diff options
author | Salvatore Bonaccorso <carnil@debian.org> | 2020-05-04 21:11:48 +0200 |
---|---|---|
committer | Salvatore Bonaccorso <carnil@debian.org> | 2020-05-04 21:11:48 +0200 |
commit | 8998b189e3ce9f6fecaf8f89311c89451b9a462c (patch) | |
tree | c566a2fe445b1af7b424d6db0847008fd6e2cf0c /retired | |
parent | c881c15e64062b7f597192202883d039e26bf48b (diff) |
Strip 'v' prefix from some version entries
Diffstat (limited to 'retired')
95 files changed, 105 insertions, 105 deletions
diff --git a/retired/CVE-2008-7316 b/retired/CVE-2008-7316 index 4bd8c3d2..bf1f967f 100644 --- a/retired/CVE-2008-7316 +++ b/retired/CVE-2008-7316 @@ -2,7 +2,7 @@ Description: References: Notes: Bugs: -upstream: released (v2.6.25-rc1) [124d3b7041f9a0ca7c43a6293e1cae4576c32fd5] +upstream: released (2.6.25-rc1) [124d3b7041f9a0ca7c43a6293e1cae4576c32fd5] 3.16-upstream-stable: N/A "Fixed before 3.16" 3.2-upstream-stable: N/A "Fixed before 3.2" 2.6.32-upstream-stable: N/A "Fixed before 2.6.32" diff --git a/retired/CVE-2011-5321 b/retired/CVE-2011-5321 index 7dffb4c9..67354674 100644 --- a/retired/CVE-2011-5321 +++ b/retired/CVE-2011-5321 @@ -4,11 +4,11 @@ References: Introduced by: Introduced by: https://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=4a2b5fddd53b80efcb3266ee36e23b8de28e761a (v2.6.28-rc1) Notes: Bugs: -upstream: released (v3.2-rc1) [c290f8358acaeffd8e0c551ddcc24d1206143376] +upstream: released (3.2-rc1) [c290f8358acaeffd8e0c551ddcc24d1206143376] 2.6.32-upstream-stable: released (2.6.32.68) sid: released (3.2.1-1) 3.16-jessie-security: N/A "Fixed before initial release" 3.2-wheezy-security: N/A "Fixed before initial release" 2.6.32-squeeze-security: released (2.6.32-48squeeze12) [bugfix/all/tty-drop-driver-reference-in-tty_open-fail-path.patch] 3.16-upstream-stable: N/A "Fixed before initial release" -3.2-upstream-stable: released (v3.2-rc1) [c290f8358acaeffd8e0c551ddcc24d1206143376] +3.2-upstream-stable: released (3.2-rc1) [c290f8358acaeffd8e0c551ddcc24d1206143376] diff --git a/retired/CVE-2012-2136 b/retired/CVE-2012-2136 index 0f624e89..333648dd 100644 --- a/retired/CVE-2012-2136 +++ b/retired/CVE-2012-2136 @@ -4,7 +4,7 @@ References: http://thread.gmane.org/gmane.linux.network/232111 Notes: Bugs: -upstream: released (v3.5-rc1) [cc9b17ad29ecaa20bfe426a8d4dbfb94b13ff1cc] +upstream: released (3.5-rc1) [cc9b17ad29ecaa20bfe426a8d4dbfb94b13ff1cc] 2.6.32-upstream-stable: released (2.6.32.60) sid: released (3.2.20-1) 2.6.32-squeeze-security: released (2.6.32-46) [bugfix/all/net-sock-validate-data_len-before-allocating-skb-in-sock_alloc_send_pskb.patch] diff --git a/retired/CVE-2012-4530 b/retired/CVE-2012-4530 index 8417a9d6..430cf110 100644 --- a/retired/CVE-2012-4530 +++ b/retired/CVE-2012-4530 @@ -5,7 +5,7 @@ References: Notes: jmm> Likely also bf2a9a39639b8b51377905397a5005f444e9a892 Bugs: -upstream: released (v3.8-rc1) [d740269867021faf4ce38a449353d2b986c34a67, b66c5984017533316fd1951770302649baf1aa33] +upstream: released (3.8-rc1) [d740269867021faf4ce38a449353d2b986c34a67, b66c5984017533316fd1951770302649baf1aa33] 2.6.32-upstream-stable: released (2.6.32.61) sid: released (3.2.35-1) 2.6.32-squeeze-security: released (2.6.32-48) [bugfix/all/exec-do-not-leave-bprm-interp-on-stack.patch, bugfix/all/exec-use-ELOOP-for-max-recursion-depth.patch] diff --git a/retired/CVE-2012-6689 b/retired/CVE-2012-6689 index 56fe7606..476256ad 100644 --- a/retired/CVE-2012-6689 +++ b/retired/CVE-2012-6689 @@ -2,7 +2,7 @@ Description: incorrect validation of netlink message origin allows attackers to References: Notes: Bugs: -upstream: released (v3.6-rc5) [20e1db19db5d6b9e4e83021595eab0dc8f107bef] +upstream: released (3.6-rc5) [20e1db19db5d6b9e4e83021595eab0dc8f107bef] 2.6.32-upstream-stable: released (2.6.32.68) sid: released (3.2.30-1) 3.16-jessie-security: N/A "Fixed before initial release" diff --git a/retired/CVE-2012-6701 b/retired/CVE-2012-6701 index 4b66c5ff..0f89ce06 100644 --- a/retired/CVE-2012-6701 +++ b/retired/CVE-2012-6701 @@ -2,9 +2,9 @@ Description: vfs: make AIO