diff options
author | Ben Hutchings <ben@decadent.org.uk> | 2019-01-07 23:12:54 +0000 |
---|---|---|
committer | Ben Hutchings <ben@decadent.org.uk> | 2019-01-07 23:12:54 +0000 |
commit | 8a4c57534df082728ca98dd1d3d68321325c5d9a (patch) | |
tree | 9d65c1b0aa337d0d5e4c6103744c77a405e30ae9 | |
parent | c29a69600ca41ee282e4b46336e0e1b1d569bfaa (diff) |
Fill in status of most issues for 4.19-upstream-stable
63 files changed, 64 insertions, 1 deletions
diff --git a/active/CVE-2013-7445 b/active/CVE-2013-7445 index 178c206d..18be12a2 100644 --- a/active/CVE-2013-7445 +++ b/active/CVE-2013-7445 @@ -4,6 +4,7 @@ Notes: Bugs: https://bugzilla.kernel.org/show_bug.cgi?id=60533 upstream: needed +4.19-upstream-stable: needed 4.9-upstream-stable: needed 3.16-upstream-stable: ignored "Fix is likely to be too big and risky to backport" 3.2-upstream-stable: ignored "Fix is likely to be too big and risky to backport" diff --git a/active/CVE-2015-8553 b/active/CVE-2015-8553 index 38d109c3..bdee9ada 100644 --- a/active/CVE-2015-8553 +++ b/active/CVE-2015-8553 @@ -13,6 +13,7 @@ Notes: jmm> point Bugs: upstream: needed +4.19-upstream-stable: needed 4.9-upstream-stable: needed 3.16-upstream-stable: needed 3.2-upstream-stable: ignored "EOL" diff --git a/active/CVE-2015-8839 b/active/CVE-2015-8839 index dee5a4fe..814c1a3b 100644 --- a/active/CVE-2015-8839 +++ b/active/CVE-2015-8839 @@ -3,6 +3,7 @@ References: Notes: Bugs: upstream: released (4.5-rc1) [ea3d7209ca01da209cda6f0dea8be9cc4b7a933b, 17048e8a083fec7ad841d88ef0812707fbc7e39f, 32ebffd3bbb4162da5ff88f9a35dd32d0a28ea70, 011278485ecc3cd2a3954b5d4c73101d919bf1fa] +4.19-upstream-stable: N/A "Fixed before branch point" 4.9-upstream-stable: N/A "Fixed before branch point" 3.16-upstream-stable: needed 3.2-upstream-stable: ignored "Too much work to backport" diff --git a/active/CVE-2016-10723 b/active/CVE-2016-10723 index 94a51cb4..12dbf1e4 100644 --- a/active/CVE-2016-10723 +++ b/active/CVE-2016-10723 @@ -14,6 +14,7 @@ Notes: bwh> I assume 4.9 is also affected. Bugs: upstream: needed +4.19-upstream-stable: needed 4.9-upstream-stable: needed 3.16-upstream-stable: needed sid: needed diff --git a/active/CVE-2016-8660 b/active/CVE-2016-8660 index 6da01332..9ef16dcd 100644 --- a/active/CVE-2016-8660 +++ b/active/CVE-2016-8660 @@ -7,6 +7,7 @@ Notes: https://bugzilla.novell.com/show_bug.cgi?id=1004532#c10 Bugs: upstream: needed +4.19-upstream-stable: needed 4.9-upstream-stable: needed 3.16-upstream-stable: N/A "Vulnerable code introduced in (4.4-rc1) [fc0561cefc04e7803c0f6501ca4f310a502f65b8]" 3.2-upstream-stable: N/A "Vulnerable code introduced in (4.4-rc1) [fc0561cefc04e7803c0f6501ca4f310a502f65b8]" diff --git a/active/CVE-2017-0630 b/active/CVE-2017-0630 index 05283846..cfcda400 100644 --- a/active/CVE-2017-0630 +++ b/active/CVE-2017-0630 @@ -6,6 +6,7 @@ Notes: carnil> https://lore.kernel.org/lkml/20180725210717.3b807191@vmware.local.home/ Bugs: upstream: needed +4.19-upstream-stable: needed 4.9-upstream-stable: needed 3.16-upstream-stable: needed sid: needed diff --git a/active/CVE-2017-10662 b/active/CVE-2017-10662 index df77fd46..0bc232a9 100644 --- a/active/CVE-2017-10662 +++ b/active/CVE-2017-10662 @@ -6,6 +6,7 @@ Notes: bwh> and major in-memory structure". Bugs: upstream: released (4.12-rc1) [b9dd46188edc2f0d1f37328637860bb65a771124] +4.19-upstream-stable: N/A "Fixed before branch point" 4.9-upstream-stable: released (4.9.28) [93862955cbf485215f0677229292d0f358af55fc] 3.16-upstream-stable: needed 3.2-upstream-stable: N/A "Vulnerable code not present" diff --git a/active/CVE-2017-10663 b/active/CVE-2017-10663 index 04a47049..53ad9a20 100644 --- a/active/CVE-2017-10663 +++ b/active/CVE-2017-10663 @@ -7,6 +7,7 @@ Notes: bwh> operations". Bugs: upstream: released (4.13-rc1) [15d3042a937c13f5d9244241c7a9c8416ff6e82a] +4.19-upstream-stable: N/A "Fixed before branch point" 4.9-upstream-stable: released (4.9.42) [0f442c5b2e4ac0b65027ed3374462f1c38675f7e] 3.16-upstream-stable: needed 