Author: carnil Date: 2015-04-13 05:10:09 +0000 (Mon, 13 Apr 2015) New Revision: 33545
Modified: data/CVE/list Log: Remove explicity unfixed tagged entries in wheezy and squeeze Modified: data/CVE/list =================================================================== --- data/CVE/list 2015-04-12 21:25:13 UTC (rev 33544) +++ data/CVE/list 2015-04-13 05:10:09 UTC (rev 33545) @@ -456,9 +456,7 @@ CVE-2015-2922 [IPv6 Hop limit lowering via RA messages] RESERVED - linux 3.16.7-ckt9-1 - [wheezy] - linux <unfixed> - linux-2.6 <removed> - [squeeze] - linux-2.6 <unfixed> NOTE: Upstream commit: https://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=6fd99094de2b83d1d4c8457f2c83483b2828e75a CVE-2015-2829 RESERVED @@ -503,9 +501,7 @@ CVE-2015-2830 [Linux mishandles int80 fork from 64-bit tasks] RESERVED - linux 3.16.7-ckt9-1 - [wheezy] - linux <unfixed> - linux-2.6 <removed> - [squeeze] - linux-2.6 <unfixed> NOTE: Upstream commit: https://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=956421fbb74c3a6261903f3836c0740187cf038b (v4.0-rc3) NOTE: http://www.openwall.com/lists/oss-security/2015/04/02/1 CVE-2015-XXXX [Signature Bypass in several JSON Web Token Libraries] @@ -1953,7 +1949,6 @@ RESERVED - linux 3.2.20-1 - linux-2.6 3.2.1-1 - [squeeze] - linux-2.6 <unfixed> NOTE: Upstream fix: https://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=c290f8358acaeffd8e0c551ddcc24d1206143376 (v3.2-rc1) NOTE: Introduced by: https://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=4a2b5fddd53b80efcb3266ee36e23b8de28e761a (v2.6.28-rc1) NOTE: 3.2.20-1 is the first version after the src:linux-2.6 -> src:linux rename. @@ -3704,7 +3699,6 @@ {DSA-3170-1} - linux 3.16.7-ckt4-1 - linux-2.6 <removed> - [squeeze] - linux-2.6 <unfixed> NOTE: Upstream fix: https://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=942080643bce061c3dd9d5718d3b745dcb39a8bc (v3.19-rc1) CVE-2013-7436 [session hijack through insecurely set session token cookies] RESERVED @@ -4262,7 +4256,6 @@ - linux 3.6.4-1 [wheezy] - linux 3.2.30-1 - linux-2.6 <removed> - [squeeze] - linux-2.6 <unfixed> NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=848949 NOTE: http://www.openwall.com/lists/oss-security/2015/02/06/13 NOTE: Upstream commit: https://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=20e1db19db5d6b9e4e83021595eab0dc8f107bef (v3.6-rc5) @@ -12597,9 +12590,7 @@ NOTE: http://www.spinics.net/lists/netfilter-devel/msg33430.html CVE-2014-8159 (The InfiniBand (IB) implementation in the Linux kernel package before ...) - linux 3.16.7-ckt9-1 - [wheezy] - linux <unfixed> - linux-2.6 <removed> - [squeeze] - linux-2.6 <unfixed> CVE-2014-8158 (Multiple stack-based buffer overflows in jpc_qmfb.c in JasPer 1.900.1 ...) {DSA-3138-1 DLA-138-1} - jasper 1.900.1-debian1-2.4 (bug #775970) @@ -25120,7 +25111,6 @@ - linux 3.16.2-2 [wheezy] - linux 3.2.63-1 - linux-2.6 <removed> - [squeeze] - linux-2.6 <unfixed> NOTE: https://code.google.com/p/google-security-research/issues/detail?id=91 NOTE: Upstream fix: https://git.kernel.org/linus/4ab25786c87eb20857bbb715c3ae34ec8fd6a214 (v3.17-rc2) CVE-2014-3183 (Heap-based buffer overflow in the logi_dj_ll_raw_request function in ...) _______________________________________________ Secure-testing-commits mailing list Secure-testing-commits@lists.alioth.debian.org http://lists.alioth.debian.org/cgi-bin/mailman/listinfo/secure-testing-commits