 +79748,6 @@ CVE-2018-5996 (Insufficient exception handling in the method NCompress::NRar3::C
 CVE-2018-5995 (The pcpu_embed_first_chunk function in mm/percpu.c in the Linux kernel ...)
 	{DSA-4497-1 DLA-1885-1 DLA-1799-1}
 	- linux 4.15.4-1
-	[stretch] - linux <ignored> (kernel log restricted to root by default)
 CVE-2018-5994 (SQL Injection exists in the JS Jobs 1.1.9 component for Joomla! via th ...)
 	NOT-FOR-US: JS Jobs component for Joomla!
 CVE-2018-5993 (SQL Injection exists in the Aist through 2.0 component for Joomla! via ...)
@@ -177277,7 +177283,6 @@ CVE-2015-8554 (Buffer overflow in hw/pt-msi.c in Xen 4.6.x and earlier, when usi
 CVE-2015-8553 (Xen allows guest OS users to obtain sensitive information from uniniti ...)
 	{DSA-4497-1}
 	- linux 4.19.37-1
-	[stretch] - linux <ignored> (Intrusive; breaks qemu as used in Jessie; cf. kernel-sec for more details)
 	[jessie] - linux <ignored> (Intrusive; breaks qemu as used in Jessie; cf. kernel-sec for more details)
 	[wheezy] - linux <ignored> (Intrusive; breaks qemu as used in Wheezy; cf. kernel-sec for more details)
 	- linux-2.6 <removed>


=====================================
data/next-oldstable-point-update.txt
=====================================
@@ -87,12 +87,6 @@ CVE-2017-11746
 	[stretch] - tenshi 0.13-2.1~deb9u1
 CVE-2019-13031
 	[stretch] - lemonldap-ng 1.9.7-3+deb9u2
-CVE-2018-5995
-	[stretch] - linux 4.9.184-1
-CVE-2019-3882
-	[stretch] - linux 4.9.184-1
-CVE-2018-20836
-	[stretch] - linux 4.9.184-1
 CVE-2019-11487
 	[stretch] - linux 4.9.184-1
 CVE-2019-10142
@@ -103,8 +97,6 @@ CVE-2018-20510
 	[stretch] - linux 4.9.184-1
 CVE-2018-20509
 	[stretch] - linux 4.9.184-1
-CVE-2019-10639
-	[stretch] - linux 4.9.184-1
 CVE-2019-10153
 	[stretch] - fence-agents 4.0.25-1+deb9u1
 CVE-2016-10711



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/compare/5316c077d620fad12009540dcefa3d9d597fa72e...94786aac0ecfd812c153435978b378a9e95dcd8a

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/compare/5316c077d620fad12009540dcefa3d9d597fa72e...94786aac0ecfd812c153435978b378a9e95dcd8a
You're receiving this email because of your account on salsa.debian.org.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20190819/eea7c132/attachment-0001.html>

More information about the debian-security-tracker-commits mailing list