3.2-upstream-stable: N/A "Vulnerable code not present" diff --git a/active/CVE-2017-13168 b/active/CVE-2017-13168 index 112e6eb6..f273946c 100644 --- a/active/CVE-2017-13168 +++ b/active/CVE-2017-13168 @@ -4,6 +4,7 @@ References: Notes: Bugs: upstream: released (4.18-rc4) [26b5b874aff5659a7e26e5b1997e3df2c41fa7fd] +4.19-upstream-stable: N/A "Fixed before branch point" 4.9-upstream-stable: released (4.9.112) [b6db8af7e34edfa1bf1d7b0797da15c3811a2a98] 3.16-upstream-stable: released (3.16.61) [3f084a4d285d695b2008533f1b28a5538748e174] sid: released (4.17.6-1) diff --git a/active/CVE-2017-13305 b/active/CVE-2017-13305 index 07e53e5e..16734297 100644 --- a/active/CVE-2017-13305 +++ b/active/CVE-2017-13305 @@ -6,6 +6,7 @@ Notes: carnil> Possibly only affecting 3.18+ but needs check. Bugs: upstream: released (4.12-rc5) [794b4bc292f5d31739d89c0202c54e7dc9bc3add] +4.19-upstream-stable: N/A "Fixed before branch point" 4.9-upstream-stable: released (4.9.81) [9692602ab850eec484d8cc5a740803d34f00016c] 3.16-upstream-stable: released (3.16.62) [bfe535bf4ab73e41922c7a58d6a858a2c435ff29] sid: released (4.12.6-1) diff --git a/active/CVE-2017-18232 b/active/CVE-2017-18232 index 9fe8f432..e12e0152 100644 --- a/active/CVE-2017-18232 +++ b/active/CVE-2017-18232 @@ -5,6 +5,7 @@ Notes: bwh> (Linux 3.4). For stretch, this requires an ABI bump. Bugs: upstream: released (4.16-rc1) [0558f33c06bb910e2879e355192227a8e8f0219d] +4.19-upstream-stable: N/A "Fixed before branch point" 4.9-upstream-stable: needed 3.16-upstream-stable: needed 3.2-upstream-stable: N/A "Vulnerability introduced later" diff --git a/active/CVE-2017-18249 b/active/CVE-2017-18249 index aff2ac7c..85b1faea 100644 --- a/active/CVE-2017-18249 +++ b/active/CVE-2017-18249 @@ -3,6 +3,7 @@ References: Notes: Bugs: upstream: released (4.12-rc1) [30a61ddf8117c26ac5b295e1233eaa9629a94ca3] +4.19-upstream-stable: N/A "Fixed before branch point" 4.9-upstream-stable: released (4.9.144) [cb9b1d4ec206702a4df1cb42ba8142f39acfdd91] 3.16-upstream-stable: needed 3.2-upstream-stable: N/A "Vulnerable code not present" diff --git a/active/CVE-2017-9725 b/active/CVE-2017-9725 index f7f449ca..e8af2097 100644 --- a/active/CVE-2017-9725 +++ b/active/CVE-2017-9725 @@ -5,6 +5,7 @@ References: Notes: Bugs: upstream: released (4.3-rc7) [67a2e213e7e937c41c52ab5bc46bf3f4de469f6e] +4.19-upstream-stable: N/A "Fixed before branch point" 4.9-upstream-stable: N/A "Fixed before branching point" 3.16-upstream-stable: sid: released (4.3.1-1) diff --git a/active/CVE-2018-1000026 b/active/CVE-2018-1000026 index d13546f7..450130d6 100644 --- a/active/CVE-2018-1000026 +++ b/active/CVE-2018-1000026 @@ -13,6 +13,7 @@ Notes: bwh> certainly affected. Bugs: upstream: needed +4.19-upstream-stable: needed 4.9-upstream-stable: needed 3.16-upstream-stable: needed 3.2-upstream-stable: ignored "EOL" diff --git a/active/CVE-2018-10322 b/active/CVE-2018-10322 index abf5658b..0f1c7a4a 100644 --- a/active/CVE-2018-10322 +++ b/active/CVE-2018-10322 @@ -5,6 +5,7 @@ References: Notes: Bugs: upstream: released (4.17-rc4) [b42db0860e13067fcc7cbfba3966c9e652668bbc] +4.19-upstream-stable: N/A "Fixed before branch point" 4.9-upstream-stable: needed 3.16-upstream-stable: needed 3.2-upstream-stable: ignored "dinode verifier not implemented" diff --git a/active/CVE-2018-10323 b/active/CVE-2018-10323 index 909fedb6..4588833f 100644 --- a/active/CVE-2018-10323 +++ b/active/CVE-2018-10323 @@ -5,6 +5,7 @@ References: Notes: Bugs: upstream: released (4.17-rc4) [2c4306f719b083d17df2963bc761777576b8ad1b] +4.19-upstream-stable: N/A "Fixed before branch point" 4.9-upstream-stable: needed 3.16-upstream-stable: released (3.16.58) [00fe22e3f801fd5225aeecc6bf79630ec201f8e4] 3.2-upstream-stable: ignored "Too much work to backport" diff --git a/active/CVE-2018-1108 b/active/CVE-2018-1108 index a84768da..b5dbe342 100644 --- a/active/CVE-2018-1108 +++ b/active/CVE-2018-1108 @@ -10,6 +10,7 @@ Notes: carnil> 4.9.88-1+deb9u1 reverts the fix due