This is the most recent e-mail. (Still no update in sight.)

Thank you,
Christian

---------- Forwarded message ----------
From: <[email protected]>
Date: 2016-05-09 2:00 GMT+02:00
Subject: Debian security status of crabtree
To: [email protected]


Security report based on the jessie release

*** Available security updates

CVE-2013-4312 The Linux kernel before 4.4.1 allows local users to...
  <http://security-tracker.debian.org/tracker/CVE-2013-4312>
  - linux-image-3.16.0-4-amd64 (medium urgency)

CVE-2013-7446 Use-after-free vulnerability in net/unix/af_unix.c in...
  <http://security-tracker.debian.org/tracker/CVE-2013-7446>
  - linux-image-3.16.0-4-amd64 (medium urgency)

CVE-2015-1333 Memory leak in the __key_link_end function in...
  <http://security-tracker.debian.org/tracker/CVE-2015-1333>
  - linux-image-3.16.0-4-amd64 (medium urgency)

CVE-2015-1339 Memory leak in the cuse_channel_release function in...
  <http://security-tracker.debian.org/tracker/CVE-2015-1339>
  - linux-image-3.16.0-4-amd64 (medium urgency)

CVE-2015-2925 The prepend_path function in fs/dcache.c in the Linux...
  <http://security-tracker.debian.org/tracker/CVE-2015-2925>
  - linux-image-3.16.0-4-amd64 (medium urgency)

CVE-2015-3212 Race condition in net/sctp/socket.c in the Linux...
  <http://security-tracker.debian.org/tracker/CVE-2015-3212>
  - linux-image-3.16.0-4-amd64 (medium urgency)

CVE-2015-3288 zero page memory arbitrary modification
  <http://security-tracker.debian.org/tracker/CVE-2015-3288>
  - linux-image-3.16.0-4-amd64

CVE-2015-3290 arch/x86/entry/entry_64.S in the Linux kernel before...
  <http://security-tracker.debian.org/tracker/CVE-2015-3290>
  - linux-image-3.16.0-4-amd64 (high urgency)

CVE-2015-3291 arch/x86/entry/entry_64.S in the Linux kernel before...
  <http://security-tracker.debian.org/tracker/CVE-2015-3291>
  - linux-image-3.16.0-4-amd64 (low urgency)

CVE-2015-3636 The ping_unhash function in net/ipv4/ping.c in the...
  <http://security-tracker.debian.org/tracker/CVE-2015-3636>
  - linux-image-3.16.0-4-amd64 (medium urgency)

CVE-2015-4167 The udf_read_inode function in fs/udf/inode.c in the...
  <http://security-tracker.debian.org/tracker/CVE-2015-4167>
  - linux-image-3.16.0-4-amd64 (medium urgency)

CVE-2015-4692 The kvm_apic_has_events function in...
  <http://security-tracker.debian.org/tracker/CVE-2015-4692>
  - linux-image-3.16.0-4-amd64 (medium urgency)

CVE-2015-4700 The bpf_int_jit_compile function in...
  <http://security-tracker.debian.org/tracker/CVE-2015-4700>
  - linux-image-3.16.0-4-amd64 (medium urgency)

CVE-2015-5156 The virtnet_probe function in...
  <http://security-tracker.debian.org/tracker/CVE-2015-5156>
  - linux-image-3.16.0-4-amd64 (remotely exploitable, medium urgency)

CVE-2015-5157 arch/x86/entry/entry_64.S in the Linux kernel before...
  <http://security-tracker.debian.org/tracker/CVE-2015-5157>
  - linux-image-3.16.0-4-amd64 (high urgency)

CVE-2015-5257 drivers/usb/serial/whiteheat.c in the Linux kernel...
  <http://security-tracker.debian.org/tracker/CVE-2015-5257>
  - linux-image-3.16.0-4-amd64 (medium urgency)

CVE-2015-5283 The sctp_init function in net/sctp/protocol.c in the...
  <http://security-tracker.debian.org/tracker/CVE-2015-5283>
  - linux-image-3.16.0-4-amd64 (medium urgency)

CVE-2015-5307 The KVM subsystem in the Linux kernel through 4.2.6,...
  <http://security-tracker.debian.org/tracker/CVE-2015-5307>
  - linux-image-3.16.0-4-amd64 (medium urgency)

