diff options
| author | Ben Hutchings <benh@debian.org> | 2017-09-07 15:58:17 +0000 |
|---|---|---|
| committer | Ben Hutchings <benh@debian.org> | 2017-09-07 15:58:17 +0000 |
| commit | 60f606650854c46b5abeee97bfe38b94e3bc7d25 (patch) | |
| tree | 5b2713b846902421ea919e117b06ed5f6237d0c7 | |
| parent | 5c9bc4fa288cb64279fc90cae77c53af2d13b123 (diff) | |
Fill in missing status fields and retire non-isues
git-svn-id: svn+ssh://svn.debian.org/svn/kernel-sec@5529 e094ebfe-e918-0410-adfb-c712417f3574
| -rw-r--r-- | active/CVE-2017-13693 | 13 | ||||
| -rw-r--r-- | active/CVE-2017-13694 | 13 | ||||
| -rw-r--r-- | active/CVE-2017-13695 | 13 | ||||
| -rw-r--r-- | active/CVE-2017-14106 | 14 | ||||
| -rw-r--r-- | active/CVE-2017-14140 | 10 | ||||
| -rw-r--r-- | active/CVE-2017-14156 | 16 | ||||
| -rw-r--r-- | active/CVE-2017-7558 | 11 | ||||
| -rw-r--r-- | retired/CVE-2017-13693 | 15 | ||||
| -rw-r--r-- | retired/CVE-2017-13694 | 15 | ||||
| -rw-r--r-- | retired/CVE-2017-13695 | 15 |
10 files changed, 72 insertions, 63 deletions
diff --git a/active/CVE-2017-13693 b/active/CVE-2017-13693 deleted file mode 100644 index cc32e69a..00000000 --- a/active/CVE-2017-13693 +++ /dev/null @@ -1,13 +0,0 @@ -Description: -References: - https://patchwork.kernel.org/patch/9919053/ -Notes: -Bugs: -upstream: -4.9-upstream-stable: -3.16-upstream-stable: -3.2-upstream-stable: -sid: -4.9-stretch-security: -3.16-jessie-security: -3.2-wheezy-security: diff --git a/active/CVE-2017-13694 b/active/CVE-2017-13694 deleted file mode 100644 index ef12f8b3..00000000 --- a/active/CVE-2017-13694 +++ /dev/null @@ -1,13 +0,0 @@ -Description: -References: - https://patchwork.kernel.org/patch/9806085/ -Notes: -Bugs: -upstream: -4.9-upstream-stable: -3.16-upstream-stable: -3.2-upstream-stable: -sid: -4.9-stretch-security: -3.16-jessie-security: -3.2-wheezy-security: diff --git a/active/CVE-2017-13695 b/active/CVE-2017-13695 deleted file mode 100644 index 04b9ad7b..00000000 --- a/active/CVE-2017-13695 +++ /dev/null @@ -1,13 +0,0 @@ -Description: -References: - https://patchwork.kernel.org/patch/9850567/ -Notes: -Bugs: -upstream: -4.9-upstream-stable: -3.16-upstream-stable: -3.2-upstream-stable: -sid: -4.9-stretch-security: -3.16-jessie-security: -3.2-wheezy-security: diff --git a/active/CVE-2017-14106 b/active/CVE-2017-14106 index 65a2f2e3..d13e1a86 100644 --- a/active/CVE-2017-14106 +++ b/active/CVE-2017-14106 @@ -2,12 +2,14 @@ Description: net/ipv4: divide by 0 in __tcp_select_window() References: https://groups.google.com/forum/#!topic/syzkaller/e4SrsEBEziQ Notes: + bwh> This might not be possible in earlier versions, but it does look + bwh> plausible and the fix should have no effect if it's not possible. Bugs: upstream: released (4.12-rc3) [499350a5a6e7512d9ed369ed63a4244b6536f4f8] -4.9-upstream-stable: -3.16-upstream-stable: -3.2-upstream-stable: +4.9-upstream-stable: needed +3.16-upstream-stable: needed +3.2-upstream-stable: needed sid: released (4.12.6-1) -4.9-stretch-security: -3.16-jessie-security: -3.2-wheezy-security: +4.9-stretch-security: needed +3.16-jessie-security: needed +3.2-wheezy-security: needed diff --git a/active/CVE-2017-14140 b/active/CVE-2017-14140 index 5d0ff1e0..9a3f259e 100644 --- a/active/CVE-2017-14140 +++ b/active/CVE-2017-14140 @@ -4,9 +4,9 @@ Notes: Bugs: upstream: released (4.13-rc6) [197e7e521384a23b9e585178f3f11c9fa08274b9] 4.9-upstream-stable: released (4.9.45) [61332dc598c3f223678b2d7192ccf3472c544799] -3.16-upstream-stable: -3.2-upstream-stable: +3.16-upstream-stable: needed +3.2-upstream-stable: needed sid: pending (4.12.10-1) -4.9-stretch-security: -3.16-jessie-security: -3.2-wheezy-security: +4.9-stretch-security: needed +3.16-jessie-security: needed +3.2-wheezy-security: needed diff --git a/active/CVE-2017-14156 b/active/CVE-2017-14156 index 9bf15b98..ca530736 100644 --- a/active/CVE-2017-14156 +++ b/active/CVE-2017-14156 @@ -5,11 +5,11 @@ References: https://marc.info/?l=linux-kernel&m=150453196710422&w=2 Notes: Bugs: -upstream: -4.9-upstream-stable: -3.16-upstream-stable: -3.2-upstream-stable: -sid: -4.9-stretch-security: -3.16-jessie-security: -3.2-wheezy-security: +upstream: needed +4.9-upstream-stable: needed +3.16-upstream-stable: needed +3.2-upstream-stable: needed +sid: needed +4.9-stretch-security: needed +3.16-jessie-security: needed +3.2-wheezy-security: needed diff --git a/active/CVE-2017-7558 b/active/CVE-2017-7558 index 00aa669a..eedaa034 100644 --- a/active/CVE-2017-7558 +++ b/active/CVE-2017-7558 @@ -6,13 +6,14 @@ Notes: carnil> proposed patch in https://marc.info/?l=linux-netdev&m=150348777122761&w=2 carnil> the bug is said to be present from 4.7-rc1 on wards, but needs to be carnil> checked if we have otherwise backport the issue + bwh> The sctp_diag code was added in 4.7 and we did not backport it. Bugs: https://bugzilla.redhat.com/show_bug.cgi?id=1480266 upstream: released (4.13) [ee6c88bb754e3d363e568da78086adfedb692447] 4.9-upstream-stable: needed -3.16-upstream-stable: -3.2-upstream-stable: +3.16-upstream-stable: N/A "Vulnerable code not present" +3.2-upstream-stable: N/A "Vulnerable code not present" sid: needed -4.9-stretch-security: -3.16-jessie-security: -3.2-wheezy-security: +4.9-stretch-security: needed +3.16-jessie-security: N/A "Vulnerable code not present" +3.2-wheezy-security: N/A "Vulnerable code not present" diff --git a/retired/CVE-2017-13693 b/retired/CVE-2017-13693 new file mode 100644 index 00000000..26290166 --- /dev/null +++ b/retired/CVE-2017-13693 @@ -0,0 +1,15 @@ +Description: Invalid ACPI table triggers warning +References: + https://patchwork.kernel.org/patch/9919053/ +Notes: + bwh> This is not a security issue, since ACPI tables must already be + bwh> trusted. +Bugs: +upstream: ignored "Not a security issue" +4.9-upstream-stable: ignored "Not a security issue" +3.16-upstream-stable: ignored "Not a security issue" +3.2-upstream-stable: ignored "Not a security issue" +sid: ignored "Not a security issue" +4.9-stretch-security: ignored "Not a security issue" +3.16-jessie-security: ignored "Not a security issue" +3.2-wheezy-security: ignored "Not a security issue" diff --git a/retired/CVE-2017-13694 b/retired/CVE-2017-13694 new file mode 100644 index 00000000..8d62f470 --- /dev/null +++ b/retired/CVE-2017-13694 @@ -0,0 +1,15 @@ +Description: Invalid ACPI table triggers warning +References: + https://patchwork.kernel.org/patch/9806085/ +Notes: + bwh> This is not a security issue, since ACPI tables must already be + bwh> trusted. +Bugs: +upstream: ignored "Not a security issue" +4.9-upstream-stable: ignored "Not a security issue" +3.16-upstream-stable: ignored "Not a security issue" +3.2-upstream-stable: ignored "Not a security issue" +sid: ignored "Not a security issue" +4.9-stretch-security: ignored "Not a security issue" +3.16-jessie-security: ignored "Not a security issue" +3.2-wheezy-security: ignored "Not a security issue" diff --git a/retired/CVE-2017-13695 b/retired/CVE-2017-13695 new file mode 100644 index 00000000..794b7cd3 --- /dev/null +++ b/retired/CVE-2017-13695 @@ -0,0 +1,15 @@ +Description: Invalid ACPI table triggers warning +References: + https://patchwork.kernel.org/patch/9850567/ +Notes: + bwh> This is not a security issue, since ACPI tables must already be + bwh> trusted. +Bugs: +upstream: ignored "Not a security issue" +4.9-upstream-stable: ignored "Not a security issue" +3.16-upstream-stable: ignored "Not a security issue" +3.2-upstream-stable: ignored "Not a security issue" +sid: ignored "Not a security issue" +4.9-stretch-security: ignored "Not a security issue" +3.16-jessie-security: ignored "Not a security issue" +3.2-wheezy-security: ignored "Not a security issue" |