to various reported regressions. Bugs: upstream: released (4.17-rc2) [43838a23a05fbd13e47d750d3dfd77001536dd33] +4.19-upstream-stable: N/A "Fixed before branch point" 4.9-upstream-stable: released (4.9.96) [4dfb3442bb7e1fb80515df4a199ca5a7a8edf900] 3.16-upstream-stable: N/A "Vulnerable code not present" 3.2-upstream-stable: N/A "Vulnerable code not present" diff --git a/active/CVE-2018-1120 b/active/CVE-2018-1120 index 663f4853..90e71788 100644 --- a/active/CVE-2018-1120 +++ b/active/CVE-2018-1120 @@ -9,6 +9,7 @@ Notes: carnil> access_remote_vm() write parameter is replaced with gup_flags. Bugs: upstream: released (4.17-rc6) [7f7ccc2ccc2e70c6054685f5e3522efa81556830] +4.19-upstream-stable: N/A "Fixed before branch point" 4.9-upstream-stable: released (4.9.101) [6f1abf8628b750905606996fd5ff5ea22d149238] 3.16-upstream-stable: needed 3.2-upstream-stable: ignored "EOL" diff --git a/active/CVE-2018-1128 b/active/CVE-2018-1128 index 5391fdea..0c3cc264 100644 --- a/active/CVE-2018-1128 +++ b/active/CVE-2018-1128 @@ -9,6 +9,7 @@ Notes: bwh> seems to depend on message signatures which were added in 3.19. Bugs: upstream: released (4.19-rc1) [6daca13d2e72bedaaacfc08f873114c9307d5aea] +4.19-upstream-stable: N/A "Fixed before branch point" 4.9-upstream-stable: released (4.9.144) [06e925920d4de3da2114876bc607447e929604af] 3.16-upstream-stable: ignored "Protocol change is too difficult" sid: released (4.19.9-1) diff --git a/active/CVE-2018-1129 b/active/CVE-2018-1129 index b63dc8b3..9aa12876 100644 --- a/active/CVE-2018-1129 +++ b/active/CVE-2018-1129 @@ -4,6 +4,7 @@ References: Notes: Bugs: upstream: released (4.19-rc1) [cc255c76c70f7a87d97939621eae04b600d9f4a1] +4.19-upstream-stable: N/A "Fixed before branch point" 4.9-upstream-stable: released (4.9.144) [18a23fb2632030888fc56a7df73a80f57445718f] 3.16-upstream-stable: N/A "Message signatures not implemented" sid: released (4.19.9-1) diff --git a/active/CVE-2018-12896 b/active/CVE-2018-12896 index 1692e21f..b7cdd2c4 100644 --- a/active/CVE-2018-12896 +++ b/active/CVE-2018-12896 @@ -6,6 +6,7 @@ References: Notes: Bugs: upstream: released (4.19-rc1) [78c9c4dfbf8c04883941445a195276bb4bb92c76] +4.19-upstream-stable: N/A "Fixed before branch point" 4.9-upstream-stable: released (4.9.136) [65cb24de03f1c8e00a4fedf416b80a4e8f8a6ef2] 3.16-upstream-stable: released (3.16.62) [f795b11fdc99a3d4d7d6b9d48c5e44e17c287a27] sid: released (4.18.20-1) diff --git a/active/CVE-2018-12928 b/active/CVE-2018-12928 index 415299c9..fb2db0c3 100644 --- a/active/CVE-2018-12928 +++ b/active/CVE-2018-12928 @@ -10,6 +10,7 @@ Notes: bwh> other tools that do similar probing. Bugs: upstream: needed +4.19-upstream-stable: needed 4.9-upstream-stable: needed 3.16-upstream-stable: needed sid: needed diff --git a/active/CVE-2018-12929 b/active/CVE-2018-12929 index edcb3ba5..ff7b6a71 100644 --- a/active/CVE-2018-12929 +++ b/active/CVE-2018-12929 @@ -3,6 +3,7 @@ References: Notes: Bugs: upstream: needed +4.19-upstream-stable: needed 4.9-upstream-stable: 3.16-upstream-stable: sid: needed diff --git a/active/CVE-2018-12930 b/active/CVE-2018-12930 index ba473f22..172db692 100644 --- a/active/CVE-2018-12930 +++ b/active/CVE-2018-12930 @@ -3,6 +3,7 @@ References: Notes: Bugs: upstream: needed +4.19-upstream-stable: needed 4.9-upstream-stable: 3.16-upstream-stable: sid: needed diff --git a/active/CVE-2018-12931 b/active/CVE-2018-12931 index 2511fff3..56b407b5 100644 --- a/active/CVE-2018-12931 +++ b/active/CVE-2018-12931 @@ -3,6 +3,7 @@ References: Notes: Bugs: upstream: needed +4.19-upstream-stable: needed 4.9-upstream-stable: 3.16-upstream-stable: sid: needed diff --git a/active/CVE-2018-13053 b/active/CVE-2018-13053 index 01187a94..f6f66219 100644 --- a/active/CVE-2018-13053 +++ b/active/CVE-2018-13053 @@ -5,6 +5,7 @@ References: Notes: Bugs: upstream: released (4.19-rc1) [5f936e19cc0ef97dbe3a56e9498922ad5ba1edef] +4.19-upstream-stable: N/A "Fixed before branch point" 4.9-upstream-stable: released (4.9.131) [747128e772dc2c413763050c52c55edcacf7f60c] 3.16-upstream-stable: released (3.16.62) [b396dc52e302a0610abfd6467e20fb58352cdb69] sid: released (4.18.20-1) diff --git a/active/CVE-2018-13093 b/active/CVE-2018-13093 index 97ab4532..88e98d33 100644 --- a/active/CVE-2018-13093 +++ b/active/CVE-2018-13093 @@ -5,6 +5,7 @@ References: Notes: Bugs: upstream: released (4.18-rc1) [afca6c5b2595fc44383919fba740c194b0b76aff] +4.19-upstream-stable: N/A "Fixed before branch point" 4.9-upstream-stable: needed 3.16-upstream-stable: released (3.16.58) [7744e6b42712dd27e2457e1eb03b1c73920364c2] sid: released (4.17.14-1) diff --git a/active/CVE-2018-13094 b/active/CVE-2018-13094 index 3710d90a..4742d588 100644 --- a/active/CVE-2018-13094 +++ b/active/CVE-2018-13094 @@ -5,6 +5,7 @@ References: Notes: Bugs: upstream: released (4.18-rc1) [bb3d48dcf86a97dc25fe9fc2c11938e19cb4399a] +4.19-upstream-stable: N/A "Fixed before branch point" 4.9-upstream-stable: needed 3.16-upstream-stable: released (3.16.58) [991ec538e6683859b065467b8406c7e57526e212] sid: released (4.17.14-1) diff --git a/active/CVE-2018-13095 b/active/CVE-2018-13095 index de0c91b3..e5745345 100644 --- a/active/CVE-2018-13095 +++ b/active/CVE-2018-13095 @@ -8,6 +8,7 @@ Notes: bwh> this is more trouble than it's worth to backport. Bugs: upstream: released (4.18-rc3) [23fcb3340d033d9f081e21e6c12c2db7eaa541d3] +4.19-upstream-stable: N/A "Fixed before branch point" 4.9-upstream-stable: 3.16-upstream-stable: ignored "Too risky to backport" sid: released (4.18.6-1) diff --git a/active/CVE-2018-13096 b/active/CVE-2018-13096 index abb10a55..c8f5c6c2 100644 --- a/active/CVE-2018-13096 +++ b/active/CVE-2018-13096 @@ -5,6 +5,7 @@ References: Notes: Bugs: upstream: released (4.19-rc1) [e34438c903b653daca2b2a7de95aed46226f8ed3] +4.19-upstream-stable: N/A "Fixed before branch point" 4.9-upstream-stable: released (4.9.144) [1c87980591a1dc8c5eafdcc5f9953fca4e518465] 3.16-upstream-stable: sid: released (4.19.9-1) diff --git a/active/CVE-2018-13097 b/active/CVE-2018-13097 index fbca8534..bdf15655 100644 --- a/active/CVE-2018-13097 +++ b/active/CVE-2018-13097 @@ -5,6 +5,7 @@ References: Notes: Bugs: upstream: released (4.19-rc1) [9dc956b2c8523aed39d1e6508438be9fea28c8fc] +4.19-upstream-stable: N/A "Fixed before branch point" 4.9-upstream-stable: released (4.9.144) [06e606acedaf8bb00c83c4cee43acdd264287a92] 3.16-upstream-stable: sid: released (4.19.9-1) diff --git a/active/CVE-2018-13098 b/active/CVE-2018-13098 index 2ded68ea..6d787f3d 100644 --- a/active/CVE-2018-13098 +++ b/active/CVE-2018-13098 @@ -7,6 +7,7 @@ Notes: bwh> inode structure scalability" Bugs: upstream: released (4.19-rc1) [76d56d4ab4f2a9e4f085c7d77172194ddaccf7d2] +4.19-upstream-stable: N/A "Fixed before branch point" 4.9-upstream-stable: N/A "Vulnerable code not present" 3.16-upstream-stable: N/A "Vulnerable code not present" sid: released (4.18.10-1) diff --git a/active/CVE-2018-13099 b/active/CVE-2018-13099 index abb70f68..84924ea4 100644 --- a/active/CVE-2018-13099 +++ b/active/CVE-2018-13099 @@ -6,6 +6,7 @@ References: Notes: Bugs: upstream: released (4.19-rc1) [4dbe38dc386910c668c75ae616b99b823b59f3eb] +4.19-upstream-stable: N/A "Fixed before branch point" 4.9-upstream-stable: released (4.9.128) [7e0782ceebaaed70b0c4b775c27b81e8f8cf6ddb] 3.16-upstream-stable: sid: released (4.18.10-1) diff --git a/active/CVE-2018-13100 b/active/CVE-2018-13100 index 693a0e85..7a4bd1e9 100644 --- a/active/CVE-2018-13100 +++ b/active/CVE-2018-13100 @@ -5,6 +5,7 @@ References: Notes: Bugs: upstream: released (4.19-rc1) [42bf546c1fe3f3654bdf914e977acbc2b80a5be5] +4.19-upstream-stable: N/A "Fixed before branch point" 4.9-upstream-stable: released (4.9.144) [a3dccfacd3a574365ab6c5118f8a944a4ba691fa] 3.16-upstream-stable: sid: released (4.18.10-1) diff --git a/active/CVE-2018-13406 b/active/CVE-2018-13406 index 19ad8531..dccc8aa4 100644 --- a/active/CVE-2018-13406 +++ b/active/CVE-2018-13406 @@ -9,6 +9,7 @@ Notes: bwh> either of