CVE-2015-5364 The (1) udp_recvmsg and (2) udpv6_recvmsg functions...
  <http://security-tracker.debian.org/tracker/CVE-2015-5364>
  - linux-image-3.16.0-4-amd64 (remotely exploitable, high urgency)

CVE-2015-5366 The (1) udp_recvmsg and (2) udpv6_recvmsg functions...
  <http://security-tracker.debian.org/tracker/CVE-2015-5366>
  - linux-image-3.16.0-4-amd64 (remotely exploitable, medium urgency)

CVE-2015-5697 The get_bitmap_file function in drivers/md/md.c in...
  <http://security-tracker.debian.org/tracker/CVE-2015-5697>
  - linux-image-3.16.0-4-amd64 (low urgency)

CVE-2015-5706 Use-after-free vulnerability in the path_openat...
  <http://security-tracker.debian.org/tracker/CVE-2015-5706>
  - linux-image-3.16.0-4-amd64 (medium urgency)

CVE-2015-5707 Integer overflow in the sg_start_req function in...
  <http://security-tracker.debian.org/tracker/CVE-2015-5707>
  - linux-image-3.16.0-4-amd64 (medium urgency)

CVE-2015-6252 The vhost_dev_ioctl function in drivers/vhost/vhost.c...
  <http://security-tracker.debian.org/tracker/CVE-2015-6252>
  - linux-image-3.16.0-4-amd64 (low urgency)

CVE-2015-6526 The perf_callchain_user_64 function in...
  <http://security-tracker.debian.org/tracker/CVE-2015-6526>
  - linux-image-3.16.0-4-amd64 (medium urgency)

CVE-2015-6937 The __rds_conn_create function in...
  <http://security-tracker.debian.org/tracker/CVE-2015-6937>
  - linux-image-3.16.0-4-amd64 (remotely exploitable, high urgency)

CVE-2015-7312 Multiple race conditions in the Advanced Union...
  <http://security-tracker.debian.org/tracker/CVE-2015-7312>
  - linux-image-3.16.0-4-amd64 (medium urgency)

CVE-2015-7513 arch/x86/kvm/x86.c in the Linux kernel before 4.4...
  <http://security-tracker.debian.org/tracker/CVE-2015-7513>
  - linux-image-3.16.0-4-amd64 (medium urgency)

CVE-2015-7550 The keyctl_read_key function in...
  <http://security-tracker.debian.org/tracker/CVE-2015-7550>
  - linux-image-3.16.0-4-amd64 (medium urgency)

CVE-2015-7566 The clie_5_attach function in...
  <http://security-tracker.debian.org/tracker/CVE-2015-7566>
  - linux-image-3.16.0-4-amd64 (medium urgency)

CVE-2015-7613 Race condition in the IPC object implementation in...
  <http://security-tracker.debian.org/tracker/CVE-2015-7613>
  - linux-image-3.16.0-4-amd64 (medium urgency)

CVE-2015-7799 The slhc_init function in drivers/net/slip/slhc.c in...
  <http://security-tracker.debian.org/tracker/CVE-2015-7799>
  - linux-image-3.16.0-4-amd64 (medium urgency)

CVE-2015-7833 The usbvision driver in the Linux kernel package...
  <http://security-tracker.debian.org/tracker/CVE-2015-7833>
  - linux-image-3.16.0-4-amd64 (medium urgency)

CVE-2015-7872 The key_gc_unused_keys function in security/keys/gc.c...
  <http://security-tracker.debian.org/tracker/CVE-2015-7872>
  - linux-image-3.16.0-4-amd64 (low urgency)

CVE-2015-7884 The vivid_fb_ioctl function in ...
  <http://security-tracker.debian.org/tracker/CVE-2015-7884>
  - linux-image-3.16.0-4-amd64 (low urgency)

CVE-2015-7990 Race condition in the rds_sendmsg function in...
  <http://security-tracker.debian.org/tracker/CVE-2015-7990>
  - linux-image-3.16.0-4-amd64 (medium urgency)

CVE-2015-8104 The KVM subsystem in the Linux kernel through 4.2.6,...
  <http://security-tracker.debian.org/tracker/CVE-2015-8104>
  - linux-image-3.16.0-4-amd64 (medium urgency)

CVE-2015-8215 net/ipv6/addrconf.c in the IPv6 stack in the Linux...
  <http://security-tracker.debian.org/tracker/CVE-2015-8215>
  - linux-image-3.16.0-4-amd64 (remotely exploitable, medium urgency)

