Author: carnil Date: 2017-08-13 16:04:10 +0000 (Sun, 13 Aug 2017) New Revision: 54719
Modified: data/CVE/list Log: Add fixing version for src:linux upload to unstable Modified: data/CVE/list =================================================================== --- data/CVE/list 2017-08-13 15:29:41 UTC (rev 54718) +++ data/CVE/list 2017-08-13 16:04:10 UTC (rev 54719) @@ -133,12 +133,12 @@ CVE-2017-12778 RESERVED CVE-2017-1000112 [Exploitable memory corruption due to UFO to non-UFO path switch] - - linux <unfixed> (low) + - linux 4.12.6-1 (low) NOTE: Introduced by: https://git.kernel.org/linus/e89e9cf539a28df7d0eb1d0a545368e9920b34ac (2.6.15-rc1) NOTE: Fixed by: https://git.kernel.org/linus/85f1bd9a7b5a79d5baa8bf44af19658f7bf77bfa NOTE: Harmless in Debian since unprivileged user namespaces are disabled CVE-2017-1000111 [heap out-of-bounds in AF_PACKET sockets] - - linux <unfixed> + - linux 4.12.6-1 NOTE: Introduced by: https://git.kernel.org/linus/8913336a7e8d56e984109a3137d6c0e3362596a4 (2.6.27-rc1) NOTE: Fixed by: https://git.kernel.org/linus/c27927e372f0785f3303e8fad94b85945e2c97b7 NOTE: Non-privileged user namespaces disabled by default, only exploitable by arbitrary user if sysctl kernel.unprivileged_userns_clone=1 @@ -2984,7 +2984,7 @@ CVE-2017-11601 RESERVED CVE-2017-11600 (net/xfrm/xfrm_policy.c in the Linux kernel through 4.12.3, when ...) - - linux <unfixed> + - linux 4.12.6-1 NOTE: http://seclists.org/bugtraq/2017/Jul/30 CVE-2017-11599 RESERVED @@ -5713,7 +5713,7 @@ NOTE: Fixed by (master): http://git.qemu.org/?p=qemu.git;a=commitdiff;h=041e32b8d9d076980b4e35317c0339e57ab888f1 CVE-2017-10663 [f2fs: sanity check checkpoint segno and blkoff] RESERVED - - linux <unfixed> + - linux 4.12.6-1 NOTE: Fixed by: https://git.kernel.org/linus/15d3042a937c13f5d9244241c7a9c8416ff6e82a (v4.13-rc1) CVE-2017-10662 [f2fs: sanity check segment count] RESERVED @@ -10909,7 +10909,7 @@ CVE-2017-8832 (Allen Disk 1.6 has XSS in the id parameter to downfile.php. ...) NOT-FOR-US: Allen Disk CVE-2017-8831 (The saa7164_bus_get function in drivers/media/pci/saa7164/saa7164-bus.c ...) - - linux <unfixed> + - linux 4.12.6-1 NOTE: https://bugzilla.kernel.org/show_bug.cgi?id=195559 CVE-2017-8830 (In ImageMagick 7.0.5-6, the ReadBMPImage function in bmp.c:1379 allows ...) {DSA-3863-1 DLA-960-1} @@ -14712,11 +14712,11 @@ NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=1473792 CVE-2017-7542 (The ip6_find_1stfragopt function in net/ipv6/output_core.c in the Linux ...) {DSA-3927-1} - - linux <unfixed> + - linux 4.12.6-1 NOTE: Fixed by: https://git.kernel.org/linus/6399f1fae4ec29fab5ec76070435555e256ca3a6 CVE-2017-7541 (The brcmf_cfg80211_mgmt_tx function in ...) {DSA-3927-1} - - linux <unfixed> + - linux 4.12.6-1 [wheezy] - linux <not-affected> (Vulnerable code not present) NOTE: Fixed by: https://git.kernel.org/linus/8f44c9a41386729fea410e688959ddaa9d51be7c CVE-2017-7540 (rubygem-safemode, as used in Foreman, versions 1.3.2 and earlier are ...) @@ -14744,7 +14744,7 @@ RESERVED CVE-2017-7533 (Race condition in the fsnotify implementation in the Linux kernel ...) {DSA-3927-1} - - linux <unfixed> + - linux 4.12.6-1 [wheezy] - linux <not-affected> (Vulnerable code not present) NOTE: http://www.openwall.com/lists/oss-security/2017/08/03/2 NOTE: Fixed by: https://git.kernel.org/linus/49d31c2f389acfe83417083e1208422b4091cd9 (v4.13-rc1) _______________________________________________ Secure-testing-commits mailing list Secure-testing-commits@lists.alioth.debian.org http://lists.alioth.debian.org/cgi-bin/mailman/listinfo/secure-testing-commits