those types. Bugs: upstream: released (4.18-rc1) [9f645bcc566a1e9f921bdae7528a01ced5bc3713] +4.19-upstream-stable: N/A "Fixed before branch point" 4.9-upstream-stable: released (4.9.111) [7673ca3c93414faf90fa2a3c339f1f625415fecb] 3.16-upstream-stable: released (3.16.58) [video-uvesafb-fix-integer-overflow-in-allocation.patch] sid: released (4.17.6-1) diff --git a/active/CVE-2018-14610 b/active/CVE-2018-14610 index 8f0d9a79..3e0cae9e 100644 --- a/active/CVE-2018-14610 +++ b/active/CVE-2018-14610 @@ -7,6 +7,7 @@ Notes: bwh> "btrfs: tree-checker: Verify block_group_item". Bugs: upstream: released (4.19-rc1) [514c7dca85a0bf40be984dab0b477403a6db901f] +4.19-upstream-stable: N/A "Fixed before branch point" 4.9-upstream-stable: released (4.9.144) [7a72f918825ddece7a4ed79583836f6f1e06e478] 3.16-upstream-stable: needed sid: released (4.19.9-1) diff --git a/active/CVE-2018-14611 b/active/CVE-2018-14611 index 8632871a..ef3d481d 100644 --- a/active/CVE-2018-14611 +++ b/active/CVE-2018-14611 @@ -7,6 +7,7 @@ Notes: bwh> "Btrfs: add validadtion checks for chunk loading". Bugs: upstream: released (4.19-rc1) [315409b0098fb2651d86553f0436b70502b29bb2] +4.19-upstream-stable: N/A "Fixed before branch point" 4.9-upstream-stable: released (4.9.144) [3c77b07dc365a7ed2644ca0dd38e6e40a9652d57] 3.16-upstream-stable: needed sid: released (4.19.9-1) diff --git a/active/CVE-2018-14612 b/active/CVE-2018-14612 index a5f8d425..fa9b37bf 100644 --- a/active/CVE-2018-14612 +++ b/active/CVE-2018-14612 @@ -9,6 +9,7 @@ Notes: carnil> that applies. Bugs: upstream: released (4.19-rc1) [ba480dd4db9f1798541eb2d1c423fc95feee8d36, 7ef49515fa6727cb4b6f2f5b0ffbc5fc20a9f8c6] +4.19-upstream-stable: N/A "Fixed before branch point" 4.9-upstream-stable: released (4.9.144) [6f33d3d8dca8683a4df94e9944296a1a1a2a6f10, 23eb2f435a07e1e09d48ea10c4a22bc96e16fde6] 3.16-upstream-stable: needed sid: released (4.18.8-1) diff --git a/active/CVE-2018-14613 b/active/CVE-2018-14613 index d12913bf..4700cb6e 100644 --- a/active/CVE-2018-14613 +++ b/active/CVE-2018-14613 @@ -5,6 +5,7 @@ References: Notes: Bugs: upstream: released (4.19-rc1) [fce466eab7ac6baa9d2dcd88abcf945be3d4a089] +4.19-upstream-stable: N/A "Fixed before branch point" 4.9-upstream-stable: released (4.9.144) [058e388e42c8dc5b6ce6248990c75a0459e20197] 3.16-upstream-stable: sid: released (4.19.9-1) diff --git a/active/CVE-2018-14614 b/active/CVE-2018-14614 index 0a05a07a..df5a0468 100644 --- a/active/CVE-2018-14614 +++ b/active/CVE-2018-14614 @@ -5,6 +5,7 @@ References: Notes: Bugs: upstream: released (4.19-rc1) [e494c2f995d6181d6e29c4927d68e0f295ecf75b] +4.19-upstream-stable: N/A "Fixed before branch point" 4.9-upstream-stable: released (4.9.144) [91fe514bedf4c72ae8046fe4cfa98c5e201f6b84] 3.16-upstream-stable: sid: released (4.19.9-1) diff --git a/active/CVE-2018-14615 b/active/CVE-2018-14615 index 71600053..2d23e72e 100644 --- a/active/CVE-2018-14615 +++ b/active/CVE-2018-14615 @@ -7,6 +7,7 @@ Notes: bwh> inode structure scalability" Bugs: upstream: released (4.19-rc1) [18dd6470c2d14d10f5a2dd926925dc80dbd3abfd] +4.19-upstream-stable: N/A "Fixed before branch point" 4.9-upstream-stable: N/A "Vulnerable code not present" 3.16-upstream-stable: N/A "Vulnerable code not present" sid: released (4.19.9-1) diff --git a/active/CVE-2018-14616 b/active/CVE-2018-14616 index 722e7b28..fb00a489 100644 --- a/active/CVE-2018-14616 +++ b/active/CVE-2018-14616 @@ -4,6 +4,7 @@ References: Notes: Bugs: upstream: released (4.19-rc1) [91291e9998d208370eb8156c760691b873bd7522] +4.19-upstream-stable: N/A "Fixed before branch point" 4.9-upstream-stable: released (4.9.144) [b10a6ac262f8c1c0c70a90e992137a5590325f0b] 3.16-upstream-stable: sid: released (4.19.9-1) diff --git a/active/CVE-2018-14625 b/active/CVE-2018-14625 index 88351fa9..6501244d 100644 --- a/active/CVE-2018-14625 +++ b/active/CVE-2018-14625 @@ -4,6 +4,7 @@ References: Notes: Bugs: upstream: released (4.20-rc6) [834e772c8db0c6a275d75315d90aba4ebbb1e249] +4.19-upstream-stable: released (4.19.9) [f9cd25b1e5e575a5f18547bdc04ea40a23ad511a] 4.9-upstream-stable: released (4.9.145) [569fc4ffb5de8f12fe01759f0b85098b7b9bba8e] 3.16-upstream-stable: N/A "Vulnerable code not present" sid: released (4.19.9-1) diff --git a/active/CVE-2018-16862 b/active/CVE-2018-16862 index 72e6e416..ad1074d8 100644 --- a/active/CVE-2018-16862 +++ b/active/CVE-2018-16862 @@ -6,6 +6,7 @@ References: Notes: Bugs: upstream: released (4.20-rc5) [6ff38bd40230af35e446239396e5fc8ebd6a5248] +4.19-upstream-stable: released (4.19.7) [16a2d602244ff5327cecd210fdd50ad5ad443c9c] 4.9-upstream-stable: released (4.9.144) [60b3d44f05c148f6f7f5e5b2a8165d328c3f22a0] 3.16-upstream-stable: released (3.16.62) [56a7ebd4a3adc001b18a8feeb5cdf0b9fb2684fa] sid: released (4.19.9-1) diff --git a/active/CVE-2018-16882 b/active/CVE-2018-16882 index 7d45522e..380b9dc0 100644 --- a/active/CVE-2018-16882 +++ b/active/CVE-2018-16882 @@ -7,7 +7,8 @@ Notes: carnil> needs to check if issue only introduced post/with 4.14-rc1. Bugs: upstream: released (4.20) [c2dd5146e9fe1f22c77c1b011adf84eea0245806] -4.9-upstream-stable: released (4.19.13) [1972ca04708330b0edd52956e644e3974065a613] +4.19-upstream-stable: released (4.19.13) [1972ca04708330b0edd52956e644e3974065a613] +4.9-upstream-stable: 3.16-upstream-stable: sid: released (4.19.13-1) 4.9-stretch-security: diff --git a/active/CVE-2018-17972 b/active/CVE-2018-17972 index de59a38b..28d70579 100644 --- a/active/CVE-2018-17972 +++ b/active/CVE-2018-17972 @@ -4,6 +4,7 @@ References: Notes: Bugs: upstream: released (4.19-rc7) [f8a00cef17206ecd1b30d3d9f99e10d9fa707aa7] +4.19-upstream-stable: N/A "Fixed before branch point" 4.9-upstream-stable: released (4.9.132) [3c5dc3f313cf1cb1645a0e832f51c1ba79aee934] 3.16-upstream-stable: released (3.16.62) [6e8e3ad9d57f70fc58e2ecbafbfd1b3f37973cfc] sid: released (4.18.20-1) diff --git a/active/CVE-2018-18021 b/active/CVE-2018-18021 index 52d191a6..91d258dc 100644 --- a/active/CVE-2018-18021 +++ b/active/CVE-2018-18021 @@ -4,6 +4,7 @@ References: Notes: Bugs: upstream: released (4.19-rc7) [d26c25a9d19b5976b319af528886f89cf455692d, 2a3f93459d689d990b3ecfbe782fec89b97d3279] +4.19-upstream-stable: N/A "Fixed before branch point" 4.9-upstream-stable: released (4.9.131) [bc769c0148cd9820c8db785a2a1298a6489125ae, 53819c17ecbee86089396e6e7ae1f3e6de958db9] 3.16-upstream-stable: ignored "Too difficult to backport" sid: released (4.18.10-2) [bugfix/arm64/arm64-kvm-tighten-guest-core-register-access-from-us.patch, bugfix/arm64/arm64-kvm-sanitize-pstate.m-when-being-set-from-user.patch] diff --git a/active/CVE-2018-18281 b/active/CVE-2018-18281 index f5691b79..a1cb7653 100644 --- a/active/CVE-2018-18281 +++ b/active/CVE-2018-18281 @@ -5,6 +5,7 @@ References: Notes: Bugs: upstream: released (4.19) [eb66ae030829605d61fbef1909ce310e29f78821] +4.19-upstream-stable: N/A "Fixed before branch point" 4.9-upstream-stable: released (4.9.135) [e34bd9a96704f7089ccad61b6e01ea985fa54dd6] 3.16-upstream-stable: released (3.16.62) [2567a342d707b1245e837f16cb7555b360e2c580] sid: released (4.18.20-1) diff --git a/active/CVE-2018-18397 b/active/CVE-2018-18397 index af309789..663c75cf 100644 --- a/active/CVE-2018-18397 +++ b/active/CVE-2018-18397 @@ -10,6 +10,7 @@ Notes: carnil> in 4.11-rc1. Bugs: upstream: released (4.20-rc5) [9e368259ad988356c4c95150fafd1a06af095d98, 5b51072e97d587186c2f5390c8c9c1fb7e179505, 29ec90660d68bbdd69507c1c8b4e33aa299278b1, e2a50c1f64145a04959df2442305d57307e5395a, dcf7fe9d89763a28e0f43975b422ff141fe79e43] +4.19-upstream-stable: released (4.19.8) [10f98c134b02d11923d45ce6688c2479435e8ec9, 6e44dd02c95508f6df5eca4d46adbb75233ea181, 34b7a7cc5321a1b5e13320443557ba1cb11b42e7, 4ce337622f2bbc0df61b0b76aa60388f5def5646, 8f193a716e56f30e36a4c851e59bf6fa74af8d9f] 4.9-upstream-stable: N/A "Vulnerable code introduced later" 3.16-upstream-stable: N/A "Vulnerable code introduced later" sid: released (4.19.9-1) diff --git a/active/CVE-2018-18690 b/active/CVE-2018-18690 