[Secure-testing-commits] r32764 - data/CVE

Tue, 10 Mar 2015 14:54:12 -0700 

Author: benh
Date: 2015-03-10 21:53:49 +0000 (Tue, 10 Mar 2015)
New Revision: 32764

Modified:
   data/CVE/list
Log:
Mark the linux-2.6 issues not planned to be fixed in squeeze-lts as <no-dsa>

Modified: data/CVE/list
===================================================================
--- data/CVE/list       2015-03-10 21:10:14 UTC (rev 32763)
+++ data/CVE/list       2015-03-10 21:53:49 UTC (rev 32764)
@@ -6052,9 +6052,8 @@
        {DSA-3128-1}
        - linux 3.16.7-ckt4-1
        - linux-2.6 <removed>
-       [squeeze] - linux-2.6 <unfixed>
+       [squeeze] - linux-2.6 <no-dsa> (Too risky to backport)
        NOTE: 
https://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/arch/x86?id=f647d7c155f069c1a068030255c300663516420e
 (v3.19-rc1)
-       NOTE: No plan to fix in squeeze as it is too risky to backport
 CVE-2014-9420 (The rock_continue function in fs/isofs/rock.c in the Linux 
kernel ...)
        {DLA-155-1}
        - linux 3.16.7-ckt4-1
@@ -7054,9 +7053,8 @@
 CVE-2010-5313 (Race condition in arch/x86/kvm/x86.c in the Linux kernel before 
2.6.38 ...)
        - linux 2.6.38-1
        - linux-2.6 2.6.38-1
-       [squeeze] - linux-2.6 <unfixed>
+       [squeeze] - linux-2.6 <no-dsa> (KVM not supported in Squeeze LTS)
        NOTE: 
https://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=fc3a9157d314
 (v2.6.38-rc1)
-       NOTE: KVM not supported in Squeeze LTS
 CVE-2014-9156 (The FileField module 6.x-3.x before 6.x-3.13 for Drupal does 
not ...)
        NOT-FOR-US: Drupal module FileField
 CVE-2014-9129 (Cross-site request forgery (CSRF) vulnerability in the 
CreativeMinds ...)
@@ -7527,11 +7525,10 @@
        {DSA-3170-1}
        - linux 3.16.7-ckt4-2
        - linux-2.6 <removed>
-       [squeeze] - linux-2.6 <unfixed>
+       [squeeze] - linux-2.6 <no-dsa> (KVM not supported in Squeeze LTS)
        NOTE: Introduced by: 
https://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=8c60435261deaefeb53ce3222d04d7d5bea81296
        NOTE: Fixed by: 
https://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=f3747379accba8e95d70cec0eae0582c8c182050
        NOTE: http://permalink.gmane.org/gmane.linux.kernel.commits.head/502245
-       NOTE: KVM not supported in Squeeze LTS
 CVE-2015-0238
        RESERVED
        NOT-FOR-US: selinux-policy as shipped with Red Hat OpenShift 2


_______________________________________________
Secure-testing-commits mailing list
Secure-testing-commits@lists.alioth.debian.org
http://lists.alioth.debian.org/cgi-bin/mailman/listinfo/secure-testing-commits

Reply via email to