Author: carnil
Date: 2015-04-13 05:10:09 +0000 (Mon, 13 Apr 2015)
New Revision: 33545
Modified:
data/CVE/list
Log:
Remove explicity unfixed tagged entries in wheezy and squeeze
Modified: data/CVE/list
===================================================================
--- data/CVE/list 2015-04-12 21:25:13 UTC (rev 33544)
+++ data/CVE/list 2015-04-13 05:10:09 UTC (rev 33545)
@@ -456,9 +456,7 @@
CVE-2015-2922 [IPv6 Hop limit lowering via RA messages]
RESERVED
- linux 3.16.7-ckt9-1
- [wheezy] - linux <unfixed>
- linux-2.6 <removed>
- [squeeze] - linux-2.6 <unfixed>
NOTE: Upstream commit:
https://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=6fd99094de2b83d1d4c8457f2c83483b2828e75a
CVE-2015-2829
RESERVED
@@ -503,9 +501,7 @@
CVE-2015-2830 [Linux mishandles int80 fork from 64-bit tasks]
RESERVED
- linux 3.16.7-ckt9-1
- [wheezy] - linux <unfixed>
- linux-2.6 <removed>
- [squeeze] - linux-2.6 <unfixed>
NOTE: Upstream commit:
https://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=956421fbb74c3a6261903f3836c0740187cf038b
(v4.0-rc3)
NOTE: http://www.openwall.com/lists/oss-security/2015/04/02/1
CVE-2015-XXXX [Signature Bypass in several JSON Web Token Libraries]
@@ -1953,7 +1949,6 @@
RESERVED
- linux 3.2.20-1
- linux-2.6 3.2.1-1
- [squeeze] - linux-2.6 <unfixed>
NOTE: Upstream fix:
https://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=c290f8358acaeffd8e0c551ddcc24d1206143376
(v3.2-rc1)
NOTE: Introduced by:
https://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=4a2b5fddd53b80efcb3266ee36e23b8de28e761a
(v2.6.28-rc1)
NOTE: 3.2.20-1 is the first version after the src:linux-2.6 ->
src:linux rename.
@@ -3704,7 +3699,6 @@
{DSA-3170-1}
- linux 3.16.7-ckt4-1
- linux-2.6 <removed>
- [squeeze] - linux-2.6 <unfixed>
NOTE: Upstream fix:
https://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=942080643bce061c3dd9d5718d3b745dcb39a8bc
(v3.19-rc1)
CVE-2013-7436 [session hijack through insecurely set session token cookies]
RESERVED
@@ -4262,7 +4256,6 @@
- linux 3.6.4-1
[wheezy] - linux 3.2.30-1
- linux-2.6 <removed>
- [squeeze] - linux-2.6 <unfixed>
NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=848949
NOTE: http://www.openwall.com/lists/oss-security/2015/02/06/13
NOTE: Upstream commit:
https://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=20e1db19db5d6b9e4e83021595eab0dc8f107bef
(v3.6-rc5)
@@ -12597,9 +12590,7 @@
NOTE: http://www.spinics.net/lists/netfilter-devel/msg33430.html
CVE-2014-8159 (The InfiniBand (IB) implementation in the Linux kernel package
before ...)
- linux 3.16.7-ckt9-1
- [wheezy] - linux <unfixed>
- linux-2.6 <removed>
- [squeeze] - linux-2.6 <unfixed>
CVE-2014-8158 (Multiple stack-based buffer overflows in jpc_qmfb.c in JasPer
1.900.1 ...)
{DSA-3138-1 DLA-138-1}
- jasper 1.900.1-debian1-2.4 (bug #775970)
@@ -25120,7 +25111,6 @@
- linux 3.16.2-2
[wheezy] - linux 3.2.63-1
- linux-2.6 <removed>
- [squeeze] - linux-2.6 <unfixed>
NOTE:
https://code.google.com/p/google-security-research/issues/detail?id=91
NOTE: Upstream fix:
https://git.kernel.org/linus/4ab25786c87eb20857bbb715c3ae34ec8fd6a214
(v3.17-rc2)
CVE-2014-3183 (Heap-based buffer overflow in the logi_dj_ll_raw_request
function in ...)
_______________________________________________
Secure-testing-commits mailing list
Secure-testing-commits@lists.alioth.debian.org
http://lists.alioth.debian.org/cgi-bin/mailman/listinfo/secure-testing-commits
