Author: carnil Date: 2017-07-17 19:43:01 +0000 (Mon, 17 Jul 2017) New Revision: 53586
Modified: data/CVE/list Log: Record fixes for src:linux to unstable Modified: data/CVE/list =================================================================== --- data/CVE/list 2017-07-17 19:34:57 UTC (rev 53585) +++ data/CVE/list 2017-07-17 19:43:01 UTC (rev 53586) @@ -461,7 +461,7 @@ CVE-2017-11177 RESERVED CVE-2017-11176 (The mq_notify function in the Linux kernel through 4.11.9 does not set ...) - - linux <unfixed> + - linux 4.11.11-1 NOTE: Fixed by: https://git.kernel.org/linus/f991af3daabaecff34684fd51fac80319d1baad1 CVE-2017-11175 RESERVED @@ -1616,7 +1616,7 @@ CVE-2017-10811 RESERVED CVE-2017-10810 (Memory leak in the virtio_gpu_object_create function in ...) - - linux <unfixed> (low) + - linux 4.11.11-1 (low) [jessie] - linux <not-affected> (Vulnerable code not present) [wheezy] - linux <not-affected> (Vulnerable code not present) NOTE: Fixed by: https://git.kernel.org/linux/385aee965b4e4c36551c362a334378d2985b722a @@ -3976,7 +3976,7 @@ - xen <unfixed> NOTE: https://xenbits.xen.org/xsa/advisory-217.html CVE-2017-10911 (The make_response function in drivers/block/xen-blkback/blkback.c in ...) - - linux <unfixed> + - linux 4.11.11-1 - qemu <unfixed> NOTE: https://xenbits.xen.org/xsa/advisory-216.html CVE-2017-1000381 (The c-ares function `ares_parse_naptr_reply()`, which is used for ...) @@ -4030,7 +4030,7 @@ [stretch] - linux 4.9.30-2+deb9u1 NOTE: https://www.qualys.com/2017/06/19/stack-clash/stack-clash.txt CVE-2017-1000365 (The Linux Kernel imposes a size restriction on the arguments and ...) - - linux <unfixed> + - linux 4.11.11-1 NOTE: https://www.qualys.com/2017/06/19/stack-clash/stack-clash.txt NOTE: Fixed by: https://git.kernel.org/linus/98da7d08850fb8bdeb395d6368ed15753304aa0c CVE-2017-1000366 (glibc contains a vulnerability that allows specially crafted ...) @@ -4043,11 +4043,11 @@ - exim4 4.89-3 NOTE: https://www.qualys.com/2017/06/19/stack-clash/stack-clash.txt CVE-2017-1000370 (The offset2lib patch as used in the Linux Kernel contains a ...) - - linux <unfixed> + - linux 4.11.11-1 [wheezy] - linux <not-affected> (Memory layout is different) NOTE: https://www.qualys.com/2017/06/19/stack-clash/stack-clash.txt CVE-2017-1000371 (The offset2lib patch as used by the Linux Kernel contains a ...) - - linux <unfixed> + - linux 4.11.11-1 [wheezy] - linux <not-affected> (Memory layout is different) NOTE: https://www.qualys.com/2017/06/19/stack-clash/stack-clash.txt CVE-2017-1000376 (libffi requests an executable stack allowing attackers to more easily ...) @@ -10682,7 +10682,7 @@ NOTE: http://tracker.ceph.com/issues/20240 CVE-2017-7518 [debug exception via syscall emulation] RESERVED - - linux <unfixed> + - linux 4.11.11-1 [wheezy] - linux <not-affected> (Vulnerable code not present) NOTE: http://www.openwall.com/lists/oss-security/2017/06/23/5 NOTE: https://www.spinics.net/lists/kvm/msg151817.html @@ -10835,7 +10835,7 @@ NOTE: http://www.openwall.com/lists/oss-security/2017/05/01/15 CVE-2017-7482 RESERVED - - linux <unfixed> + - linux 4.11.11-1 NOTE: Fixed by: https://git.kernel.org/linus/5f2f97656ada8d811d3c1bef503ced266fcd53a0 CVE-2017-7481 [Security issue with lookup return not tainting the jinja2 environment] RESERVED _______________________________________________ Secure-testing-commits mailing list Secure-testing-commits@lists.alioth.debian.org http://lists.alioth.debian.org/cgi-bin/mailman/listinfo/secure-testing-commits