use the proper rw_verify_area() area helpers References: Notes: Bugs: -upstream: released (v3.5-rc1) [a70b52ec1aaeaf60f4739edb1b422827cb6f3893] +upstream: released (3.5-rc1) [a70b52ec1aaeaf60f4739edb1b422827cb6f3893] 3.16-upstream-stable: N/A "Fixed before initial release" -3.2-upstream-stable: released (v3.2.19) [07343eab681bf8c22a2b31d978569a5f65253171] +3.2-upstream-stable: released (3.2.19) [07343eab681bf8c22a2b31d978569a5f65253171] sid: released (3.2.19-1) 3.16-jessie-security: N/A "Fixed before initial release" 3.2-wheezy-security: N/A "Fixed before initial release" diff --git a/retired/CVE-2013-4312 b/retired/CVE-2013-4312 index 24a18df9..81c00015 100644 --- a/retired/CVE-2013-4312 +++ b/retired/CVE-2013-4312 @@ -13,7 +13,7 @@ Bugs: https://bugzilla.kernel.org/show_bug.cgi?id=20402 upstream: released (4.5-rc1) [712f4aad406bb1ed67f3f98d04c044191f0ff593] 3.16-upstream-stable: released (3.16.7-ckt24) -3.2-upstream-stable: released (v3.2.78) [a5a6cf8c405e826ff7ed1308dde72560c0ed4854] +3.2-upstream-stable: released (3.2.78) [a5a6cf8c405e826ff7ed1308dde72560c0ed4854] 2.6.32-upstream-stable: ignored sid: released (4.3.3-6) [bugfix/all/unix-properly-account-for-FDs-passed-over-unix-socke.patch] 3.16-jessie-security: released (3.16.7-ckt20-1+deb8u3) [bugfix/all/unix-properly-account-for-FDs-passed-over-unix-socke.patch] diff --git a/retired/CVE-2014-3144 b/retired/CVE-2014-3144 index e36b7a85..ca850ee4 100644 --- a/retired/CVE-2014-3144 +++ b/retired/CVE-2014-3144 @@ -6,7 +6,7 @@ Notes: bugfix/all/filter-prevent-nla-extensions-to-peek-beyond-the-end.patch, but two hunks are applied in the same place so the bug is only half-fixed. Bugs: -upstream: released (v3.15-rc2) [05ab8f2647e4221cbdb3856dd7d32bd5407316b3] +upstream: released (3.15-rc2) [05ab8f2647e4221cbdb3856dd7d32bd5407316b3] 2.6.32-upstream-stable: released (2.6.32.64) sid: released (3.14.5-1) 3.2-wheezy-security: released (3.2.57-3+deb7u2) [bugfix/all/filter-prevent-nla-extensions-to-peek-beyond-the-end.patch] diff --git a/retired/CVE-2014-3145 b/retired/CVE-2014-3145 index 8ba627f5..e0d2156e 100644 --- a/retired/CVE-2014-3145 +++ b/retired/CVE-2014-3145 @@ -3,7 +3,7 @@ References: http://www.openwall.com/lists/oss-security/2014/05/09/5 Notes: Bugs: -upstream: released (v3.15-rc2) [05ab8f2647e4221cbdb3856dd7d32bd5407316b3] +upstream: released (3.15-rc2) [05ab8f2647e4221cbdb3856dd7d32bd5407316b3] 2.6.32-upstream-stable: released (2.6.32.64) sid: released (3.14.4-1) [bugfix/all/filter-prevent-nla-extensions-to-peek-beyond-the-end.patch] 3.2-wheezy-security: released (3.2.57-3+deb7u2) [bugfix/all/filter-prevent-nla-extensions-to-peek-beyond-the-end.patch] diff --git a/retired/CVE-2014-3673 b/retired/CVE-2014-3673 index dd245c09..4cb823ab 100644 --- a/retired/CVE-2014-3673 +++ b/retired/CVE-2014-3673 @@ -2,7 +2,7 @@ Description: sctp: skb_over_panic when receiving malformed ASCONF chunks References: Notes: Bugs: -upstream: released (v3.18-rc1) [9de7922bc709eee2f609cd01d98aaedc4cf5ea74] +upstream: released (3.18-rc1) [9de7922bc709eee2f609cd01d98aaedc4cf5ea74] 2.6.32-upstream-stable: released (2.6.32.64) sid: released (3.16.7-1) [bugfix/all/net-sctp-fix-skb_over_panic-when-receiving-malformed.patch] 3.2-wheezy-security: released (3.2.63-2+deb7u1) [bugfix/all/net-sctp-fix-skb_over_panic-when-receiving-malformed.patch] diff --git a/retired/CVE-2014-4667 b/retired/CVE-2014-4667 index aa130595..cc9e68c3 100644 --- a/retired/CVE-2014-4667 +++ b/retired/CVE-2014-4667 @@ -2,7 +2,7 @@ Description: sctp: Fix sk_ack_backlog wrap-around problem References: Notes: Bugs: -upstream: released (v3.16-rc1) [d3217b15a19a4779c39b212358a5c71d725822ee] +upstream: released (3.16-rc1) [d3217b15a19a4779c39b212358a5c71d725822ee] 2.6.32-upstream-stable: released (2.6.32.64) sid: released (3.14.9-1) 3.2-wheezy-security: released (3.2.60-1+deb7u3) [bugfix/all/sctp-fix-sk_ack_backlog-wrap-around-problem.patch] diff --git a/retired/CVE-2014-5471 b/retired/CVE-2014-5471 index a18396a4..0075845c 100644 --- a/retired/CVE-2014-5471 +++ b/retired/CVE-2014-5471 @@ -2,7 +2,7 @@ Description: unbound recursion in ISOFS - crashes / reboots a kernel due to kern References: Notes: Bugs: -upstream: released (v3.17-rc2) [410dd3cf4c9b36f27ed4542ee18b1af5e68645a4] +upstream: released (3.17-rc2) [410dd3cf4c9b36f27ed4542ee18b1af5e68645a4] 2.6.32-upstream-stable: released (2.6.32.64) sid: released (3.16.2-2) 3.2-wheezy-security: released (3.2.63-1) diff --git a/retired/CVE-2014-5472 b/retired/CVE-2014-5472 index 1cfa34fc..81153c1c 100644 --- a/retired/CVE-2014-5472 +++ b/retired/CVE-2014-5472 @@ -2,7 +2,7 @@ Description: unbound recursion in ISOFS - causes a deadlock in the mount process References: Notes: Bugs: -upstream: released (v3.17-rc2) [410dd3cf4c9b36f27ed4542ee18b1af5e68645a4] +upstream: released (3.17-rc2) [410dd3cf4c9b36f27ed4542ee18b1af5e68645a4] 2.6.32-upstream-stable: released (2.6.32.64) sid: released (3.16.2-2) 3.2-wheezy-security: released (3.2.63-1) diff --git a/retired/CVE-2014-6416 b/retired/CVE-2014-6416 index 7fb58906..48fe48ba 100644 --- a/retired/CVE-2014-6416 +++ b/retired/CVE-2014-6416 @@ -4,7 +4,7 @@ References: http://seclists.org/oss-sec/2014/q3/604 Notes: Bugs: -upstream: released (v3.17-rc5) [597cda357716a3cf8d994cb11927af917c8d71fa, c27a3e4d667fdcad3db7b104f75659478e0c68d8] +upstream: released (3.17-rc5) [597cda357716a3cf8d994cb11927af917c8d71fa, c27a3e4d667fdcad3db7b104f75659478e0c68d8] 2.6.32-upstream-stable: N/A "Introduced in 2.6.34" sid: released (3.16.3-1) 3.2-wheezy-security: released (3.2.63-1) [bugfix/all/libceph-add-process_one_ticket-helper.patch, bugfix/all/libceph-do-not-hard-code-max-auth-ticket-len.patch] diff --git a/retired/CVE-2014-6417 b/retired/CVE-2014-6417 index 7fb58906..48fe48ba 100644 --- a/retired/CVE-2014-6417 +++ b/retired/CVE-2014-6417 @@ -4,7 +4,7 @@ References: http://seclists.org/oss-sec/2014/q3/604 Notes: Bugs: -upstream: released (v3.17-rc5) [597cda357716a3cf8d994cb11927af917c8d71fa, c27a3e4d667fdcad3db7b104f75659478e0c68d8] +upstream: released (3.17-rc5) [597cda357716a3cf8d994cb11927af917c8d71fa, c27a3e4d667fdcad3db7b104f75659478e0c68d8] 2.6.32-upstream-stable: N/A "Introduced in 2.6.34" sid: released (3.16.3-1) 3.2-wheezy-security: released (3.2.63-1) [bugfix/all/libceph-add-process_one_ticket-helper.patch, bugfix/all/libceph-do-not-hard-code-max-auth-ticket-len.patch] diff --git a/retired/CVE-2014-6418 b/retired/CVE-2014-6418 index 7fb58906..48fe48ba 100644 --- a/retired/CVE-2014-6418 +++ b/retired/CVE-2014-6418 @@ -4,7 +4,7 @@ References: http://seclists.org/oss-sec/2014/q3/604 Notes: Bugs: -upstream: released (v3.17-rc5) [597cda357716a3cf8d994cb11927af917c8d71fa, c27a3e4d667fdcad3db7b104f75659478e0c68d8] +upstream: released (3.17-rc5) [597cda357716a3cf8d994cb11927af917c8d71fa, c27a3e4d667fdcad3db7b104f75659478e0c68d8] 2.6.32-upstream-stable: N/A "Introduced in 2.6.34" sid: released (3.16.3-1) 3.2-wheezy-security: released (3.2.63-1) [bugfix/all/libceph-add-process_one_ticket-helper.patch, bugfix/all/libceph-do-not-hard-code-max-auth-ticket-len.patch] diff --git a/retired/CVE-2014-7284 b/retired/CVE-2014-7284 index c43a9088..0f6ec90e 100644 --- a/retired/CVE-2014-7284 +++ b/retired/CVE-2014-7284 @@ -3,7 +3,7 @@ References: http://secondlookforensics.com/ngro-linux-kernel-bug/ Notes: Bugs: -upstream: released (v3.15-rc7) [3d4405226d27b3a215e4d03cfa51f536244e5de7] +upstream: released (3.15-rc7) [3d4405226d27b3a215e4d03cfa51f536244e5de7] 2.6.32-upstream-stable: N/A "Introduced in 3.13 with a48e42920ff38bc90bbf75143fff4555723d4540] sid: released (3.16-1) 3.2-wheezy-security: N/A "Introduced in 3.13 with a48e42920ff38bc90bbf75143fff4555723d4540] diff --git a/retired/CVE-2014-7822 b/retired/CVE-2014-7822 index 03b6e988..492a4b95 100644 --- a/retired/CVE-2014-7822 +++ b/retired/CVE-2014-7822 @@ -6,7 +6,7 @@ Notes: bwh> hang on umount. ext3 and xfs don't seem to be affected. Bugs: - https://bugzilla.redhat.com/show_bug.cgi?id=1163792 -upstream: released (v3.16-rc1) [8d0207652cbe27d1f962050737848e5ad4671958] +upstream: released (3.16-rc1) [8d0207652cbe27d1f962050737848e5ad4671958] 