diff options
author | Salvatore Bonaccorso <carnil@debian.org> | 2018-07-14 16:17:43 +0200 |
---|---|---|
committer | Salvatore Bonaccorso <carnil@debian.org> | 2018-07-14 16:17:43 +0200 |
commit | 75e31d6511c043ea84ab413b0a595d860367cd89 (patch) | |
tree | 777571a45e5fdba0861b3c734d6ac554b706357a /retired | |
parent | 81f63b8fb3fdb033e956a9c74843a43c1edc2faf (diff) |
Retire several CVEs
Diffstat (limited to 'retired')
-rw-r--r-- | retired/CVE-2017-5715 | 35 | ||||
-rw-r--r-- | retired/CVE-2017-5753 | 20 | ||||
-rw-r--r-- | retired/CVE-2018-10840 | 13 | ||||
-rw-r--r-- | retired/CVE-2018-1093 | 20 | ||||
-rw-r--r-- | retired/CVE-2018-10940 | 12 | ||||
-rw-r--r-- | retired/CVE-2018-1118 | 16 | ||||
-rw-r--r-- | retired/CVE-2018-1130 | 14 | ||||
-rw-r--r-- | retired/CVE-2018-11412 | 19 | ||||
-rw-r--r-- | retired/CVE-2018-12232 | 14 | ||||
-rw-r--r-- | retired/CVE-2018-12633 | 13 | ||||
-rw-r--r-- | retired/CVE-2018-6412 | 14 | ||||
-rw-r--r-- | retired/CVE-2018-9415 | 19 |
12 files changed, 209 insertions, 0 deletions
diff --git a/retired/CVE-2017-5715 b/retired/CVE-2017-5715 new file mode 100644 index 00000000..4d7687ab --- /dev/null +++ b/retired/CVE-2017-5715 @@ -0,0 +1,35 @@ +Description: Branch target injection +References: + https://spectreattack.com/ + https://lkml.org/lkml/2018/1/4/955 +Notes: + carnil> partial mitigations via 0cb5b30698fdc8f6b4646012e3acb4ddce430788 + carnil> "kvm: vmx: Scrub hardware GPRs at VM-exit" in 4.15-rc7 + carnil> Initial support for mitigation work for Spectre variant 2 + carnil> (indirect branch speculation) vulnerability included in + carnil> 4.15-rc8, 4.14.14-rc1, 4.9.77-rc1. + carnil> Mark the entries which included initial retpoline support + carnil> to mitigate Spectre v2 as the 'fixed' ones. Still work on + carnil> microcode and/or gcc is needed to be effective. + carnil> Unclear if we should as well mark it as pending for the + carnil> Debian branches, so not yet added a marking for the sid + carnil> branch accordingly. + carnil> 4.14.17-1 upload enforces a dependency on the used compiler + carnil> with retpoline support. + carnil> 4.9.82-1+deb9u1 upload enforces a dependency on the used + carnil> compiler with retpoline support. + bwh> The list of upstream commits and the status below are for x86 only. + bwh> For arm64, we would probably need: be04a6d1126b02c6a28741155b899d648739fc5b, 0f15adbb2861ce6f75ccfc5a92b19eae0ef327d0, f3d795d9b360523beca6d13ba64c2c532f601149 + bwh> For s390x, we would probably need: d768bd892fc8f066cd3aa000eb1867bcf32db0ee, f19fbd5ed642dc31c809596412dab1ed56f2f156 + bwh> 3.2.101 and 3.16.56 stable updates included retpoline support. + bwh> Microcode-based support is pending for 3.16 but I won't try + bwh> backporting it to 3.2. +Bugs: +upstream: released (4.16-rc4) [99c6fa2511d8a683e61468be91b83f85452115fa, 87590ce6e373d1a5401f6539f0c59ef92dd924a9, 61dc0f555b5c761cdafb0ba5bd41ecf22d68a4c4, e4d0e84e490790798691aaa0f2e598637f1867ec, 39b735332cb8b33a27c28592d969e4016c86c3ea, 258c76059cece01bebae098e81bacb1af2edad17, 76b043848fd22dbf7f8bf3a1452f8c70d557b860, da285121560e769cc31797bba6422eea71d473e0, 9697fa39efd3fc3692f2949d4045f393ec58450b, 