diff options
| author | Salvatore Bonaccorso <carnil@debian.org> | 2021-10-09 07:42:20 +0000 |
|---|---|---|
| committer | Salvatore Bonaccorso <carnil@debian.org> | 2021-10-09 07:42:20 +0000 |
| commit | f938e2d3183e17467d915f4f68659da593a85017 (patch) | |
| tree | f51bec3843765c08218d4a9ec3e69b0e17cb6cd3 | |
| parent | 808ae35542afffd1f4580141568cbb1f3f5f154b (diff) | |
| parent | 2140336670dad1959d2e0542125ba4a883e8a7fe (diff) | |
Merge branch 'carnil/buster-pu-10.11-bullseye-pu-11.1' into 'master'
Track CVE fixes released for buster-pu (10.11) and bullseye-pu (11.1)
See merge request kernel-team/kernel-sec!9
| -rw-r--r-- | active/CVE-2020-16119 | 2 | ||||
| -rw-r--r-- | active/CVE-2020-26541 | 2 | ||||
| -rw-r--r-- | active/CVE-2020-3702 | 2 | ||||
| -rw-r--r-- | active/CVE-2021-22543 | 2 | ||||
| -rw-r--r-- | active/CVE-2021-33624 | 2 | ||||
| -rw-r--r-- | active/CVE-2021-3444 | 2 | ||||
| -rw-r--r-- | active/CVE-2021-34556 | 2 | ||||
| -rw-r--r-- | active/CVE-2021-35039 | 4 | ||||
| -rw-r--r-- | active/CVE-2021-35477 | 2 | ||||
| -rw-r--r-- | active/CVE-2021-3600 | 2 | ||||
| -rw-r--r-- | active/CVE-2021-3612 | 2 | ||||
| -rw-r--r-- | active/CVE-2021-3653 | 2 | ||||
| -rw-r--r-- | active/CVE-2021-3655 | 2 | ||||
| -rw-r--r-- | active/CVE-2021-3656 | 2 | ||||
| -rw-r--r-- | active/CVE-2021-3679 | 2 | ||||
| -rw-r--r-- | active/CVE-2021-37159 | 4 | ||||
| -rw-r--r-- | active/CVE-2021-3732 | 2 | ||||
| -rw-r--r-- | active/CVE-2021-3743 | 2 | ||||
| -rw-r--r-- | active/CVE-2021-3753 | 2 | ||||
| -rw-r--r-- | active/CVE-2021-37576 | 2 | ||||
| -rw-r--r-- | active/CVE-2021-38160 | 2 | ||||
| -rw-r--r-- | active/CVE-2021-38198 | 2 | ||||
| -rw-r--r-- | active/CVE-2021-38199 | 2 | ||||
| -rw-r--r-- | active/CVE-2021-38204 | 4 | ||||
| -rw-r--r-- | active/CVE-2021-38205 | 4 | ||||
| -rw-r--r-- | active/CVE-2021-38300 | 2 | ||||
| -rw-r--r-- | active/CVE-2021-40490 | 2 | ||||
| -rw-r--r-- | active/CVE-2021-42008 | 4 |
28 files changed, 33 insertions, 33 deletions
diff --git a/active/CVE-2020-16119 b/active/CVE-2020-16119 index a6247dba..78a189e3 100644 --- a/active/CVE-2020-16119 +++ b/active/CVE-2020-16119 @@ -13,5 +13,5 @@ upstream: released (5.15-rc2) [d9ea761fdd197351890418acd462c51f241014a7] 4.9-upstream-stable: released (4.9.283) [40ea36ffa7207456c3f155bbab76754d3f37ce04] sid: released (5.14.6-1) [bugfix/all/dccp-don-t-duplicate-ccid-when-cloning-dccp-sock.patch] 5.10-bullseye-security: released (5.10.46-5) [bugfix/all/dccp-don-t-duplicate-ccid-when-cloning-dccp-sock.patch] -4.19-buster-security: needed +4.19-buster-security: released (4.19.208-1) 4.9-stretch-security: pending (4.9.284-1) diff --git a/active/CVE-2020-26541 b/active/CVE-2020-26541 index e07db3da..562bd3a1 100644 --- a/active/CVE-2020-26541 +++ b/active/CVE-2020-26541 @@ -14,6 +14,6 @@ upstream: released (5.13-rc1) [56c5812623f95313f6a46fbf0beee7fa17c68bbf] 4.19-upstream-stable: N/A "Secure Boot key import not supported" 4.9-upstream-stable: N/A "Secure Boot key import not supported" sid: released (5.14.6-1) -5.10-bullseye-security: needed +5.10-bullseye-security: released (5.10.70-1) 4.19-buster-security: needed 4.9-stretch-security: N/A "Secure Boot key import not supported" diff --git a/active/CVE-2020-3702 b/active/CVE-2020-3702 index 72143bcb..f6ef3f9f 100644 --- a/active/CVE-2020-3702 +++ b/active/CVE-2020-3702 @@ -11,5 +11,5 @@ upstream: released (5.12-rc1) [56c5485c9e444c2e85e11694b6c44f1338fc20fd, 73488cb 4.9-upstream-stable: released (4.9.283) [ea3f7df20fc8e0b82ec0e065b0b0d38e55fd7775, 74adc24d162e67d8862edaf701de620f36f98215, d7d4c3c60342deba706fd76ef09d8af68b9a64d8, 13c51682b07a5db4d9efb514e700407c6da22ff9, 7afed8faf42d8358a165ba554891085e10b1f7a0] sid: released (5.14.6-1) 5.10-bullseye-security: released (5.10.46-5) [bugfix/all/ath-Use-safer-key-clearing-with-key-cache-entries.patch, bugfix/all/ath9k-Clear-key-cache-explicitly-on-disabling-hardwa.patch, bugfix/all/ath-Export-ath_hw_keysetmac.patch, bugfix/ath-Modify-ath_key_delete-to-not-need-full-key-entry.patch, bugfix/all/ath9k-Postpone-key-cache-entry-deletion-for-TXQ-fram.patch] -4.19-buster-security: needed +4.19-buster-security: released (4.19.208-1) 4.9-stretch-security: pending (4.9.284-1) diff --git a/active/CVE-2021-22543 b/active/CVE-2021-22543 index 3c7f043b..5adec202 100644 --- a/active/CVE-2021-22543 +++ b/active/CVE-2021-22543 @@ -10,5 +10,5 @@ upstream: released (5.13) [f8be156be163a052a067306417cd0ff679068c97] 4.9-upstream-stable: needed sid: released (5.10.46-2) [bugfix/all/KVM-do-not-allow-mapping-valid-but-non-reference-cou.patch] 5.10-bullseye-security: N/A "Fixed before branching point" -4.19-buster-security: needed +4.19-buster-security: released (4.19.208-1) 4.9-stretch-security: needed diff --git a/active/CVE-2021-33624 b/active/CVE-2021-33624 index 8d18f691..0cbf2373 100644 --- a/active/CVE-2021-33624 +++ b/active/CVE-2021-33624 @@ -13,5 +13,5 @@ upstream: released (5.13-rc7) [d203b0fd863a2261e5d00b97f3d060c4c2a6db71, fe9a5ca 4.9-upstream-stable: needed sid: released (5.10.46-1) 5.10-bullseye-security: N/A "Fixed before branching point" -4.19-buster-security: needed +4.19-buster-security: released (4.19.208-1) 4.9-stretch-security: needed diff --git a/active/CVE-2021-3444 b/active/CVE-2021-3444 index 032da589..1ad266f1 100644 --- a/active/CVE-2021-3444 +++ b/active/CVE-2021-3444 @@ -19,5 +19,5 @@ upstream: released (5.12-rc1) [9b00f1b78809309163dda2d044d9e94a3c0248a3] 4.9-upstream-stable: N/A "Vulnerable code introduced later" sid: released (5.10.19-1) 5.10-bullseye-security: N/A "Fixed before branching point" -4.19-buster-security: needed +4.19-buster-security: released (4.19.208-1) 4.9-stretch-security: N/A "Vulnerable code introduced later" diff --git a/active/CVE-2021-34556 b/active/CVE-2021-34556 index c38ddf00..7945edc4 100644 --- a/active/CVE-2021-34556 +++ b/active/CVE-2021-34556 @@ -10,5 +10,5 @@ upstream: released (5.14-rc4) [f5e81d1117501546b7be050c5fbafa6efd2c722c, 2039f26 4.9-upstream-stable: needed sid: released (5.10.46-4) [bugfix/all/bpf-introduce-bpf-nospec-instruction-for-mitigating-.patch, bugfix/all/bpf-fix-leakage-due-to-insufficient-speculative-stor.patch] 5.10-bullseye-security: N/A "Fixed before branching