[Secure-testing-commits] r49681 - data/CVE

Tue, 14 Mar 2017 10:52:43 -0700 

Author: benh
Date: 2017-03-14 17:52:26 +0000 (Tue, 14 Mar 2017)
New Revision: 49681

Modified:
   data/CVE/list
Log:
Triage some linux issues for wheezy

Modified: data/CVE/list
===================================================================
--- data/CVE/list       2017-03-14 16:33:33 UTC (rev 49680)
+++ data/CVE/list       2017-03-14 17:52:26 UTC (rev 49681)
@@ -25279,6 +25279,7 @@
        NOTE: Fixed by: 
https://git.kernel.org/linus/951b6a0717db97ce420547222647bcc40bf1eacd (4.2-rc1)
 CVE-2015-8955 (arch/arm64/kernel/perf_event.c in the Linux kernel before 4.1 
on arm64 ...)
        - linux 4.1.3-1
+       [wheezy] - linux <not-affected> (Vulnerable code not present; arm64 
introduced in 3.7)
        [jessie] - linux 3.16.39-1
        NOTE: Fixed by: 
https://git.kernel.org/linus/8fff105e13041e49b82f92eef034f363a6b1c071 (4.1-rc1)
 CVE-2016-10057
@@ -26516,6 +26517,7 @@
        NOT-FOR-US: Synaptics driver for Android
 CVE-2015-8950 (arch/arm64/mm/dma-mapping.c in the Linux kernel before 4.0.3, 
as used ...)
        - linux 4.0.4-1
+       [wheezy] - linux <not-affected> (Vulnerable code not present; arm64 
introduced in 3.7)
        [jessie] - linux 3.16.7-ckt17-1
        NOTE: Fixed by: 
https://git.kernel.org/linus/6829e274a623187c24f7cfc0e3d35f25d087fcc5 (4.1-rc2)
 CVE-2016-10051 [Double free]
@@ -28707,6 +28709,7 @@
        NOTE: libv8 is not covered by security support
 CVE-2016-6213 (fs/namespace.c in the Linux kernel before 4.9 does not restrict 
how ...)
        - linux 4.8.11-1
+       [wheezy] - linux <no-dsa> (Only exploitable by privileged user; too 
many changes to backport)
        NOTE: https://lkml.org/lkml/2016/8/28/269
        NOTE: Fixed by: 
http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=d29216842a85c7970c536108e093963f02714498
 CVE-2016-6186 (Cross-site scripting (XSS) vulnerability in the ...)
@@ -51245,6 +51248,7 @@
        NOTE: http://xenbits.xen.org/xsa/advisory-145.html
 CVE-2013-7445 (The Direct Rendering Manager (DRM) subsystem in the Linux 
kernel ...)
        - linux <unfixed>
+       [wheezy] - linux <no-dsa> (Minor issue, requires invasive changes)
        [jessie] - linux <no-dsa> (Minor issue, requires invasive changes)
        - linux-2.6 <removed>
        NOTE: https://bugzilla.kernel.org/show_bug.cgi?id=60533


_______________________________________________
Secure-testing-commits mailing list
Secure-testing-commits@lists.alioth.debian.org
http://lists.alioth.debian.org/cgi-bin/mailman/listinfo/secure-testing-commits

Reply via email to