2641f08bb7fc63a636a2b18173221d7040a3512e, 9351803bd803cdbeb9b5a7850b7b6f464806e3db, e70e5892b28c18f517f29ab6e83bd57705104b31, ea08816d5b185ab3d09e95e393f265af54560350, 5096732f6f695001fa2d6f1335a2680b37912c69, 7614e913db1f40fff819b36216484dc3808995d4, 117cc7a908c83697b0b737d15ae1eb5943afe35b, b8b9ce4b5aec8de9e23cabb0a26b78641f9ab1d6, c995efd5a740d9cbafbf58bde4973e8b50b4d761, 28d437d550e1e39f805d99f9f8ac399c778827b7, 6f41c34d69eb005e7848716bbcafc979b35037d5, 736e80a4213e9bbce40a7c050337047128b472ac, 3f7d875566d8e79c5e0b2c9a413e91b2c29e0854, 1a29b5b7f347a1a9230c1e0af5b37e3e571588ab, c940a3fb1e2e9b7d03228ab28f375fb5a47ff699, caf7501a1b4ec964190f31f9c3f163de252273b8, 95ca0ee8636059ea2800dfbac9ecac6212d6b38f, fc67dd70adb711a45d2ef34e12d1a8be75edde61, 5d10cbc91d9eb5537998b65608441b592eec65e7, 1e340c60d0dd3ae07b5bedc16a0469c14b9f3410, a5b2966364538a0e68c9fa29bc0a3a1651799035, 20ffa1caecca4db8f79fe665acdeaa5af815a24d, 7a32fc51ca938e67974cbb9db31e1a43f98345a9, 55fa19d3e51f33d9cd4056d25836d93abf9438db, de3a0021a60635de96aa92713c1a31a96747d72c, f21f165ef922c2146cc5bdc620f542953c41714b, e383095c7fe8d218e00ec0f83e4b95ed4e627b02, 2961298efe1ea1b6fc0d7ee8b76018fa6c0bcef2, a845c7cf4b4cb5e9e3b2823867892b27646f3a98, 17bc33914bcc98ba3c6b426fd1c49587a25c0597, 9471eee9186a46893726e22ebb54cade3f9bc043, e698dcdfcda41efd0984de539767b4cddd235f1e, 7fcae1118f5fd44a862aa5c3525248e35ee67c3b, 18bf3c3ea8ece8f03b6fc58508f2dfd23c7711c7, 12c69f1e94c89d40696e83804dd2f0965b5250cd, 904e14fb7cb96401a7dc803ca2863fd5ba32ffe6, 9005c6834c0ffdfe46afa76656bd9276cca864f6, af189c95a371b59f493dbe0f50c0a09724868881, 15d45071523d89b3fb7372e2135fbd72f6af9506, d28b387fb74da95d69d2615732f50cceb38e9a4d, 1751342095f0d2b36fa8114d8e12c5688c455ac4, d37fc6d360a404b208547ba112e7dabb6533c7fc, ea00f301285ea2f07393678cd2b6057878320c9d, 9de29eac8d2189424d81c0d840cd0469aa3d41c8, dd84441a797150dcc49298ec95c459a8891d8bb1, d72f4e29e6d84b7ec02ae93088aa459ac70e733b, a493a87f38cfa48caaa95c9347be2d914c6fdf29, ecb586bd29c99fb4de599dec388658e74388daad] +4.9-upstream-stable: released (4.9.88) +3.16-upstream-stable: released (3.16.57) [x86-cpufeatures-add-intel-feature-bits-for-speculation-control.patch, x86-cpufeatures-add-amd-feature-bits-for-speculation-control.patch, x86-msr-add-definitions-for-new-speculation-control-msrs.patch, x86-cpufeature-blacklist-spec_ctrl-pred_cmd-on-early-spectre-v2-microcodes.patch, x86-speculation-add-basic-ibpb-indirect-branch-prediction-barrier-support.patch, kvm-nvmx-eliminate-vmcs02-pool.patch, kvm-vmx-introduce-alloc_loaded_vmcs.patch, x86-cpufeatures-clean-up-spectre-v2-related-cpuid-flags.patch, x86-cpuid-fix-up-virtual-ibrs-ibpb-stibp-feature-bits-on-intel.patch, x86-speculation-use-indirect-branch-prediction-barrier-in-context-switch.patch, kvm-vmx-make-msr-bitmaps-per-vcpu.patch, kvm-x86-add-ibpb-support.patch, kvm-vmx-allow-direct-access-to-msr_ia32_spec_ctrl.patch, x86-speculation-update-speculation-control-microcode-blacklist.patch, x86-speculation-correct-speculation-control-microcode-blacklist-again.patch, x86-speculation-use-ibrs-if-available-before-calling-into-firmware.patch, x86-speculation-move-firmware_restrict_branch_speculation_-from-c-to-cpp.patch, kvm-x86-remove-indirect-msr-op-calls-from-spec_ctrl.patch] +3.2-upstream-stable: released (3.2.101) +sid: released (4.15.11-1) +4.9-stretch-security: released (4.9.88-1) +3.16-jessie-security: released (3.16.57-1) +3.2-wheezy-security: released (3.2.101-1) diff --git a/retired/CVE-2017-5753 b/retired/CVE-2017-5753 new file mode 100644 index 00000000..b8380b79 --- /dev/null +++ b/retired/CVE-2017-5753 @@ -0,0 +1,20 @@ +Description: bounds check bypass +References: + https://spectreattack.com/ +Notes: + carnil> partial mitigations via 0cb5b30698fdc8f6b4646012e3acb4ddce430788 + carnil> "kvm: vmx: Scrub hardware GPRs at VM-exit" in 4.15-rc7 + carnil> Further work went in in 4.16-rc1, 4.15.2 and 4.9.81 and following + carnil> for mitigations (Mitigation: __user pointer sanitization). + bwh> The list of upstream commits and the status below are for x86 only. + bwh> For arm64, we would probably need: 669474e772b952b14f4de4845a1558fd4c0414a4, 022620eed3d0bc4bf2027326f599f5ad71c2ea3f, 51369e398d0d33e8f524314e672b07e8cf870e79, 4d8efc2d5ee4c9ccfeb29ee8afd47a8660d0c0ce, 6314d90e64936c584f300a52ef173603fb2461b5, c2f0ad4fc089cff81cef6a13d04b399980ecbfcc, 91b2d3442f6a44dce875670d702af22737ad5eff + bwh> Optimisation for s390x: e2dd833389cc4069a96b57bdd24227b5f52288f5 +Bugs: +upstream: released (4.16-rc4) [99c6fa2511d8a683e61468be91b83f85452115fa, 87590ce6e373d1a5401f6539f0c59ef92dd924a9, 61dc0f555b5c761cdafb0ba5bd41ecf22d68a4c4, b2157399cc9898260d6031c5bfe45fe137c1fbe7, e4d0e84e490790798691aaa0f2e598637f1867ec, be95a845cc4402272994ce290e3ad928aff06cb9, bbeb6e4323dad9b5e0ee9f60c223dd532e2403b1, 7a32fc51ca938e67974cbb9db31e1a43f98345a9, 21d375b6b34ff511a507de27bf316b3dde6938d9, f84a56f73dddaeac1dba8045b007f742f61cd2da, f3804203306e098dae9ca51540fcd5eb700d7f40, babdde2698d482b6c0de1eab4f697cf5856c5859, b3d7ad85b80bbc404635dca80f5b129f6242bc7a, b3bbfb3fb5d25776b8e3f361d2eedaabb0b496cd, b5c4ae4f35325d520b230bab6eb3310613b72ac1, 304ec1b050310548db33063e567123fae8fd0301, c7f631cb07e7da06ac1d231ca178452339e32a94, 2fbd7af5af8665d18bcefae3e9700be07e22b681, 56c30ba7b348b90484969054d561f711ba196507, 259d8c1e984318497c84eef547bbb6b1d9f4eb05, edfbae53dab8348fca778531be9f4855d2ca0360, 085331dfc6bbe3501fb936e657331ca943827600, 3968523f855050b8195134da951b87c20bd66130, 8fa80c503b484ddc1abbd10c7cb2ab81f3824a50, 1d91c1d2c80cb70e2e553845e278b87a960c04da, eb6174f6d1be16b19cfa43dac296bfed003ce1a6] +4.9-upstream-stable: released (4.9.88) +3.16-upstream-stable: released (3.16.56) +3.2-upstream-stable: released (3.2.101) +sid: released (4.15.11-1) +4.9-stretch-security: released (4.9.88-1) +3.16-jessie-security: released (3.16.56-1) +3.2-wheezy-security: released (3.2.101-1) diff --git a/retired/CVE-2018-10840 b/retired/CVE-2018-10840 new file mode 100644 index 00000000..6bdee79d --- /dev/null +++ b/retired/CVE-2018-10840 @@ -0,0 +1,13 @@ +Description: ext4: correctly handle a zero-length xattr with a non-zero e_value_offs +References: +Notes: +Bugs: + https://bugzilla.kernel.org/show_bug.cgi?id=199347 +upstream: released (4.18-rc1) [8a2b307c21d4b290e3cbe33f768f194286d07c23] +4.9-upstream-stable: N/A "Vulnerable code introduced in 4.13-rc1 with dec214d00e0d78a08b947d7dccdfdb84407a9f4d" +3.16-upstream-stable: N/A "Vulnerable code introduced in 4.13-rc1 with dec214d00e0d78a08b947d7dccdfdb84407a9f4d" +3.2-upstream-stable: N/A "Vulnerable code introduced in 4.13-rc1 with dec214d00e0d78a08b947d7dccdfdb84407a9f4d" +sid: released (4.17.3-1) +4.9-stretch-security: N/A "Vulnerable code not present" +3.16-jessie-security: N/A "Vulnerable code not present" +3.2-wheezy-security: N/A "Vulnerable code not present" diff --git a/retired/CVE-2018-1093 b/retired/CVE-2018-1093 new file mode 100644 index 00000000..f9e3981b --- /dev/null +++ b/retired/CVE-2018-1093 @@ -0,0 +1,20 @@ +Description: Out of bounds read in ext4/balloc.c:ext4_valid_block_bitmap() causes crash with crafted ext4 image +References: +Notes: + carnil> Ben noticed that the fix is not correct in Message-ID: + carnil> <30c688b5783a5779811ce68893b7001390b9e200.camel@decadent.org.uk> + carnil> and fix needs a followup. + carnil> Caused other regressions: + carnil> https://marc.info/?l=linux-ext4&m=152416385122029&w=2 + bwh> Regressions should be fixed by commit 22be37acce25 "ext4: fix bitmap + bwh> position validation". +Bugs: + https://bugzilla.kernel.org/show_bug.cgi?id=199181 +upstream: released (4.17-rc1) [7dac4a1726a9c64a517d595c40e95e2d0d135f6f] +4.9-upstream-stable: released (4.9.98) [76964816c83d3e4e8a6a393777b30f22a6f9cd51, 1fd7c778ebf0f74e0aadcdf112800736cfdbca00] +3.16-upstream-stable: released (3.16.57) [91a9c8e8ac7da66d7159fd758464808d2a1c979a, 73cc97df78e4fbc22a34b0eeedbaaf30b47d7ee5] +3.2-upstream-stable: released (3.2.102) [f278235ce148485cdb9dc990673943addafbd577, 02a37ffd681be59775c9f13686e20621f7097f7e] +sid: released (4.15.17-1) [bugfix/all/ext4-add-validity-checks-for-bitmap-block-numbers.patch] +4.9-stretch-security: released (4.9.88-1) [bugfix/all/ext4-add-validity-checks-for-bitmap-block-numbers.patch, bugfix/all/ext4-fix-bitmap-position-validation.patch] +3.16-jessie-security: released (3.16.57-1) +3.2-wheezy-security: released (3.2.102-1) diff --git a/retired/CVE-2018-10940 b/retired/CVE-2018-10940 new file mode 100644 index 00000000..7716020c --- /dev/null +++ b/retired/CVE-2018-10940 @@ -0,0 +1,12 @@ +Description: cdrom: information leak in cdrom_ioctl_media_changed() +References: +Notes: +Bugs: +upstream: released (4.17-rc3) [9de4ee40547fd315d4a0ed1dd15a2fa3559ad707] +4.9-upstream-stable: released (4.9.97) [4bd744b86114a406efb563c8717e5bea7672d427] +3.16-upstream-stable: released (3.16.57) [319975e893eebe88c6695c6876ab75d316aa518b] +3.2-upstream-stable: released (3.2.102) [15bad6c8291a04692b928e9037844fde6f32a798] +sid: released (4.16.12-1) +4.9-stretch-security: released (4.9.107-1) +3.16-jessie-security: released (3.16.57-1) +3.2-wheezy-security: released (3.2.102-1) diff --git a/retired/CVE-2018-1118 b/retired/CVE-2018-1118 new file mode 100644 index 00000000..8610b9c7 --- /dev/null +++ b/retired/CVE-2018-1118 @@ -0,0 +1,16 @@ +Description: vhost: Information disclosure in vhost/vhost.c:vhost_new_msg() +References: + http://www.openwall.com/lists/oss-security/2018/05/09/1 + https://lkml.org/lkml/2018/4/27/833 + https://bugzilla.redhat.com/show_bug.cgi?id=1573699 +Notes: + carnil> Introduced in 4.8-rc1 [6b1e6cc7855b09a0a9bfa1d9f30172ba366f161c] +Bugs: +upstream: released (4.18-rc1) [670ae9caaca467ea1bfd325cb2a5c98ba87f94ad] +4.9-upstream-stable: released (4.9.110) [9681c3bdb098f6c87a0422b6b63912c1b90ad197] +3.16-upstream-stable: N/A "Vulnerable code introduced later" +3.2-upstream-stable: N/A "Vulnerable code introduced later" +sid: released (4.17.3-1) +4.9-stretch-security: released (4.9.110-1) +3.16-jessie-security: N/A "Vulnerable code not present" +3.2-wheezy-security: N/A "Vulnerable code not present" diff --git a/retired/CVE-2018-1130 b/retired/CVE-2018-1130 new file mode 100644 index 00000000..f9bdbb7e --- /dev/null +++ b/retired/CVE-2018-1130 @@ -0,0 +1,14 @@ +Description: dccp: check sk for closed state in dccp_sendmsg() +References: + https://syzkaller.appspot.com/bug?id=833568de043e0909b2aeaef7be136db39d21ba94 + https://marc.info/?t=152036611500003&r=1&w=2 +Notes: +Bugs: +upstream: released (4.16-rc7) [67f93df79aeefc3add4e4b31a752600f834236e2] +4.9-upstream-stable: released (4.9.92) [1fdc00c1503f2164893454958cf62c3bf4eff8d6] +3.16-upstream-stable: released (3.16.57) [e86c8c8cdf47ce06f29a080f9ab9ee8eee71b374] +3.2-upstream-stable: released (3.2.102) [109503b8cccb3b803d875b88d21d49eab921969e] +sid: released (4.15.17-1) +4.9-stretch-security: released (4.9.107-1) +3.16-jessie-security: released (3.16.57-1) +3.2-wheezy-security: released (3.2.102-1) diff --git a/retired/CVE-2018-11412 b/retired/CVE-2018-11412 new file mode 100644 index 00000000..de730157 --- /dev/null +++ b/retired/CVE-2018-11412 @@ -0,0 +1,19 @@ +Description: ext4: out-of-bounds memcpy via non-inline system.data xattr +References: + https://bugs.chromium.org/p/project-zero/issues/detail?id=1580 + https://git.kernel.org/pub/scm/linux/kernel/git/tytso/ext4.git/commit/?h=dev&id=117166efb1ee8f13c38f9e96b258f16d4923f888 +Notes: + carnil> fixed in ext4.git via 117166efb1ee8f13c38f9e96b258f16d4923f888 + carnil> Might be needed to add as well the followup commit + carnil> eb9b5f01c33adebc31cbc236c02695f605b0e417 + carnil> which relates to the fix for CVE-2018-11412. +Bugs: + https://bugzilla.kernel.org/show_bug.cgi?id=199803 +upstream: released (4.18-rc1) [117166efb1ee8f13c38f9e96b258f16d4923f888] +4.9-upstream-stable: N/A "Vulnerable code introduced in 4.13-rc1" +3.16-upstream-stable: N/A "Vulnerable code introduced in 4.13-rc1" +3.2-upstream-stable: N/A "Vulnerable code introduced in 4.13-rc1" +sid: released (4.17.3-1) +4.9-stretch-security: N/A "Vulnerable code introduced later" +3.16-jessie-security: N/A "Vulnerable code introduced later" +3.2-wheezy-security: N/A "Vulnerable code introduced later" diff --git a/retired/CVE-2018-12232 b/retired/CVE-2018-12232 new file mode 100644 index 00000000..581e97bc --- /dev/null +++ b/retired/CVE-2018-12232 @@ -0,0 +1,14 @@ +Description: socket: close race condition between sock_close() and sockfs_setattr() +References: + https://lkml.org/lkml/2018/6/5/14 + https://patchwork.ozlabs.org/patch/926519/ +Notes: + bwh> Introduced in 4.10 by commit 86741ec25462 "net: core: Add a UID + bwh> field to