index 927979f2..8bf9ba80 100644 --- a/active/CVE-2018-18690 +++ b/active/CVE-2018-18690 @@ -5,6 +5,7 @@ References: Notes: Bugs: upstream: released (4.17-rc4) [7b38460dc8e4eafba06c78f8e37099d3b34d473c] +4.19-upstream-stable: N/A "Fixed before branch point" 4.9-upstream-stable: released (4.9.144) [4ec44e98ab08c704d0ff1a35a21a0682a5562a27] 3.16-upstream-stable: released (3.16.62) [789a4317666e599e487ec1983643de1b519c431e] sid: released (4.17.3-1) diff --git a/active/CVE-2018-18710 b/active/CVE-2018-18710 index db64f0af..eb59cd47 100644 --- a/active/CVE-2018-18710 +++ b/active/CVE-2018-18710 @@ -3,6 +3,7 @@ References: Notes: Bugs: upstream: released (4.20-rc1) [e4f3aa2e1e67bb48dfbaaf1cad59013d5a5bc276] +4.19-upstream-stable: released (4.19.3) [c8099dbf492b565a4f75ae7b8c08b76ca18c4c3f] 4.9-upstream-stable: released (4.9.138) [8dd745a8799ee01fc67b64fd33cdb44d04eb7e4c] 3.16-upstream-stable: released (3.16.62) [4d0f2564603d1ef8cce8a083751442342e9c9474] sid: released (4.18.20-1) diff --git a/active/CVE-2018-19407 b/active/CVE-2018-19407 index c9718c2c..bbcc492e 100644 --- a/active/CVE-2018-19407 +++ b/active/CVE-2018-19407 @@ -8,6 +8,7 @@ Notes: bwh> reproducer didn't work for me on either 3.16 or 4.9. Bugs: upstream: released (4.20-rc5) [e97f852fd4561e77721bb9a4e0ea9d98305b1e93] +4.19-upstream-stable: released (4.19.7) [61c42d657c859ccc95e53afdac64f73a0053b8ea] 4.9-upstream-stable: released (4.9.143) [3a468e8e5a6124523e2e94c33866c609cc914876] 3.16-upstream-stable: N/A "Vulnerable code not present" sid: released (4.19.9-1) diff --git a/active/CVE-2018-19824 b/active/CVE-2018-19824 index b1dcd245..9628bf10 100644 --- a/active/CVE-2018-19824 +++ b/active/CVE-2018-19824 @@ -6,6 +6,7 @@ Notes: carnil> Commit fixes 362e4e49abe53e89d87455dfcd7c1bbaf08a839d (3.1-rc8) Bugs: upstream: released (4.20-rc6) [5f8cf712582617d523120df67d392059eaf2fc4b] +4.19-upstream-stable: released (4.19.9) [a7e719ace75e4451b7958cb73cbc12c627760007] 4.9-upstream-stable: released (4.9.145) [73000a4cec933fd331224df79df731ea929bb85c] 3.16-upstream-stable: needed sid: released (4.19.9-1) diff --git a/active/CVE-2018-20169 b/active/CVE-2018-20169 index 4af217df..4e1fa470 100644 --- a/active/CVE-2018-20169 +++ b/active/CVE-2018-20169 @@ -3,6 +3,7 @@ References: Notes: Bugs: upstream: released (4.20-rc6) [704620afc70cf47abb9d6a1a57f3825d2bca49cf] +4.19-upstream-stable: released (4.19.9) [1b2e742bf7230ce04cda5b7348f922174bef2d7a] 4.9-upstream-stable: released (4.9.145) [fe26b8d06e965239795bee0a71c9073bed931716] 3.16-upstream-stable: sid: released (4.19.9-1) diff --git a/active/CVE-2018-20511 b/active/CVE-2018-20511 index 9fd0ef39..dfa93787 100644 --- a/active/CVE-2018-20511 +++ b/active/CVE-2018-20511 @@ -5,6 +5,7 @@ References: Notes: Bugs: upstream: released (4.19-rc5) [9824dfae5741275473a23a7ed5756c7b6efacc9d] +4.19-upstream-stable: N/A "Fixed before branch point" 4.9-upstream-stable: released (4.9.130) [11f734283a987ac26365aefafdd012a3f37e05a3] 3.16-upstream-stable: sid: released (4.18.20-1) diff --git a/active/CVE-2018-3646 b/active/CVE-2018-3646 index 1473d01c..363de217 100644 --- a/active/CVE-2018-3646 +++ b/active/CVE-2018-3646 @@ -11,6 +11,7 @@ Notes: carnil> Will be adressed in 4.18.1, 4.17.15, 4.14.63, 4.9.120, and 4.4.148. Bugs: upstream: released (4.19-rc1) [781fca5b104693bc9242199cc47c690dcaf6a4cb..07d981ad4cf1e78361c6db1c28ee5ba105f96cc1] +4.19-upstream-stable: N/A "Fixed before branch point" 4.9-upstream-stable: released (4.9.120) [329d815667373e858497b5947ad0484194d8c3e2..7f5d090ffe9e7603265e7991aacec64d86cf70ab] 3.16-upstream-stable: needed sid: released (4.17.15-1) diff --git a/active/CVE-2018-3693 b/active/CVE-2018-3693 index 6476ac62..641cd876 100644 --- a/active/CVE-2018-3693 +++ b/active/CVE-2018-3693 @@ -14,6 +14,7 @@ Notes: bwh> be an ongoing process. Bugs: upstream: needed +4.19-upstream-stable: needed 4.9-upstream-stable: needed 3.16-upstream-stable: needed sid: needed diff --git a/active/CVE-2018-5391 