CVE-2015-8374 fs/btrfs/inode.c in the Linux kernel before 4.3.3...
  <http://security-tracker.debian.org/tracker/CVE-2015-8374>
  - linux-image-3.16.0-4-amd64 (low urgency)

CVE-2015-8543 The networking implementation in the Linux kernel...
  <http://security-tracker.debian.org/tracker/CVE-2015-8543>
  - linux-image-3.16.0-4-amd64 (medium urgency)

CVE-2015-8550 Xen, when used on a system providing PV backends,...
  <http://security-tracker.debian.org/tracker/CVE-2015-8550>
  - linux-image-3.16.0-4-amd64 (medium urgency)

CVE-2015-8551 The PCI backend driver in Xen, when running on an x86...
  <http://security-tracker.debian.org/tracker/CVE-2015-8551>
  - linux-image-3.16.0-4-amd64 (medium urgency)

CVE-2015-8552 The PCI backend driver in Xen, when running on an x86...
  <http://security-tracker.debian.org/tracker/CVE-2015-8552>
  - linux-image-3.16.0-4-amd64 (low urgency)

CVE-2015-8569 The (1) pptp_bind and (2) pptp_connect functions in ...
  <http://security-tracker.debian.org/tracker/CVE-2015-8569>
  - linux-image-3.16.0-4-amd64 (low urgency)

CVE-2015-8575 The sco_sock_bind function in net/bluetooth/sco.c in...
  <http://security-tracker.debian.org/tracker/CVE-2015-8575>
  - linux-image-3.16.0-4-amd64 (low urgency)

CVE-2015-8660 The ovl_setattr function in fs/overlayfs/inode.c in...
  <http://security-tracker.debian.org/tracker/CVE-2015-8660>
  - linux-image-3.16.0-4-amd64 (high urgency)

CVE-2015-8709 ** DISPUTED ** kernel/ptrace.c in the Linux kernel...
  <http://security-tracker.debian.org/tracker/CVE-2015-8709>
  - linux-image-3.16.0-4-amd64 (medium urgency)

CVE-2015-8746 fs/nfs/nfs4proc.c in the NFS client in the Linux...
  <http://security-tracker.debian.org/tracker/CVE-2015-8746>
  - linux-image-3.16.0-4-amd64 (remotely exploitable, medium urgency)

CVE-2015-8767 net/sctp/sm_sideeffect.c in the Linux kernel before...
  <http://security-tracker.debian.org/tracker/CVE-2015-8767>
  - linux-image-3.16.0-4-amd64 (remotely exploitable, medium urgency)

CVE-2015-8785 The fuse_fill_write_pages function in fs/fuse/file.c...
  <http://security-tracker.debian.org/tracker/CVE-2015-8785>
  - linux-image-3.16.0-4-amd64 (medium urgency)

CVE-2015-8787 The nf_nat_redirect_ipv4 function in...
  <http://security-tracker.debian.org/tracker/CVE-2015-8787>
  - linux-image-3.16.0-4-amd64 (remotely exploitable, high urgency)

CVE-2015-8812 drivers/infiniband/hw/cxgb3/iwch_cm.c in the Linux...
  <http://security-tracker.debian.org/tracker/CVE-2015-8812>
  - linux-image-3.16.0-4-amd64 (remotely exploitable, high urgency)

CVE-2015-8816 The hub_activate function in drivers/usb/core/hub.c...
  <http://security-tracker.debian.org/tracker/CVE-2015-8816>
  - linux-image-3.16.0-4-amd64 (high urgency)

CVE-2015-8830 Integer overflow in the aio_setup_single_vector...
  <http://security-tracker.debian.org/tracker/CVE-2015-8830>
  - linux-image-3.16.0-4-amd64 (high urgency)

CVE-2016-0723 Race condition in the tty_ioctl function in...
  <http://security-tracker.debian.org/tracker/CVE-2016-0723>
  - linux-image-3.16.0-4-amd64 (medium urgency)

CVE-2016-0728 The join_session_keyring function in...
  <http://security-tracker.debian.org/tracker/CVE-2016-0728>
  - linux-image-3.16.0-4-amd64 (high urgency)

CVE-2016-0823 The pagemap_open function in fs/proc/task_mmu.c in...
  <http://security-tracker.debian.org/tracker/CVE-2016-0823>
  - linux-image-3.16.0-4-amd64 (low urgency)