2.6.32-upstream-stable: released (2.6.32.66) sid: released (3.16.2-1) 3.2-wheezy-security: released (3.2.65-1+deb7u2) [bugfix/all/splice-apply-generic-position-and-size-checks-to-eac.patch] diff --git a/retired/CVE-2014-7825 b/retired/CVE-2014-7825 index 6112fc6a..8ca03e03 100644 --- a/retired/CVE-2014-7825 +++ b/retired/CVE-2014-7825 @@ -5,7 +5,7 @@ Notes: For 2.6.32, commit cd0980fc8add ("tracing: Check invalid syscall nr while tracing syscalls") is also needed. Bugs: -upstream: released (v3.18-rc3) [086ba77a6db00ed858ff07451bedee197df868c9] +upstream: released (3.18-rc3) [086ba77a6db00ed858ff07451bedee197df868c9] 2.6.32-upstream-stable: ignored sid: released (3.16.7-ckt2-1) 3.16-jessie-security: N/A "Fixed before initial release" diff --git a/retired/CVE-2014-7826 b/retired/CVE-2014-7826 index 1fc2e344..0733fcad 100644 --- a/retired/CVE-2014-7826 +++ b/retired/CVE-2014-7826 @@ -6,7 +6,7 @@ Notes: For 2.6.32, commit cd0980fc8add ("tracing: Check invalid syscall nr while tracing syscalls") is also needed. Bugs: -upstream: released (v3.18-rc3) [086ba77a6db00ed858ff07451bedee197df868c9] +upstream: released (3.18-rc3) [086ba77a6db00ed858ff07451bedee197df868c9] 2.6.32-upstream-stable: ignored sid: released (3.16.7-ckt2-1) 3.16-jessie-security: N/A "Fixed before initial release" diff --git a/retired/CVE-2014-7841 b/retired/CVE-2014-7841 index d7c7c4fd..e5880de4 100644 --- a/retired/CVE-2014-7841 +++ b/retired/CVE-2014-7841 @@ -2,7 +2,7 @@ Description: sctp: NULL pointer dereference in af->from_addr_param on malformed References: Notes: Bugs: -upstream: released (v3.18-rc5) [e40607cbe270a9e8360907cb1e62ddf0736e4864] +upstream: released (3.18-rc5) [e40607cbe270a9e8360907cb1e62ddf0736e4864] 2.6.32-upstream-stable: released (2.6.32.65) sid: released (3.16.7-ckt2-1) 3.2-wheezy-security: released (3.2.63-2+deb7u2) [bugfix/all/net-sctp-fix-NULL-pointer-dereference-in-af-from_add.patch] diff --git a/retired/CVE-2014-8171 b/retired/CVE-2014-8171 index 2dcc24cf..73845722 100644 --- a/retired/CVE-2014-8171 +++ b/retired/CVE-2014-8171 @@ -4,7 +4,7 @@ Notes: bwh> We require a kernel parameter to enable memcg, so most systems should bwh> not be affected. Bugs: -upstream: released (v3.12-rc1) [3812c8c8f3953921ef18544110dafc3505c1ac62], (v3.12-rc6) [4942642080ea82d99ab5b653abb9a12b7ba31f4a] +upstream: released (3.12-rc1) [3812c8c8f3953921ef18544110dafc3505c1ac62], (v3.12-rc6) [4942642080ea82d99ab5b653abb9a12b7ba31f4a] 2.6.32-upstream-stable: ignored sid: released (3.12.6-1) 3.16-jessie-security: N/A "Fixed before initial release" diff --git a/retired/CVE-2014-9419 b/retired/CVE-2014-9419 index e3608a89..7e9e0038 100644 --- a/retired/CVE-2014-9419 +++ b/retired/CVE-2014-9419 @@ -8,7 +8,7 @@ Notes: bwh> large number of changes. I did prepare a backport but don't feel bwh> confident enough to use it. Bugs: -upstream: released (v3.19-rc1) [f647d7c155f069c1a068030255c300663516420e] +upstream: released (3.19-rc1) [f647d7c155f069c1a068030255c300663516420e] 2.6.32-upstream-stable: ignored ("complete fix is too invasive to backport") sid: released (3.16.7-ckt4-1) 3.2-wheezy-security: released (3.2.65-1+deb7u1) [bugfix/x86/x86_64-switch_to-load-tls-descriptors-before-switchi.patch] diff --git a/retired/CVE-2014-9420 b/retired/CVE-2014-9420 index 010bede4..fc8c77c6 100644 --- a/retired/CVE-2014-9420 +++ b/retired/CVE-2014-9420 @@ -2,7 +2,7 @@ Description: fs: isofs: infinite loop in CE records References: Notes: Bugs: -upstream: released (v3.19-rc1) [f54e18f1b831c92f6512d2eedb224cd63d607d3d] +upstream: released (3.19-rc1) [f54e18f1b831c92f6512d2eedb224cd63d607d3d] 2.6.32-upstream-stable: released (2.6.32.66) sid: released (3.16.7-ckt4-1) 3.2-wheezy-security: released (3.2.65-1) [bugfix/all/isofs-fix-infinite-looping-over-ce-entries.patch] diff --git a/retired/CVE-2014-9683 b/retired/CVE-2014-9683 index ad2925e5..f060049e 100644 --- a/retired/CVE-2014-9683 +++ b/retired/CVE-2014-9683 @@ -2,7 +2,7 @@ Description: ecryptfs 1-byte overwrite References: Notes: Bugs: -upstream: