[Secure-testing-commits] r36776 - in data: . CVE DSA

Mon, 21 Sep 2015 10:30:20 -0700 

Author: carnil
Date: 2015-09-21 17:28:53 +0000 (Mon, 21 Sep 2015)
New Revision: 36776

Modified:
   data/CVE/list
   data/DSA/list
   data/dsa-needed.txt
Log:
Reserve DSA number for linux security update

Modified: data/CVE/list
===================================================================
--- data/CVE/list       2015-09-21 15:47:05 UTC (rev 36775)
+++ data/CVE/list       2015-09-21 17:28:53 UTC (rev 36776)
@@ -830,6 +830,8 @@
        NOTE: http://www.openwall.com/lists/oss-security/2015/09/11/2
 CVE-2015-XXXX [Use-after-free in Linux kernel with aufs mmap patch]
        - linux <unfixed> (bug #796036)
+       [jessie] - linux 3.16.7-ckt11-1+deb8u4
+       NOTE: Workaround entry for DSA-3364-1 until CVE assigned
        [wheezy] - linux <not-affected> (Vulnerable code not present)
        - linux-2.6 <not-affected> (Vulnerable code not present)
        NOTE: CVE Request: 
http://www.openwall.com/lists/oss-security/2015/09/10/3
@@ -11592,6 +11594,7 @@
 CVE-2015-2925 [It is possible to escape from bind mounts]
        RESERVED
        - linux <unfixed>
+       [jessie] - linux 3.16.7-ckt11-1+deb8u4
        [wheezy] - linux <not-affected> (user namespaces known broken before 
3.5, see kernel-sec info)
        - linux-2.6 <not-affected> (user namespaces known broken before 3.5, 
see kernel-sec info)
        NOTE: http://permalink.gmane.org/gmane.linux.kernel.containers/29173

Modified: data/DSA/list
===================================================================
--- data/DSA/list       2015-09-21 15:47:05 UTC (rev 36775)
+++ data/DSA/list       2015-09-21 17:28:53 UTC (rev 36776)
@@ -1,3 +1,7 @@
+[21 Sep 2015] DSA-3364-1 linux - security update
+       {CVE-2015-0272 CVE-2015-5156 CVE-2015-6252 CVE-2015-6937}
+       [wheezy] - linux 3.2.68-1+deb7u4
+       [jessie] - linux 3.16.7-ckt11-1+deb8u4
 [20 Sep 2015] DSA-3363-1 owncloud-client - security update
        {CVE-2015-4456}
        [jessie] - owncloud-client 1.7.0~beta1+really1.6.4+dfsg-1+deb8u1

Modified: data/dsa-needed.txt
===================================================================
--- data/dsa-needed.txt 2015-09-21 15:47:05 UTC (rev 36775)
+++ data/dsa-needed.txt 2015-09-21 17:28:53 UTC (rev 36776)
@@ -46,8 +46,8 @@
 --
 libxml2 (gcs)
 --
-linux (carnil)
-  Ben prepared an update and proposed DSA text
+linux
+  Wait until more severe issues have accumulated
 --
 mediawiki
 --


_______________________________________________
Secure-testing-commits mailing list
[email protected]
http://lists.alioth.debian.org/cgi-bin/mailman/listinfo/secure-testing-commits

Reply via email to