Author: carnil
Date: 2016-11-10 07:54:58 +0000 (Thu, 10 Nov 2016)
New Revision: 46093
Modified:
data/CVE/list
Log:
Sync some stati for linux issue with kernel-sec
Modified: data/CVE/list
===================================================================
--- data/CVE/list 2016-11-10 06:14:47 UTC (rev 46092)
+++ data/CVE/list 2016-11-10 07:54:58 UTC (rev 46093)
@@ -254,6 +254,8 @@
CVE-2015-8970 [crypto: GPF in lrw_crypt caused by null-deref]
RESERVED
- linux 4.4.2-1
+ [jessie] - linux 3.16.7-ckt25-2+deb8u1
+ [wheezy] - linux 3.2.78-1
NOTE:
https://groups.google.com/forum/#!msg/syzkaller/frb2XrB5aWk/xCXzkIBcDAAJ
NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=1386286
NOTE: Fixed by:
https://git.kernel.org/linus/dd504589577d8e8e70f51f997ad487a4cb6c026f (v4.5-rc1)
@@ -615,10 +617,12 @@
CVE-2016-9084 [... "kzalloc is changed to a kcalloc."]
RESERVED
- linux <unfixed>
+ [wheezy] - linux <not-affected> (Vulnerable code not present)
NOTE: https://patchwork.kernel.org/patch/9373631/
CVE-2016-9083 [state machine confusion bug]
RESERVED
- linux <unfixed>
+ [wheezy] - linux <not-affected> (Vulnerable code not present)
NOTE: https://patchwork.kernel.org/patch/9373631/
CVE-2016-9082 [Out of bounds read in read_png/write_png in cairo-png.c]
RESERVED
@@ -1696,6 +1700,8 @@
CVE-2016-8632 [tipc_msg_build() doesn't validate MTU that can trigger heap
overflow]
RESERVED
- linux <unfixed>
+ [jessie] - linux <not-affected> (Vulnerable code introduced later)
+ [wheezy] - linux <not-affected> (Vulnerable code introduced later)
NOTE: https://www.mail-archive.com/netdev@vger.kernel.org/msg133205.html
CVE-2016-8631
RESERVED
_______________________________________________
Secure-testing-commits mailing list
Secure-testing-commits@lists.alioth.debian.org
http://lists.alioth.debian.org/cgi-bin/mailman/listinfo/secure-testing-commits