b/active/CVE-2018-5391 index 4f24be88..35598c6e 100644 --- a/active/CVE-2018-5391 +++ b/active/CVE-2018-5391 @@ -30,6 +30,7 @@ Notes: carnil> thus CVE-2018-14641. Bugs: upstream: released (4.19-rc1) [7969e5c40dfd04799d4341f1b7cd266b6e47f227, 385114dec8a49b5e5945e77ba7de6356106713f4, fa0f527358bd900ef92f925878ed6bfbd51305cc] +4.19-upstream-stable: N/A "Fixed before branch point" 4.9-upstream-stable: released (4.9.134) [7fca77153c5c2a2c59e70720332bce7088aef8e8, 2ffb1c363dfa89858dded0b291f005faf1b72adc, bbf6d8604475f36279c7b2d9a1f425654bc24588, dae73e7d73fce8d8d5132ec3c94de16280653fc6, 1b363f81f38f28bd69ec90837da0f65161f36325, 620018dd713da51daac7ec4cd0ae54b0f0fa0f75, fb19348bd709e3f948825ed995bdc477a0414772, 23ce9c5ce704b985dad79bce944a348f0c205869, ea7496f018adcfbac5396ead5756dcabb9866749, 49106f36c253a3c4ce7cf297415826af0c4339ea, 965e2adc5850836586e0961c350b94c2092da319, 7f6170683223cb38cabaff21ecbb9a6375ad10f6, 7a87ec92d36a660820d426d8c54794c44077277f, cbc45497b39c4626adaeca2a409588f19ae19e34, 6060bcdcffaba68c3ff158a88faab6df27210ffc, 5b68fda0a455be7f48fdf97407de1aa09d046fdd, 316986fe4dcac011b4f85d9bbef1edf4953c0219, d838486621c38f084b867743a0abd0968c6cb196, 82f36cbc74595f06900f478d4eaf7217a4f06e13, f5d17b55f4be318adf3b642b50bd25e5245ecc17, 871695951ec6f6b0b1a258c9bb5336bfeffab409, a8444b1ccb20339774af58e40ad42296074fb484, 791521e2e377f66ef5ee6e5002dec758234d8d32, b475cf3bf1e8212b0287c6d15249e2c942693ae5, 10043954eadac2d8f8c1886190f7a7ee584ff939, e9e4ac488c017739b2832177550ba2569fffc709, 4077ddb2cb48ca4592d738ea37cd58c5d41754bd, 85e59af99a7f7c9bcd089f2404b405df7ee665ba, 5a0f340f5ad6a6cc6518f212802f95b669e8fe27] 3.16-upstream-stable: needed sid: released (4.17.15-1) [bugfix/all/Revert-net-increase-fragment-memory-usage-limits.patch] diff --git a/active/CVE-2018-5848 b/active/CVE-2018-5848 index 899ad542..cc3e80f0 100644 --- a/active/CVE-2018-5848 +++ b/active/CVE-2018-5848 @@ -7,6 +7,7 @@ References: Notes: Bugs: upstream: released (4.16-rc1) [b5a8ffcae4103a9d823ea3aa3a761f65779fbe2a] +4.19-upstream-stable: N/A "Fixed before branch point" 4.9-upstream-stable: released (4.9.144) [35db4d1ed8a344899a87887fa7bf11be5b057bec] 3.16-upstream-stable: released (3.16.62) [921c1539170bf690cad59b3dbebf7d46843d28e2] sid: released (4.16.5-1) diff --git a/active/CVE-2018-5953 b/active/CVE-2018-5953 index 8f2c943d..4c599f0f 100644 --- a/active/CVE-2018-5953 +++ b/active/CVE-2018-5953 @@ -8,6 +8,7 @@ Notes: bwh> be possible. Bugs: upstream: released (4.15-rc2) [ad67b74d2469d9b82aaa572d76474c95bc484d57] +4.19-upstream-stable: N/A "Fixed before branch point" 4.9-upstream-stable: needed 3.16-upstream-stable: needed sid: released (4.15.4-1) diff --git a/active/CVE-2018-5995 b/active/CVE-2018-5995 index e5ee9669..633ccce8 100644 --- a/active/CVE-2018-5995 +++ b/active/CVE-2018-5995 @@ -8,6 +8,7 @@ Notes: bwh> be possible. Bugs: upstream: released (4.15-rc2) [ad67b74d2469d9b82aaa572d76474c95bc484d57] +4.19-upstream-stable: N/A "Fixed before branch point" 4.9-upstream-stable: needed 3.16-upstream-stable: needed sid: released (4.15.4-1) diff --git a/active/CVE-2018-7273 b/active/CVE-2018-7273 index 6739a71f..d1a0f5b7 100644 --- a/active/CVE-2018-7273 +++ b/active/CVE-2018-7273 @@ -6,6 +6,7 @@ Notes: bwh> this needs to be specifically addressed upstream. Bugs: upstream: released (4.15-rc2) [ad67b74d2469d9b82aaa572d76474c95bc484d57] +4.19-upstream-stable: N/A "Fixed before branch point" 4.9-upstream-stable: needed 3.16-upstream-stable: needed 3.2-upstream-stable: ignored "Minor issue" diff --git a/active/CVE-2018-9517 b/active/CVE-2018-9517 index 745574a6..940633a7 100644 --- a/active/CVE-2018-9517 +++ b/active/CVE-2018-9517 @@ -8,6 +8,7 @@ Notes: bwh> sorted out. Bugs: upstream: released (v4.14-rc1) [f026bc29a8e093edfbb2a77700454b285c97e8ad] +4.19-upstream-stable: N/A "Fixed before branch point" 4.9-upstream-stable: needed 3.16-upstream-stable: released (3.16.51) [0b3ca265e81f5e1d9f7f66ad416cbabecca914cf] sid: released (4.14.2-1) |