Author: carnil
Date: 2016-01-03 05:43:15 +0000 (Sun, 03 Jan 2016)
New Revision: 38653
Modified:
data/CVE/list
Log:
Update CVEs for linux fixed in unstable
Modified: data/CVE/list
===================================================================
--- data/CVE/list 2016-01-02 21:10:13 UTC (rev 38652)
+++ data/CVE/list 2016-01-03 05:43:15 UTC (rev 38653)
@@ -881,7 +881,7 @@
CVE-2016-0931
RESERVED
CVE-2015-8660 (The ovl_setattr function in fs/overlayfs/inode.c in the Linux
kernel ...)
- - linux <unfixed>
+ - linux 4.3.3-3
[jessie] - linux <not-affected> (Vulnerable code not present)
[wheezy] - linux <not-affected> (Vulnerable code not present)
- linux-2.6 <not-affected> (Vulnerable code not present)
@@ -1165,7 +1165,7 @@
NOTE:
https://github.com/blueman-project/blueman/commit/a3845bbed5fdddf14daec436b7e74f62719a71c1
NOTE: http://www.openwall.com/lists/oss-security/2015/12/18/6
CVE-2015-8709 [privilege escalation in user namespaces]
- - linux <unfixed>
+ - linux 4.3.3-3
[wheezy] - linux <not-affected> (Vulnerable code not present)
- linux-2.6 <not-affected> (Vulnerable code not present)
NOTE: CVE Request:
http://www.openwall.com/lists/oss-security/2015/12/17/12
@@ -1579,7 +1579,7 @@
CVE-2015-8575 [sco_sock_bind issue]
RESERVED
{DLA-378-1}
- - linux <unfixed>
+ - linux 4.3.3-3
- linux-2.6 <removed>
NOTE: Upstream commit:
https://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=5233252fce714053f0151680933571a2da9cbfb4
(v4.4-rc6)
CVE-2015-8566 (The Session package 1.x before 1.3.1 for Joomla! Framework
allows ...)
@@ -1617,7 +1617,7 @@
CVE-2015-8552 [Linux pciback missing sanity checks leading to crash]
RESERVED
[experimental] - linux 4.4~rc6-1~exp1
- - linux <unfixed>
+ - linux 4.3.3-3
- linux-2.6 <removed>
[squeeze] - linux-2.6 <no-dsa> (Xen not supported in Squeeze LTS)
NOTE: http://xenbits.xen.org/xsa/advisory-157.html
@@ -1629,7 +1629,7 @@
CVE-2015-8551 [Linux pciback missing sanity checks leading to crash]
RESERVED
[experimental] - linux 4.4~rc6-1~exp1
- - linux <unfixed>
+ - linux 4.3.3-3
- linux-2.6 <removed>
[squeeze] - linux-2.6 <no-dsa> (Xen not supported in Squeeze LTS)
NOTE: http://xenbits.xen.org/xsa/advisory-157.html
@@ -1641,7 +1641,7 @@
CVE-2015-8550 [paravirtualized drivers incautious about shared memory contents]
RESERVED
[experimental] - linux 4.4~rc6-1~exp1
- - linux <unfixed>
+ - linux 4.3.3-3
- linux-2.6 <removed>
[squeeze] - linux-2.6 <no-dsa> (Xen not supported in Squeeze LTS)
- qemu <unfixed> (bug #809229)
@@ -1661,7 +1661,7 @@
CVE-2015-8549
RESERVED
CVE-2015-8569 (The (1) pptp_bind and (2) pptp_connect functions in ...)
- - linux <unfixed>
+ - linux 4.3.3-3
- linux-2.6 <removed>
[squeeze] - linux-2.6 <not-affected> (Vulnerable code introduced later)
NOTE: http://www.openwall.com/lists/oss-security/2015/12/15/7
@@ -6054,7 +6054,7 @@
CVE-2015-7550 [Linux keyring subsystem race leads to null dereference]
RESERVED
{DLA-378-1}
- - linux <unfixed>
+ - linux 4.3.3-3
- linux-2.6 <removed>
NOTE:
https://git.kernel.org/linus/b4a1b4f5047e4f54e194681125c74c0aa64d637d
CVE-2015-7549 [pci: msi-x: null pointer dereference issue]
@@ -6154,7 +6154,7 @@
- ironic 1:4.2.2-1 (bug #807269)
CVE-2015-7513 [Reload pit counters for all channels when restoring state]
RESERVED
- - linux <unfixed>
+ - linux 4.3.3-3
- linux-2.6 <removed>
NOTE:
https://git.kernel.org/linus/0185604c2d82c560dab2f2933a18f797e74ab5a8 (v4.4-rc7)
CVE-2015-7512 [net: pcnet: buffer overflow in non-loopback mode]
_______________________________________________
Secure-testing-commits mailing list
Secure-testing-commits@lists.alioth.debian.org
http://lists.alioth.debian.org/cgi-bin/mailman/listinfo/secure-testing-commits