struct sock." +Bugs: +upstream: released (4.18-rc1) [6d8c50dcb029872b298eea68cc6209c866fd3e14] +4.9-upstream-stable: N/A "Vulnerable code not present" +3.16-upstream-stable: N/A "Vulnerable code not present" +sid: released (4.17.3-1) +4.9-stretch-security: N/A "Vulnerable code not present" +3.16-jessie-security: N/A "Vulnerable code not present" diff --git a/retired/CVE-2018-12633 b/retired/CVE-2018-12633 new file mode 100644 index 00000000..020f3e3d --- /dev/null +++ b/retired/CVE-2018-12633 @@ -0,0 +1,13 @@ +Description: race condition in vboxguest +References: + http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=bd23a7269834dc7c1f93e83535d16ebc44b75eba + https://bugzilla.kernel.org/show_bug.cgi?id=200131 +Notes: + bwh> We haven't yet enabled the VirtualBox guest drivers in official builds +Bugs: +upstream: released (4.18-rc1) [bd23a7269834dc7c1f93e83535d16ebc44b75eba] +4.9-upstream-stable: N/A "Vulnerable code not present" +3.16-upstream-stable: N/A "Vulnerable code not present" +sid: released (4.17.3-1) [bugfix/x86/virt-vbox-Only-copy_from_user-the-request-header-onc.patch] +4.9-stretch-security: N/A "Vulnerable code not present" +3.16-jessie-security: N/A "Vulnerable code not present" diff --git a/retired/CVE-2018-6412 b/retired/CVE-2018-6412 new file mode 100644 index 00000000..174bc2f5 --- /dev/null +++ b/retired/CVE-2018-6412 @@ -0,0 +1,14 @@ +Description: Fixing arbitrary kernel leak in case FBIOGETCMAP_SPARC in sbusfb_ioctl_helper() +References: + https://marc.info/?l=linux-fbdev&m=151734425901499&w=2 +Notes: + bwh> The issue only affects SPARC systems. +Bugs: +upstream: released (4.16-rc5) [250c6c49e3b68756b14983c076183568636e2bde] +4.9-upstream-stable: released (4.9.104) [05b4268070b14dbd77ac6f5986b77a80a458fffa] +3.16-upstream-stable: released (3.16.57) [b57ed0f08e1ef7bb138f92f71f143e03a5d52136] +3.2-upstream-stable: released (3.2.102) [e553bcf09a6390e7f52e47132b27b4574d0ad71a] +sid: released (4.16.5-1) +4.9-stretch-security: released (4.9.107-1) +3.16-jessie-security: released (3.16.57-1) +3.2-wheezy-security: released (3.2.102-1) diff --git a/retired/CVE-2018-9415 b/retired/CVE-2018-9415 new file mode 100644 index 00000000..6615fa00 --- /dev/null +++ b/retired/CVE-2018-9415 @@ -0,0 +1,19 @@ +Description: +References: + https://source.android.com/security/bulletin/pixel/2018-07-01 + https://patchwork.kernel.org/patch/9946759/ +Notes: + jmm> Unclear, might affect drivers/amba in some way? + bwh> The Android bulletin links to a patch for PCI that *wasn't* + bwh> applied upstream (and isn't needed), but based on the + bwh> description as "AMBA driver" I found what I think is the actual + bwh> upstream fix. + bwh> Introduced in Linux 4.0 by commit 3cf385713460 "ARM: 8256/1: + bwh> driver coamba: add device binding path 'driver_override'". +Bugs: +upstream: released (4.17-rc3) [d2ffed5185df9d8d9ccd150e4340e3b6f96a8381] +4.9-upstream-stable: released (4.9.98) [8970c12ac9b917b27e42c0537ab7fce0357f0cf3] +3.16-upstream-stable: N/A "Vulnerable code not present" +sid: released (4.16.12-1) +4.9-stretch-security: released (4.9.107-1) +3.16-jessie-security: N/A "Vulnerable code not present" |