diff options
| author | Salvatore Bonaccorso <carnil@debian.org> | 2021-11-02 20:31:14 +0100 |
|---|---|---|
| committer | Salvatore Bonaccorso <carnil@debian.org> | 2021-11-02 20:31:14 +0100 |
| commit | 9603fb3d6ff81ea1839d543dc544b7bfee3f825c (patch) | |
| tree | d5251b603e3de0d810b0bdc2b80798b52f1b147f | |
| parent | 3e2a2fef09a762835da588eab6166198b57e558f (diff) | |
Track fixes in 5.10.77, 4.19.215 and 4.9.289
| -rw-r--r-- | active/CVE-2021-20322 | 2 | ||||
| -rw-r--r-- | active/CVE-2021-3772 | 7 | ||||
| -rw-r--r-- | active/CVE-2021-42327 | 3 |
3 files changed, 7 insertions, 5 deletions
diff --git a/active/CVE-2021-20322 b/active/CVE-2021-20322 index 913ba4be9..3b39a9694 100644 --- a/active/CVE-2021-20322 +++ b/active/CVE-2021-20322 @@ -19,7 +19,7 @@ Notes: Bugs: upstream: released (5.14) [4785305c05b25a242e5314cc821f54ade4c18810, 6457378fe796815c973f631a1904e147d6ee33b1], released (5.15-rc1) [a00df2caffed3883c341d5685f830434312e4a43, 67d6d681e15b578c1725bad8ad079e05d1c48a8e] 5.10-upstream-stable: released (5.10.62) ]dced8347a727528b388f04820f48166f1e651af6, beefd5f0c63a31a83bc5a99e6888af884745684b], released (5.10.65) [8692f0bb29927d13a871b198adff1d336a8d2d00, 5867e20e1808acd0c832ddea2587e5ee49813874] -4.19-upstream-stable: released (4.19.207) [3e6bd2b583f18da9856fc9741ffa200a74a52cba] +4.19-upstream-stable: released (4.19.207) [3e6bd2b583f18da9856fc9741ffa200a74a52cba], released (4.19.215) [6e2856767eb1a9cfcfcd82136928037f04920e97, ad829847ad59af8e26a1f1c345716099abbc7a58, c6d0d68d6da68159948cad3d808d61bb291a0283] 4.9-upstream-stable: released (4.9.283) [f10ce783bcc4d8ea454563a7d56ae781640e7dcb] sid: released (5.14.6-1) 5.10-bullseye-security: released (5.10.70-1) diff --git a/active/CVE-2021-3772 b/active/CVE-2021-3772 index a98a2f942..e3db7125b 100644 --- a/active/CVE-2021-3772 +++ b/active/CVE-2021-3772 @@ -2,11 +2,12 @@ Description: Invalid chunks may be used to remotely remove existing associations References: https://bugzilla.redhat.com/show_bug.cgi?id=2000694 Notes: + carnil> Fixed as well in 5.14.16 for 5.14.y series. Bugs: upstream: released (5.15) [4f7019c7eb33967eb87766e0e4602b5576873680, eae5783908042a762c24e1bd11876edb91d314b1, 438b95a7c98f77d51cbf4db021f41b602d750a3f, a64b341b8695e1c744dd972b39868371b4f68f83, aa0f697e45286a6b5f0ceca9418acf54b9099d99, ef16b1734f0a176277b7bb9c71a6d977a6ef3998, 9d02831e517aa36ee6bdb453a0eb47bd49923fe3] -5.10-upstream-stable: needed -4.19-upstream-stable: needed -4.9-upstream-stable: needed +5.10-upstream-stable: released (5.10.77) [ad111d4435d85fd3eeb2c09692030d89f8862401, 8c50693d25e4ab6873b32bc3cea23b382a94d05f, dad2486414b5c81697aa5a24383fbb65fad13cae, 14c1e02b11c2233343573aff90766ef8472f27e7, c2442f721972ea7c317fbfd55c902616b3151ad5, a7112b8eeb14b3db21bc96abc79ca7525d77e129] +4.19-upstream-stable: released (4.19.215) [1f52dfacca7bb315d89f5ece5660b0337809798e, 86044244fc6f9eaec0070cb668e0d500de22dbba, 7bf2f6a30d1851c530ad5e4ee7e5c45fb6be0128, d9a4f990aab48dd5c134a9e76c7b651d404b05d3, 1ff3c379248ea579aa122d4ca245028e4bc9af23] +4.9-upstream-stable: released (4.9.289) [42ce7a69f8140783bab908dc29a93c0bcda315d5, 16d0bfb045abf587c72d46dfea56c20c4aeda927] sid: needed 5.10-bullseye-security: needed 4.19-buster-security: needed diff --git a/active/CVE-2021-42327 b/active/CVE-2021-42327 index 7d41ecd27..2311a52b5 100644 --- a/active/CVE-2021-42327 +++ b/active/CVE-2021-42327 @@ -10,9 +10,10 @@ Notes: carnil> Not directly covered by CVE-2021-42327, but 3f4e54bd312d carnil> ("drm/amdgpu: Fix even more out of bound writes from debugfs") carnil> should then be applied as well. + carnil> Fixed as well in 5.14.16 for the 5.14.y series. Bugs: upstream: released (5.15) [5afa7898ab7a0ec9c28556a91df714bf3c2f725e] -5.10-upstream-stable: needed +5.10-upstream-stable: released (5.10.77) [eb3b6805e3e9d98b2507201fd061a231988ce623] 4.19-upstream-stable: N/A "Vulnerability introduced later" 4.9-upstream-stable: N/A "Vulnerability introduced later" sid: needed |