CVE-2016-1575 The overlayfs implementation in the Linux kernel...
  <http://security-tracker.debian.org/tracker/CVE-2016-1575>
  - linux-image-3.16.0-4-amd64 (high urgency)

CVE-2016-1576 The overlayfs implementation in the Linux kernel...
  <http://security-tracker.debian.org/tracker/CVE-2016-1576>
  - linux-image-3.16.0-4-amd64 (high urgency)

CVE-2016-2069 Race condition in arch/x86/mm/tlb.c in the Linux...
  <http://security-tracker.debian.org/tracker/CVE-2016-2069>
  - linux-image-3.16.0-4-amd64 (medium urgency)

CVE-2016-2070 The tcp_cwnd_reduction function in...
  <http://security-tracker.debian.org/tracker/CVE-2016-2070>
  - linux-image-3.16.0-4-amd64 (remotely exploitable, high urgency)

CVE-2016-2085 The evm_verify_hmac function in...
  <http://security-tracker.debian.org/tracker/CVE-2016-2085>
  - linux-image-3.16.0-4-amd64 (low urgency)

CVE-2016-2383 The adjust_branches function in kernel/bpf/verifier.c...
  <http://security-tracker.debian.org/tracker/CVE-2016-2383>
  - linux-image-3.16.0-4-amd64 (low urgency)

CVE-2016-2384 Double free vulnerability in the snd_usbmidi_create...
  <http://security-tracker.debian.org/tracker/CVE-2016-2384>
  - linux-image-3.16.0-4-amd64 (medium urgency)

CVE-2016-2543 The snd_seq_ioctl_remove_events function in ...
  <http://security-tracker.debian.org/tracker/CVE-2016-2543>
  - linux-image-3.16.0-4-amd64 (medium urgency)

CVE-2016-2544 Race condition in the queue_delete function in ...
  <http://security-tracker.debian.org/tracker/CVE-2016-2544>
  - linux-image-3.16.0-4-amd64 (medium urgency)

CVE-2016-2545 The snd_timer_interrupt function in...
  <http://security-tracker.debian.org/tracker/CVE-2016-2545>
  - linux-image-3.16.0-4-amd64 (medium urgency)

CVE-2016-2546 sound/core/timer.c in the Linux kernel before 4.4.1...
  <http://security-tracker.debian.org/tracker/CVE-2016-2546>
  - linux-image-3.16.0-4-amd64 (medium urgency)

CVE-2016-2547 sound/core/timer.c in the Linux kernel before 4.4.1...
  <http://security-tracker.debian.org/tracker/CVE-2016-2547>
  - linux-image-3.16.0-4-amd64 (medium urgency)

CVE-2016-2548 sound/core/timer.c in the Linux kernel before 4.4.1...
  <http://security-tracker.debian.org/tracker/CVE-2016-2548>
  - linux-image-3.16.0-4-amd64 (medium urgency)

CVE-2016-2549 sound/core/hrtimer.c in the Linux kernel before 4.4.1...
  <http://security-tracker.debian.org/tracker/CVE-2016-2549>
  - linux-image-3.16.0-4-amd64 (low urgency)

CVE-2016-2550 The Linux kernel before 4.5 allows local users to...
  <http://security-tracker.debian.org/tracker/CVE-2016-2550>
  - linux-image-3.16.0-4-amd64 (medium urgency)

CVE-2016-2782 The treo_attach function in...
  <http://security-tracker.debian.org/tracker/CVE-2016-2782>
  - linux-image-3.16.0-4-amd64 (medium urgency)

CVE-2016-2847 fs/pipe.c in the Linux kernel before 4.5 does not...
  <http://security-tracker.debian.org/tracker/CVE-2016-2847>
  - linux-image-3.16.0-4-amd64 (medium urgency)

*** New vulnerabilities

CVE-2015-8842 tmpfiles.d/systemd.conf in systemd before 229 uses...
  <http://security-tracker.debian.org/tracker/CVE-2015-8842>
  - libudev1, libpam-systemd, systemd-sysv, libsystemd0, udev, systemd
    (low urgency)

CVE-2016-2053 The asn1_ber_decoder function in lib/asn1_decoder.c...
  <http://security-tracker.debian.org/tracker/CVE-2016-2053>
  - linux-image-3.16.0-4-amd64 (remotely exploitable, high urgency)

*** Vulnerabilities without updates
[...]

Reply via email to