[Git][security-tracker-team/security-tracker][master] Sync three CVEs for linux with kernel-sec

Salvatore Bonaccorso carnil at debian.org
Sun Feb 17 19:40:48 GMT 2019 

Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker


Commits:
cf96e9d5 by Salvatore Bonaccorso at 2019-02-17T19:39:48Z
Sync three CVEs for linux with kernel-sec

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -2543,6 +2543,7 @@ CVE-2019-7309 (In the GNU C Library (aka glibc or libc6) through 2.29, the memcm
 	NOTE: x32 not officially supported
 CVE-2019-7308 (kernel/bpf/verifier.c in the Linux kernel before 4.20.6 performs ...)
 	- linux 4.19.20-1
+	[jessie] - linux <not-affected> (Vulnerable code not present)
 	NOTE: https://bugs.chromium.org/p/project-zero/issues/detail?id=1711
 	NOTE: Fixed by: https://git.kernel.org/linus/979d63d50c0c0f7bc537bf821e056cc9fe5abd38
 	NOTE: Fixed by: https://git.kernel.org/linus/d3bd7413e0ca40b60cf60d4003246d067cafdeda
@@ -33989,6 +33990,7 @@ CVE-2018-14617 (An issue was discovered in the Linux kernel through 4.17.10. The
 CVE-2018-14616 (An issue was discovered in the Linux kernel through 4.17.10. There is a ...)
 	- linux 4.19.9-1
 	[stretch] - linux 4.9.144-1
+	[jessie] - linux <not-affected> (Vulnerable code not present)
 	NOTE: https://bugzilla.kernel.org/show_bug.cgi?id=200465
 CVE-2018-14615 (An issue was discovered in the Linux kernel through 4.17.10. There is a ...)
 	- linux 4.19.9-1
@@ -72148,6 +72150,7 @@ CVE-2018-1120 (A flaw was found affecting the Linux kernel before version 4.17.
 	{DLA-1423-1}
 	- linux 4.16.12-1
 	[stretch] - linux 4.9.107-1
+	[jessie] - linux <ignored> (Too risky to backport)
 	NOTE: http://www.openwall.com/lists/oss-security/2018/05/17/1
 	NOTE: https://www.qualys.com/2018/05/17/procps-ng-audit-report-advisory.txt
 	NOTE: Fixed by: https://git.kernel.org/linus/7f7ccc2ccc2e70c6054685f5e3522efa81556830



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/cf96e9d5693d587ab7e3f607f803f5ce8b1fd695

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/cf96e9d5693d587ab7e3f607f803f5ce8b1fd695
You're receiving this email because of your account on salsa.debian.org.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20190217/42a95e16/attachment.html>

More information about the debian-security-tracker-commits mailing list