released (v3.19-rc1) [942080643bce061c3dd9d5718d3b745dcb39a8bc] +upstream: released (3.19-rc1) [942080643bce061c3dd9d5718d3b745dcb39a8bc] 2.6.32-upstream-stable: released (2.6.32.68) sid: released (3.16.7-ckt4-1) 3.16-jessie-security: N/A "Fixed before initial release" diff --git a/retired/CVE-2014-9715 b/retired/CVE-2014-9715 index d8e8af2f..37b5093f 100644 --- a/retired/CVE-2014-9715 +++ b/retired/CVE-2014-9715 @@ -5,7 +5,7 @@ Notes: Introduced by (v3.6-rc5) [5b423f6a40a0327f9d40bc8b97ce9b] In 3.2. introduced by (v3.2.33) [cc1b75d796ad050c83c95733c4220aaa04fa1304] Bugs: https://bugs.debian.org/741667 -upstream: released (v3.15-rc1) [223b02d923ecd7c84cf9780bb3686f455d279279] +upstream: released (3.15-rc1) [223b02d923ecd7c84cf9780bb3686f455d279279] 2.6.32-upstream-stable: N/A "Introduced in 3.6" sid: released (3.14.5-1) 3.16-jessie-security: N/A "Fixed before initial release" diff --git a/retired/CVE-2014-9728 b/retired/CVE-2014-9728 index 462cb2fb..e17b1c39 100644 --- a/retired/CVE-2014-9728 +++ b/retired/CVE-2014-9728 @@ -2,7 +2,7 @@ Description: References: Notes: Bugs: -upstream: released (v3.19-rc3) [e159332b9af4b04d882dbcfe1bb0117f0a6d4b58, e237ec37ec154564f8690c5bd1795339955eeef9, a1d47b262952a45aae62bd49cfaf33dd76c11a2c] +upstream: released (3.19-rc3) [e159332b9af4b04d882dbcfe1bb0117f0a6d4b58, e237ec37ec154564f8690c5bd1795339955eeef9, a1d47b262952a45aae62bd49cfaf33dd76c11a2c] 3.16-upstream-stable: released (3.16.7-ckt4) 3.2-upstream-stable: released (3.2.67) 2.6.32-upstream-stable: released (2.6.32.68) diff --git a/retired/CVE-2014-9729 b/retired/CVE-2014-9729 index 57ef2272..c5115397 100644 --- a/retired/CVE-2014-9729 +++ b/retired/CVE-2014-9729 @@ -4,7 +4,7 @@ Notes: For the "iinfo->i_lenAlloc != inode->i_size" issue in https://marc.info/?l=oss-security&m=143335451223630&w=2 Bugs: -upstream: released (v3.19-rc3) [e159332b9af4b04d882dbcfe1bb0117f0a6d4b58] +upstream: released (3.19-rc3) [e159332b9af4b04d882dbcfe1bb0117f0a6d4b58] 3.16-upstream-stable: released (3.16.7-ckt4) 3.2-upstream-stable: released (3.2.67) 2.6.32-upstream-stable: released (2.6.32.68) diff --git a/retired/CVE-2014-9730 b/retired/CVE-2014-9730 index 03ab16f4..75f8766a 100644 --- a/retired/CVE-2014-9730 +++ b/retired/CVE-2014-9730 @@ -5,7 +5,7 @@ Notes: that do not use it" issue in: https://marc.info/?l=oss-security&m=143335451223630&w=2 Bugs: -upstream: released (v3.19-rc3) [e237ec37ec154564f8690c5bd1795339955eeef9] +upstream: released (3.19-rc3) [e237ec37ec154564f8690c5bd1795339955eeef9] 3.16-upstream-stable: released (3.16.7-ckt4) 3.2-upstream-stable: released (3.2.67) 2.6.32-upstream-stable: released (2.6.32.68) diff --git a/retired/CVE-2014-9731 b/retired/CVE-2014-9731 index 29e72601..c7668339 100644 --- a/retired/CVE-2014-9731 +++ b/retired/CVE-2014-9731 @@ -2,7 +2,7 @@ Description: udf: information leakage when reading symlink References: Notes: Bugs: -upstream: released (v3.19-rc3) [0e5cc9a40ada6046e6bc3bdfcd0c0d7e4b706b14] +upstream: released (3.19-rc3) [0e5cc9a40ada6046e6bc3bdfcd0c0d7e4b706b14] 3.16-upstream-stable: released (3.16.7-ckt4) 3.2-upstream-stable: released (3.2.67) 2.6.32-upstream-stable: released (2.6.32.68) diff --git a/retired/CVE-2015-0274 b/retired/CVE-2015-0274 index 015b04e3..6b9877a2 100644 --- a/retired/CVE-2015-0274 +++ b/retired/CVE-2015-0274 @@ -3,7 +3,7 @@ References: - https://bugzilla.redhat.com/show_bug.cgi?id=1195248 Notes: Bugs: -upstream: released (v3.15-rc5) [8275cdd0e7ac550dcce2b3ef6d2fb3b808c1ae59] +upstream: released (3.15-rc5) [8275cdd0e7ac550dcce2b3ef6d2fb3b808c1ae59] 2.6.32-upstream-stable: N/A "Introduced in v3.11-rc1 with e461fcb194172b3f709e0b478d2ac1bdac7ab9a3" sid: released (3.15~rc5-1~exp1) 3.2-wheezy-security: N/A "Introduced in v3.11-rc1 with e461fcb194172b3f709e0b478d2ac1bdac7ab9a3" diff --git a/retired/CVE-2015-1339 b/retired/CVE-2015-1339 index ae4fe272..d5169fdc 100644 --- a/retired/CVE-2015-1339 +++ b/retired/CVE-2015-1339 @@ -2,7 +2,7 @@ Description: memory exhaustion via CUSE driver References: Notes: Bugs: -upstream: released (v4.4-rc5) [2c5816b4beccc8ba709144539f6fdd764f8fa49c] +upstream: released (4.4-rc5) [2c5816b4beccc8ba709144539f6fdd764f8fa49c] 3.16-upstream-stable: N/A "Introduced in v4.2-rc1 with commit cc080e9e9be16ccf26135d366d7d2b65209f1d56" 3.2-upstream-stable: N/A "Introduced in v4.2-rc1 with commit cc080e9e9be16ccf26135d366d7d2b65209f1d56" sid: released (4.4.2-1) diff --git a/retired/CVE-2015-1465 b/retired/CVE-2015-1465 index c9ba1df0..7fe84c6c 100644 --- a/retired/CVE-2015-1465 +++ b/retired/CVE-2015-1465 @@ -3,7 +3,7 @@ References: - https://bugzilla.redhat.com/show_bug.cgi?id=1183744 Notes: Bugs: -upstream: released (v3.19-rc7) [df4d92549f23e1c037e83323aff58a21b3de7fe0] +upstream: released (3.19-rc7) [df4d92549f23e1c037e83323aff58a21b3de7fe0] 2.6.32-upstream-stable: N/A" "Introduced in 3.16 with f88649721268999bdff09777847080a52004f691" sid: released (3.16.7-ckt7-1) 3.2-wheezy-security: N/A" "Introduced in 3.16 with f88649721268999bdff09777847080a52004f691" diff --git a/retired/CVE-2015-1573 b/retired/CVE-2015-1573 index e44c05d9..28fd9da3 100644 --- a/retired/CVE-2015-1573 +++ b/retired/CVE-2015-1573 @@ -5,7 +5,7 @@ Notes: bwh> Seems to have been introduced in 3.18 by commit bwh> b9ac12ef099707f405d7478009564302d7ed8393. Bugs: -upstream: released (v3.19-rc5) [a2f18db0c68fec96631c10cad9384c196e9008ac] +upstream: released (3.19-rc5) [a2f18db0c68fec96631c10cad9384c196e9008ac] 2.6.32-upstream-stable: N/A "nftables introduced in 3.13" sid: N/A "bug introduced in 3.18" 3.2-wheezy-security: N/A "nftables introduced in 3.13" diff --git a/retired/CVE-2015-1805 b/retired/CVE-2015-1805 index 06a56258..86919ace 100644 --- a/retired/CVE-2015-1805 +++ b/retired/CVE-2015-1805 @@ -4,7 +4,7 @@ References: http://www.openwall.com/lists/oss-security/2015/06/06/2 Notes: Bugs: -upstream: released (v3.16-rc1) [637b58c2887e5e57850865839cc75f59184b23d1, f0d1bec9d58d4c038d0ac958c9af82be6eb18045] +upstream: released (3.16-rc1) [637b58c2887e5e57850865839cc75f59184b23d1, f0d1bec9d58d4c038d0ac958c9af82be6eb18045] 3.2-upstream-stable: released (3.2.70) [pipe-iovec-fix-memory-corruption-when-retrying-atomic-copy-as-non-atomic.patch] 3.16-jessie-security: N/A 2.6.32-upstream-stable: released (2.6.32.68) diff --git a/retired/CVE-2015-2041 b/retired/CVE-2015-2041 index e4fa5ba0..60129601 100644 --- a/retired/CVE-2015-2041 +++ b/retired/CVE-2015-2041 @@ -4,7 +4,7 @@ Notes: bwh> Bug introduced when sysctls were added in 2.6.14. Security impact bwh> is minimal: leaks 4 bytes of static data on 64-bit architectures. Bugs: -upstream: released (v3.19-rc7) [6b8d9117ccb4f81b1244aafa7bc70ef8fa45fc49] +upstream: released (3.19-rc7) [6b8d9117ccb4f81b1244aafa7bc70ef8fa45fc49] 2.6.32-upstream-stable: released (2.6.32.66) sid: released (3.16.7-ckt9-1) 3.16-jessie-security: N/A "Fixed before initial release" diff --git a/retired/CVE-2015-2042 b/retired/CVE-2015-2042 index 5ea1b8d4..69cc3047 100644 --- a/retired/CVE-2015-2042 +++ b/retired/CVE-2015-2042 @@ -4,7 +4,7 @@ Notes: bwh> Bug introduced when sysctls were added in 2.6.30. Security impact bwh> is minimal: leaks 4 bytes of static data on 64-bit architectures. Bugs: -upstream: released (v3.19) [db27ebb111e9f69efece08e4cb6a34ff980f8896] +upstream: released (3.19) [db27ebb111e9f69efece08e4cb6a34ff980f8896] 2.6.32-upstream-stable: released (2.6.32.66) sid: released (3.16.7-ckt9-1) 3.16-jessie-security: N/A "Fixed before initial release" diff --git a/retired/CVE-2015-2672 b/retired/CVE-2015-2672 index b06670e4..965c12f9 100644 --- a/retired/CVE-2015-2672 +++ b/retired/CVE-2015-2672 @@ -2,7 +2,7 @@ Description: unprivileged denial-of-service due to mis-protected xsave/xrstor in References: Notes: Bugs: -upstream: released (v4.0-rc3) [06c8173eb92bbfc03a0fe8bb64315857d0badd06] +upstream: released (4.0-rc3) [06c8173eb92bbfc03a0fe8bb64315857d0badd06] 2.6.32-upstream-stable: N/A "Introduced in v3.17-rc1 with f31a9f7c71691569359fa7fb8b0acaa44bce0324 sid: N/A "Introduced in v3.17-rc1 with f31a9f7c71691569359fa7fb8b0acaa44bce0324 3.2-wheezy-security: N/A "Introduced in