point" -4.19-buster-security: needed +4.19-buster-security: released (4.19.208-1) 4.9-stretch-security: needed diff --git a/active/CVE-2021-35039 b/active/CVE-2021-35039 index 3ea8594c..8baafa96 100644 --- a/active/CVE-2021-35039 +++ b/active/CVE-2021-35039 @@ -11,6 +11,6 @@ upstream: released (5.13) [0c18f29aae7ce3dadd26d8ee3505d07cc982df75] 4.19-upstream-stable: released (4.19.196) [ff660863628fb144badcb3395cde7821c82c13a6] 4.9-upstream-stable: N/A "Vulnerable code introduced later" sid: released (5.14.6-1) -5.10-bullseye-security: needed -4.19-buster-security: needed +5.10-bullseye-security: released (5.10.70-1) +4.19-buster-security: released (4.19.208-1) 4.9-stretch-security: N/A "Vulnerable code introduced later" diff --git a/active/CVE-2021-35477 b/active/CVE-2021-35477 index c38ddf00..7945edc4 100644 --- a/active/CVE-2021-35477 +++ b/active/CVE-2021-35477 @@ -10,5 +10,5 @@ upstream: released (5.14-rc4) [f5e81d1117501546b7be050c5fbafa6efd2c722c, 2039f26 4.9-upstream-stable: needed sid: released (5.10.46-4) [bugfix/all/bpf-introduce-bpf-nospec-instruction-for-mitigating-.patch, bugfix/all/bpf-fix-leakage-due-to-insufficient-speculative-stor.patch] 5.10-bullseye-security: N/A "Fixed before branching point" -4.19-buster-security: needed +4.19-buster-security: released (4.19.208-1) 4.9-stretch-security: needed diff --git a/active/CVE-2021-3600 b/active/CVE-2021-3600 index fdc21213..0fd38bbe 100644 --- a/active/CVE-2021-3600 +++ b/active/CVE-2021-3600 @@ -13,5 +13,5 @@ upstream: released (5.11) [e88b2c6e5a4d9ce30d75391e4d950da74bb2bd90] 4.9-upstream-stable: needed sid: released (5.10.19-1) 5.10-bullseye-security: N/A "Fixed before branching point" -4.19-buster-security: needed +4.19-buster-security: released (4.19.208-1) 4.9-stretch-security: needed diff --git a/active/CVE-2021-3612 b/active/CVE-2021-3612 index 1383a36d..801c7ea2 100644 --- a/active/CVE-2021-3612 +++ b/active/CVE-2021-3612 @@ -15,5 +15,5 @@ upstream: released (5.14-rc1) [f8f84af5da9ee04ef1d271528656dac42a090d00] 4.9-upstream-stable: released (4.9.276) [f3673f6f63db2aa08c35e707a2fdcbcc6590c391] sid: released (5.10.46-3) [bugfix/all/Input-joydev-prevent-use-of-not-validated-data-in-JS.patch] 5.10-bullseye-security: N/A "Fixed before branching point" -4.19-buster-security: needed +4.19-buster-security: released (4.19.208-1) 4.9-stretch-security: pending (4.9.284-1) diff --git a/active/CVE-2021-3653 b/active/CVE-2021-3653 index b42e589b..f69f1fa4 100644 --- a/active/CVE-2021-3653 +++ b/active/CVE-2021-3653 @@ -9,5 +9,5 @@ upstream: released (5.14-rc7) [0f923e07124df069ba68d8bb12324398f4b6b709] 4.9-upstream-stable: released (4.9.281) [29c4f674715ba8fe7a391473313e8c71f98799c4] sid: released (5.14.6-1) 5.10-bullseye-security: released (5.10.46-5) [bugfix/x86/KVM-nSVM-avoid-picking-up-unsupported-bits-from-L2-i.patch] -4.19-buster-security: needed +4.19-buster-security: released (4.19.208-1) 4.9-stretch-security: pending (4.9.284-1) diff --git a/active/CVE-2021-3655 b/active/CVE-2021-3655 index cd84fd7e..d5d59478 100644 --- a/active/CVE-2021-3655 +++ b/active/CVE-2021-3655 @@ -10,5 +10,5 @@ upstream: released (5.14-rc1) [0c5dc070ff3d6246d22ddd931f23a6266249e3db, 50619db 4.9-upstream-stable: released (4.9.276) [c7da1d1ed43a6c2bece0d287e2415adf2868697e], released (4.9.284) [92e7bca98452aa760713016a434aa7edfc09fb13, 6b5361868870e9a097745446798aa10ee92c159c, 4d2de0d232ee386fceacf7cdb20a6398c3c0854b] sid: released (5.10.46-3) [bugfix/all/sctp-validate-from_addr_param-return.patch, bugfix/all/sctp-add-size-validation-when-walking-chunks.patch] 5.10-bullseye-security: N/A "Fixed before branching point" -4.19-buster-security: needed +4.19-buster-security: released (4.19.208-1) 4.9-stretch-security: pending (4.9.284-1) diff --git a/active/CVE-2021-3656 b/active/CVE-2021-3656 index c02de2f2..f34d6a03 100644 --- a/active/CVE-2021-3656 +++ b/active/CVE-2021-3656 @@ -11,5 +11,5 @@ upstream: released (5.14-rc7) [c7dfa4009965a9b2d7b329ee970eb8da0d32f0bc] 4.9-upstream-stable: N/A "Vulnerable code not present" sid: released (5.14.6-1) 5.10-bullseye-security: released (5.10.46-5) [bugfix/x86/KVM-nSVM-always-intercept-VMLOAD-VMSAVE-when-nested-.patch] -4.19-buster-security: needed +4.19-buster-security: released (4.19.208-1) 4.9-stretch-security: N/A "Vulnerable code not present" diff --git a/active/CVE-2021-3679 b/active/CVE-2021-3679 index 8709619c..f26e32de 100644 --- a/active/CVE-2021-3679 +++ b/active/CVE-2021-3679 @@ -9,5 +9,5 @@ upstream: released (5.14-rc3) [67f0d6d9883c13174669f88adac4f0ee656cc16a] 4.9-upstream-stable: released (4.9.277) [7db12bae1a239d872d17e128fd5271da789bf99c] sid: released (5.14.6-1) 5.10-bullseye-security: released (5.10.46-5) [bugfix/all/tracing-Fix-bug-in-rb_per_cpu_empty-that-might-cause.patch] -4.19-buster-security: needed +4.19-buster-security: released (4.19.208-1) 4.9-stretch-security: pending (4.9.284-1) diff --git a/active/CVE-2021-37159 b/active/CVE-2021-37159 index 3bf419cd..114f7bd4 100644 --- a/active/CVE-2021-37159 +++ b/active/CVE-2021-37159 @@ -20,6 +20,6 @@ upstream: released (5.14-rc3) [a6ecfb39ba9d7316057cea823b196b734f6b18ca] 4.19-upstream-stable: released (4.19.209) [f6cf22a1ef49f8e131f99c3f5fd80ab6b23a2d21] 4.9-upstream-stable: needed sid: released (5.14.6-1) -5.10-bullseye-security: needed -4.19-buster-security: needed +5.10-bullseye-security: released (5.10.70-1) +4.19-buster-security: released (4.19.208-1) [bugfix/all/usb-hso-fix-error-handling-code-of-hso_create_net_de.patch] 4.9-stretch-security: needed diff --git a/active/CVE-2021-3732 b/active/CVE-2021-3732 index 8b95380d..e66ae0cf 100644 --- a/active/CVE-2021-3732 +++ b/active/CVE-2021-3732 @@ -9,5 +9,5 @@ upstream: released (5.14-rc6) [427215d85e8d1476da1a86b8d67aceb485eb3631] 4.9-upstream-stable: released (4.9.280) [e3eee87c846dc47f6d8eb6d85e7271f24122a279] sid: released (5.14.6-1) 5.10-bullseye-security: released (5.10.46-5) [bugfix/all/ovl-prevent-private-clone-if-bind-mount-is-not-allow.patch] -4.19-buster-security: needed +4.19-buster-security: released (4.19.208-1) 4.9-stretch-security: pending (4.9.284-1) diff --git a/active/CVE-2021-3743 b/active/CVE-2021-3743 index cee60251..bd57394d 100644 --- a/active/CVE-2021-3743 +++ b/active/CVE-2021-3743 @@ -12,5 +12,5 @@ upstream: released (5.14) [7e78c597c3ebfd0cb329aa09a838734147e4f117] 4.9-upstream-stable: N/A "Vulnerability introduced later" sid: released (5.14.6-1) 5.10-bullseye-security: released (5.10.46-5) [bugfix/all/net-qrtr-fix-another-OOB-Read-in-qrtr_endpoint_post.patch] -4.19-buster-security: needed +4.19-buster-security: released (4.19.208-1) 4.9-stretch-security: N/A "Vulnerability introduced later" diff --git a/active/CVE-2021-3753 b/active/CVE-2021-3753 index 0add411a..0881fa19 100644 --- a/active/CVE-2021-3753 +++ b/active/CVE-2021-3753 @@ -9,5 +9,5 @@ upstream: released (5.15-rc1) [2287a51ba822384834dafc1c798453375d1107c7] 4.9-upstream-stable: released (4.9.282) [755a2f40dda2d6b2e3b8624cb052e68947ee4d1f] sid: released (5.14.6-1) 5.10-bullseye-security: released (5.10.46-5) [bugfix/all/vt_kdsetmode-extend-console-locking.patch] -4.19-buster-security: needed +4.19-buster-security: released (4.19.208-1) 4.9-stretch-security: pending (4.9.284-1) diff --git a/active/CVE-2021-37576 b/active/CVE-2021-37576 index 22a0e9e6..84191c26 100644 --- a/active/CVE-2021-37576 +++ b/active/CVE-2021-37576 @@ -10,5 +10,5 @@ upstream: released (5.14-rc3) [f62f3c20647ebd5fb6ecb8f0b477b9281c44c10a] 4.9-upstream-stable: released (4.9.277) [8c46b4b2749c4b3b7e602403addc32ec2b48baed] sid: released (5.14.6-1) 5.10-bullseye-security: released (5.10.46-5) [bugfix/powerpc/KVM-PPC-Book3S-Fix-H_RTAS-rets-buffer-overflow.patch] -4.19-buster-security: needed +4.19-buster-security: released (4.19.208-1) 4.9-stretch-security: ignored "powerpc not supported in LTS" diff --git a/active/CVE-2021-38160 b/active/CVE-2021-38160 index 23059d92..8eb8a7a6 100644 --- a/active/CVE-2021-38160 +++ b/active/CVE-2021-38160 @@ -8,5 +8,5 @@ upstream: released (5.14-rc1) [d00d8da5869a2608e97cfede094dfc5e11462a46] 4.9-upstream-stable: released (4.9.276) [9e2b8368b2079437c6840f3303cb0b7bc9b896ee] sid: released (5.14.6-1) 5.10-bullseye-security: released (5.10.46-5) [bugfix/all/virtio_console-Assure-used-length-from-device-is-lim.patch] -4.19-buster-security: needed +4.19-buster-security: released (4.19.208-1) 4.9-stretch-security: pending (4.9.284-1) diff --git a/active/CVE-2021-38198 b/active/CVE-2021-38198 index d2453502..8861f771 100644 --- a/active/CVE-2021-38198 +++ b/active/CVE-2021-38198 @@ -8,5 +8,5 @@ upstream: released (5.13-rc6) [b1bd5cba3306691c771d558e94baa73e8b0b96b7] 4.9-upstream-stable: needed sid: released (5.10.46-1) 5.10-bullseye-security: N/A "Fixed before branching point" -4.19-buster-security: needed +4.19-buster-security: released (4.19.208-1) 4.9-stretch-security: needed diff --git a/active/CVE-2021-38199 b/active/CVE-2021-38199 index 1c07a7df..24152b54 100644 --- a/active/CVE-2021-38199 +++ b/active/CVE-2021-38199 @@ -8,5 +8,5 @@ upstream: released (5.14-rc1) [dd99e9f98fbf423ff6d365b37a98e8879170f17c] 4.9-upstream-stable: needed sid: released (5.14.6-1) 5.10-bullseye-security: released (5.10.46-5) [bugfix/all/NFSv4-Initialise-connection-to-the-server-in-nfs4_al.patch] -4.19-buster-security: needed +4.19-buster-security: released (4.19.208-1) 4.9-stretch-security: needed diff --git a/active/CVE-2021-38204 b/active/CVE-2021-38204 index d47fcdf3..383c4131 100644 --- a/active/CVE-2021-38204 +++ b/active/CVE-2021-38204 @@ -8,6 +8,6 @@ upstream: released (5.14-rc3) [b5fdf5c6e6bee35837e160c00ac89327bdad031b] 4.19-upstream-stable: released (4.19.199) [51fc12f4d37622fa0c481604833f98f11b1cac4f] 4.9-upstream-stable: released (4.9.277) [ae3209b9fb086661ec1de4d8f4f0b951b272bbcd] sid: released (5.14.6-1) -5.10-bullseye-security: needed -4.19-buster-security: needed +5.10-bullseye-security: released (5.10.70-1) +4.19-buster-security: released (4.19.208-1) 4.9-stretch-security: pending (4.9.284-1) diff --git a/active/CVE-2021-38205 b/active/CVE-2021-38205 index e400f131..76cbf09b 100644 --- a/active/CVE-2021-38205 +++ b/active/CVE-2021-38205 @@ -8,6 +8,6 @@ upstream: released (5.14-rc1) [d0d62baa7f505bd4c59cd169692ff07ec49dde37] 4.19-upstream-stable: released (4.19.204) [9322401477a6d1f9de8f18e5d6eb43a68e0b113a] 4.9-upstream-stable: released (4.9.280) [ffdc1e312e2074875147c1df90764a9bae56f11f] sid: released (5.14.6-1) -5.10-bullseye-security: needed -4.19-buster-security: needed +5.10-bullseye-security: released (5.10.70-1) +4.19-buster-security: released (4.19.208-1) 4.9-stretch-security: pending (4.9.284-1) diff --git a/active/CVE-2021-38300 b/active/CVE-2021-38300 index 56c20225..a8ed9fbf 100644 --- a/active/CVE-2021-38300 +++ b/active/CVE-2021-38300 @@ -11,6 +11,6 @@ upstream: released (5.15-rc4) [37cb28ec7d3a36a5bace7063a3dba633ab110f8b] 4.19-upstream-stable: needed 4.9-upstream-stable: needed sid: released (5.14.6-1) [bugfix/mipsel/bpf-mips-Validate-conditional-branch-offsets.patch] -5.10-bullseye-security: needed +5.10-bullseye-security: released (5.10.70-1) [bugfix/mipsel/bpf-mips-Validate-conditional-branch-offsets.patch] 4.19-buster-security: needed 4.9-stretch-security: ignored "mips not supported in LTS" diff --git a/active/CVE-2021-40490 b/active/CVE-2021-40490 index b1c85539..49f03352 100644 --- a/active/CVE-2021-40490 +++ b/active/CVE-2021-40490 @@ -10,5 +10,5 @@ upstream: released (5.15-rc1) [a54c4613dac1500b40e4ab55199f7c51f028e848] 4.9-upstream-stable: released (4.9.283) [7067b09fe587cbd47544a3047a40c64e4d636fff] sid: released (5.14.6-1) 5.10-bullseye-security: released (5.10.46-5) [bugfix/all/ext4-fix-race-writing-to-an-inline_data-file-while-i.patch] -4.19-buster-security: needed +4.19-buster-security: released (4.19.208-1) 4.9-stretch-security: pending (4.9.284-1) diff --git a/active/CVE-2021-42008 b/active/CVE-2021-42008 index 544ee029..c6f2cfed 100644 --- a/active/CVE-2021-42008 +++ b/active/CVE-2021-42008 @@ -7,6 +7,6 @@ upstream: released (5.14-rc7) [19d1532a187669ce86d5a2696eb7275310070793] 4.19-upstream-stable: released (4.19.205) [4e370cc081a78ee23528311ca58fd98a06768ec7] 4.9-upstream-stable: released (4.9.281) [de9171c1d9a5c2c4c5ec5e64f420681f178152fa] sid: released (5.14.6-1) -5.10-bullseye-security: needed -4.19-buster-security: needed +5.10-bullseye-security: released (5.10.70-1) +4.19-buster-security: released (4.19.208-1) 4.9-stretch-security: needed |