Salvatore Bonaccorso pushed to branch master at Debian Security Tracker /
security-tracker
Commits:
c459a97b by Salvatore Bonaccorso at 2019-06-06T20:12:01Z
Sync some kernel stati with kernel-sec decisions
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -46611,6 +46611,7 @@ CVE-2018-14614 (An issue was discovered in the Linux
kernel through 4.17.10. The
{DLA-1715-1}
- linux 4.19.9-1
[stretch] - linux 4.9.144-1
+ [jessie] - linux <ignored> (Hard to backport and low priority outside
of Android)
NOTE: https://bugzilla.kernel.org/show_bug.cgi?id=200419
CVE-2018-14613 (An issue was discovered in the Linux kernel through 4.17.10.
There is ...)
{DLA-1715-1}
@@ -50345,11 +50346,13 @@ CVE-2018-13100 (An issue was discovered in
fs/f2fs/super.c in the Linux kernel t
{DLA-1715-1}
- linux 4.18.10-1
[stretch] - linux 4.9.144-1
+ [jessie] - linux <ignored> (Hard to backport and low priority outside
of Android)
NOTE: https://bugzilla.kernel.org/show_bug.cgi?id=200183
NOTE:
https://git.kernel.org/pub/scm/linux/kernel/git/chao/linux.git/commit/?h=f2fs-dev&id=977f9bb558cb4a95d53b10301f5c739ed8867d4d
CVE-2018-13099 (An issue was discovered in fs/f2fs/inline.c in the Linux
kernel throug ...)
{DSA-4308-1 DLA-1531-1}
- linux 4.18.10-1
+ [jessie] - linux <ignored> (Hard to backport and low priority outside
of Android)
[jessie] - linux-4.9 <unfixed>
NOTE: https://bugzilla.kernel.org/show_bug.cgi?id=200179
NOTE:
https://git.kernel.org/pub/scm/linux/kernel/git/chao/linux.git/commit/?h=f2fs-dev&id=cc60e90f9bfab8d6a7fb826937e824333c3bf94a
@@ -50364,12 +50367,14 @@ CVE-2018-13097 (An issue was discovered in
fs/f2fs/super.c in the Linux kernel t
{DLA-1715-1}
- linux 4.19.9-1
[stretch] - linux 4.9.144-1
+ [jessie] - linux <ignored> (Hard to backport and low priority outside
of Android)
NOTE: https://bugzilla.kernel.org/show_bug.cgi?id=200171
NOTE:
https://git.kernel.org/pub/scm/linux/kernel/git/chao/linux.git/commit/?h=f2fs-dev&id=78bbd741456e31e0acb983283a8d3993ba859c15
CVE-2018-13096 (An issue was discovered in fs/f2fs/super.c in the Linux kernel
through ...)
{DLA-1715-1}
- linux 4.19.9-1
[stretch] - linux 4.9.144-1
+ [jessie] - linux <ignored> (Hard to backport and low priority outside
of Android)
[jessie] - linux-4.9 <unfixed>
NOTE: https://bugzilla.kernel.org/show_bug.cgi?id=200167
NOTE:
https://git.kernel.org/pub/scm/linux/kernel/git/chao/linux.git/commit/?h=f2fs-dev&id=e335cc683fd13882b9152937b06ff3c16c28aa34
@@ -61604,6 +61609,7 @@ CVE-2017-18249 (The add_free_nid function in
fs/f2fs/node.c in the Linux kernel
{DLA-1715-1}
- linux 4.12.6-1
[stretch] - linux 4.9.144-1
+ [jessie] - linux <ignored> (Hard to backport and low priority outside
of Android)
[wheezy] - linux <not-affected> (Vulnerable code not present)
[jessie] - linux-4.9 <unfixed>
NOTE: Fixed by:
https://git.kernel.org/linus/30a61ddf8117c26ac5b295e1233eaa9629a94ca3
@@ -62565,6 +62571,8 @@ CVE-2018-8718 (Cross-site request forgery (CSRF)
vulnerability in the Mailer Plu
CVE-2017-18232 (The Serial Attached SCSI (SAS) implementation in the Linux
kernel thro ...)
{DSA-4187-1}
- linux 4.15.17-1
+ [stretch] - linux <ignored> (Minor issue)
+ [jessie] - linux <ignored> (Minor issue)
[wheezy] - linux <not-affected> (Vulnerability introduced later)
[jessie] - linux-4.9 <unfixed>
NOTE: Fixed by:
https://git.kernel.org/linus/0558f33c06bb910e2879e355192227a8e8f0219d
@@ -66608,6 +66616,8 @@ CVE-2018-7274 (Yab Quarx through 2.4.3 is prone to
multiple persistent cross-sit
NOT-FOR-US: Yab Quarx
CVE-2018-7273 (In the Linux kernel through 4.15.4, the floppy driver reveals
the addr ...)
- linux 4.15.4-1
+ [stretch] - linux <ignored> (Minor issue)
+ [jessie] - linux <ignored> (Minor issue)
[wheezy] - linux <ignored> (Minor issue)
[jessie] - linux-4.9 <unfixed>
NOTE: https://lkml.org/lkml/2018/2/20/669
@@ -107865,10 +107875,12 @@ CVE-2017-10664 (qemu-nbd in QEMU (aka Quick
Emulator) does not ignore SIGPIPE, w
CVE-2017-10663 (The sanity_check_ckpt function in fs/f2fs/super.c in the Linux
kernel ...)
- linux 4.12.6-1
[stretch] - linux 4.9.47-1
+ [jessie] - linux <ignored> (Hard to backport and low priority outside
of Android)
[wheezy] - linux <not-affected> (Vulnerable code not present)
NOTE: Fixed by:
https://git.kernel.org/linus/15d3042a937c13f5d9244241c7a9c8416ff6e82a
(v4.13-rc1)
CVE-2017-10662 (The sanity_check_raw_super function in fs/f2fs/super.c in the
Linux ke ...)
- linux 4.9.30-1
+ [jessie] - linux <ignored> (Hard to backport and low priority outside
of Android)
[wheezy] - linux <not-affected> (Vulnerable code not present)
NOTE: Fixed by:
https://git.kernel.org/linus/b9dd46188edc2f0d1f37328637860bb65a771124
(v4.12-rc1)
CVE-2017-10661 (Race condition in fs/timerfd.c in the Linux kernel before
4.10.15 allo ...)
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/commit/c459a97bc7de860a7f9d36a08f35e7af3ba66be7
--
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/commit/c459a97bc7de860a7f9d36a08f35e7af3ba66be7
You're receiving this email because of your account on salsa.debian.org.
_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits
