[Secure-testing-commits] r56499 - data/CVE

Sat, 07 Oct 2017 10:04:41 -0700 

Author: jmm
Date: 2017-10-07 17:01:57 +0000 (Sat, 07 Oct 2017)
New Revision: 56499

Modified:
   data/CVE/list
Log:
one more linux issue fixed in stretch
one linux issue ignored for stretch


Modified: data/CVE/list
===================================================================
--- data/CVE/list       2017-10-07 15:08:45 UTC (rev 56498)
+++ data/CVE/list       2017-10-07 17:01:57 UTC (rev 56499)
@@ -12546,6 +12546,7 @@
        NOTE: Fixed by (master): 
http://git.qemu.org/?p=qemu.git;a=commitdiff;h=041e32b8d9d076980b4e35317c0339e57ab888f1
 CVE-2017-10663 (The sanity_check_ckpt function in fs/f2fs/super.c in the Linux 
kernel ...)
        - linux 4.12.6-1
+       [stretch] - linux 4.9.51-1
        [wheezy] - linux <not-affected> (Vulnerable code not present)
        NOTE: Fixed by: 
https://git.kernel.org/linus/15d3042a937c13f5d9244241c7a9c8416ff6e82a 
(v4.13-rc1)
 CVE-2017-10662 (The sanity_check_raw_super function in fs/f2fs/super.c in the 
Linux ...)
@@ -46069,7 +46070,7 @@
        NOTE: Introduced by: 
htttps://git.kernel.org/linus/bf5a755f5e9186406bbf50f4087100af5bd68e40
        NOTE: http://www.openwall.com/lists/oss-security/2016/10/13/11
 CVE-2016-8660 (The XFS subsystem in the Linux kernel through 4.8.2 allows 
local users ...)
-       - linux <unfixed>
+       - linux <unfixed> (low)
        [jessie] - linux <not-affected> (Vulnerable code not present)
        [wheezy] - linux <not-affected> (Vulnerable code not present)
 CVE-2016-8659 (Bubblewrap before 0.1.3 sets the PR_SET_DUMPABLE flag, which 
might ...)
@@ -72475,6 +72476,7 @@
        NOTE: http://xenbits.xen.org/xsa/advisory-164.html
 CVE-2015-8553 (Xen allows guest OS users to obtain sensitive information from 
...)
        - linux <unfixed>
+       [stretch] - linux <ignored> (Intrusive; breaks qemu as used in Jessie; 
cf. kernel-sec for more details)
        [jessie] - linux <ignored> (Intrusive; breaks qemu as used in Jessie; 
cf. kernel-sec for more details)
        [wheezy] - linux <ignored> (Intrusive; breaks qemu as used in Wheezy; 
cf. kernel-sec for more details)
        - linux-2.6 <removed>


_______________________________________________
Secure-testing-commits mailing list
Secure-testing-commits@lists.alioth.debian.org
http://lists.alioth.debian.org/cgi-bin/mailman/listinfo/secure-testing-commits

Reply via email to