v3.17-rc1 with f31a9f7c71691569359fa7fb8b0acaa44bce0324 diff --git a/retired/CVE-2015-2830 b/retired/CVE-2015-2830 index a863cd88..159a0bf2 100644 --- a/retired/CVE-2015-2830 +++ b/retired/CVE-2015-2830 @@ -2,7 +2,7 @@ Description: mishandles int80 fork from 64-bit tasks References: Notes: Bugs: -upstream: released (v4.0-rc3) [956421fbb74c3a6261903f3836c0740187cf038b] +upstream: released (4.0-rc3) [956421fbb74c3a6261903f3836c0740187cf038b] 2.6.32-upstream-stable: released (2.6.32.66) sid: released (3.16.7-ckt9-1) 3.16-jessie-security: N/A "Fixed before initial release" diff --git a/retired/CVE-2015-3288 b/retired/CVE-2015-3288 index f7369e1f..1af15f93 100644 --- a/retired/CVE-2015-3288 +++ b/retired/CVE-2015-3288 @@ -3,7 +3,7 @@ References: Notes: Bugs: upstream: released (4.2-rc2) [6b7339f4c31ad69c8e9c0b2859276e22cf72176d] -3.16-upstream-stable: released (v3.16.7-ckt16) [9760c0f9a5a7dbfb696b799189609a3471151cb5] +3.16-upstream-stable: released (3.16.7-ckt16) [9760c0f9a5a7dbfb696b799189609a3471151cb5] 3.2-upstream-stable: released (3.2.71) [e2506476534cff7bb3697fbe0654fdefd101bc80] sid: released (4.2-1) 3.16-jessie-security: released (3.16.7-ckt17-1) diff --git a/retired/CVE-2015-3331 b/retired/CVE-2015-3331 index 87333610..68ac72a2 100644 --- a/retired/CVE-2015-3331 +++ b/retired/CVE-2015-3331 @@ -3,7 +3,7 @@ References: Notes: Bugs: - https://bugs.debian.org/782561 -upstream: released (v4.0-rc5) [ccfe8c3f7e52ae83155cb038753f4c75b774ca8a] +upstream: released (4.0-rc5) [ccfe8c3f7e52ae83155cb038753f4c75b774ca8a] 2.6.32-upstream-stable: N/A "Introduced in v2.6.38-rc1 with 0bd82f5f6355775fbaf7d3c664432ce1b862be1e" sid: released (3.16.7-ckt9-3) [bugfix/x86/crypto-aesni-fix-memory-usage-in-GCM-decryption.patch] 3.16-jessie-security: released (3.16.7-ckt9-3~deb8u1) [bugfix/x86/crypto-aesni-fix-memory-usage-in-GCM-decryption.patch] diff --git a/retired/CVE-2015-3636 b/retired/CVE-2015-3636 index 60559e85..9d6882b6 100644 --- a/retired/CVE-2015-3636 +++ b/retired/CVE-2015-3636 @@ -3,7 +3,7 @@ References: https://lkml.org/lkml/2011/5/13/382 Notes: Bugs: -upstream: released (v4.1-rc2) [a134f083e79fb4c3d0a925691e732c56911b4326] +upstream: released (4.1-rc2) [a134f083e79fb4c3d0a925691e732c56911b4326] 3.16-upstream-stable: released (3.16.7-ckt11) 3.2-upstream-stable: released (3.2.69) [ipv4-missing-sk_nulls_node_init-in-ping_unhash.patch] 2.6.32-upstream-stable: N/A "Vulnerable code not present" diff --git a/retired/CVE-2015-4036 b/retired/CVE-2015-4036 index f1928b95..463792fe 100644 --- a/retired/CVE-2015-4036 +++ b/retired/CVE-2015-4036 @@ -2,7 +2,7 @@ Description: drivers/vhost/scsi.c: potential memory corruption References: Notes: Bugs: -upstream: released (v4.0-rc1) [59c816c1f24df0204e01851431d3bab3eb76719c] +upstream: released (4.0-rc1) [59c816c1f24df0204e01851431d3bab3eb76719c] 3.16-upstream-stable: released (3.16.7-ckt8) 3.2-upstream-stable: N/A "vulnerable code not present" 2.6.32-upstream-stable: N/A "vulnerable code not present" diff --git a/retired/CVE-2015-4167 b/retired/CVE-2015-4167 index 104e613b..82a46481 100644 --- a/retired/CVE-2015-4167 +++ b/retired/CVE-2015-4167 @@ -2,7 +2,7 @@ Description: fs: udf kernel oops References: Notes: Bugs: -upstream: released (v4.0-rc1) [23b133bdc452aa441fcb9b82cbf6dd05cfd342d0] +upstream: released (4.0-rc1) [23b133bdc452aa441fcb9b82cbf6dd05cfd342d0] 3.16-upstream-stable: released (3.16.7-ckt13) 3.2-upstream-stable: released (3.2.69) 2.6.32-upstream-stable: released (2.6.32.68) diff --git a/retired/CVE-2015-4170 b/retired/CVE-2015-4170 index ffc73a32..a6cda674 100644 --- a/retired/CVE-2015-4170 +++ b/retired/CVE-2015-4170 @@ -3,7 +3,7 @@ References: Notes: Affected code introduced by [4898e640caf03fdbaf2122d5a33949bf3e4a5b34] Bugs: -upstream: released (v3.13-rc5) [cf872776fc84128bb779ce2b83a37c884c3203ae] +upstream: released (3.13-rc5) [cf872776fc84128bb779ce2b83a37c884c3203ae] 3.16-upstream-stable: N/A 3.2-upstream-stable: N/A "Introduced in v3.11-rc1 with commit 4898e640caf03fdbaf2122d5a33949bf3e4a5b34" 2.6.32-upstream-stable: N/A "Introduced in v3.11-rc1 with commit 4898e640caf03fdbaf2122d5a33949bf3e4a5b34" diff --git a/retired/CVE-2015-4700 b/retired/CVE-2015-4700 index 4fe7ee19..6368fef5 100644 --- a/retired/CVE-2015-4700 +++ b/retired/CVE-2015-4700 @@ -4,7 +4,7 @@ Notes: Introduced in 0a14842f5a3c0e88a1e59fac5c3025db39721f74. This is mitigated by the fact that BPF JIT has always been disabled by default. Bugs: -upstream: released (v4.1-rc6) [3f7352bf21f8fd7ba3e2fcef9488756f188e12be] +upstream: released (4.1-rc6) [3f7352bf21f8fd7ba3e2fcef9488756f188e12be] 3.16-upstream-stable: released (3.16.7-ckt13) 3.2-upstream-stable: released (3.2.70) [x86-bpf_jit-fix-compilation-of-large-bpf-programs.patch] 2.6.32-upstream-stable: N/A "Introduced in 3.0 with 0a14842f5a3c0e88a1e59fac5c3025db39721f74" diff --git a/retired/CVE-2015-5283 b/retired/CVE-2015-5283 index 546062d0..7ff1e761 100644 --- a/retired/CVE-2015-5283 +++ b/retired/CVE-2015-5283 @@ -3,7 +3,7 @@ References: http://patchwork.ozlabs.org/patch/515996/ Notes: Bugs: -upstream: released (v4.3-rc3) [8e2d61e0aed2b7c4ecb35844fe07e0b2b762dee4] +upstream: released (4.3-rc3) [8e2d61e0aed2b7c4ecb35844fe07e0b2b762dee4] 3.16-upstream-stable: released (3.16.7-ckt18) [eb084bd187c25f0b63556a4f6c440e3ac96ecaf5] 3.2-upstream-stable: N/A ("Vulnerable code not present") 2.6.32-upstream-stable: N/A ("Vulnerable code not present") diff --git a/retired/CVE-2015-5307 b/retired/CVE-2015-5307 index ea03ec0f..3b510917 100644 --- a/retired/CVE-2015-5307 +++ b/retired/CVE-2015-5307 @@ -3,7 +3,7 @@ References: Notes: Bugs: upstream: released (4.4-rc1) [54a20552e1eae07aa240fa370a0293e006b5faed] -3.16-upstream-stable: released (v3.16.7-ckt21) [033edc3a7d4c3fd1560aa41e051d6e79b9545ed0] +3.16-upstream-stable: released (3.16.7-ckt21) [033edc3a7d4c3fd1560aa41e051d6e79b9545ed0] 3.2-upstream-stable: released (3.2.73) [kvm-x86-work-around-infinite-loop-in-microcode-when-ac-is.patch] 2.6.32-upstream-stable: ignored "end of life" sid: released (4.2.6-1) [bugfix/x86/kvm-x86-vmx-avoid-guest-host-dos-by-intercepting-ac.patch, bugfix/x86/kvm-x86-svm-intercept-ac-to-avoid-guest-host-exploit.patch] diff --git a/retired/CVE-2015-5706 b/retired/CVE-2015-5706 index 753ada56..51491458 100644 --- a/retired/CVE-2015-5706 +++ b/retired/CVE-2015-5706 @@ -2,8 +2,8 @@ Description: Use-after-free in path lookup References: Notes: Bugs: -upstream: released (v4.1-rc3) [f15133df088ecadd141ea1907f2c96df67c729f0] -3.16-upstream-stable: released (v3.16.7-ckt12) [bedf03d0b88d] +upstream: released (4.1-rc3) [f15133df088ecadd141ea1907f2c96df67c729f0] +3.16-upstream-stable: released (3.16.7-ckt12) [bedf03d0b88d] 3.2-upstream-stable: N/A "Introduced in 3.11-rc1 with 60545d0d4610b02e55f65d141c95b18ccf855b6e" 2.6.32-upstream-stable: N/A "Introduced in 3.11-rc1 with 60545d0d4610b02e55f65d141c95b18ccf855b6e" sid: released (4.0.4-1) diff --git a/retired/CVE-2015-5707 b/retired/CVE-2015-5707 index 72fbfa79..f076a044 100644 --- a/retired/CVE-2015-5707 +++ b/retired/CVE-2015-5707 @@ -3,7 +3,7 @@ References: Notes: Introduced in (v2.6.28-rc1) [10db10d144c0248f285242f79daf6b9de6b00a62] Bugs: -upstream: released (v4.1-rc1) [451a2886b6bf90e2fb378f7c46c655450fb96e81, fdc81f45e9f57858da6351836507fbcf1b7583ee] +upstream: released (4.1-rc1) [451a2886b6bf90e2fb378f7c46c655450fb96e81, fdc81f45e9f57858da6351836507fbcf1b7583ee] 3.16-upstream-stable: released (3.16.7-ckt16) 3.2-upstream-stable: released (3.2.70) [sg_start_req-make-sure-that-there-s-not-too-many-elements-in-iovec.patch] 2.6.32-upstream-stable: released (2.6.32.68) diff --git a/retired/CVE-2015-6937 b/retired/CVE-2015-6937 index 39e33f62..44cf6f4f 100644 --- a/retired/CVE-2015-6937 +++ b/retired/CVE-2015-6937 @@ -2,7 +2,7 @@ Description: NULL pointer dereference in net/rds/connection.c References: Notes: Bugs: -upstream: released (v4.3-rc1) [74e98eb085889b0d2d4908f59f6e00026063014f] +upstream: released (4.3-rc1) [74e98eb085889b0d2d4908f59f6e00026063014f] 3.16-upstream-stable: released (3.16.7-ckt18) [a93002fa8bd6495b88ae9196151008902d7e7774] 3.2-upstream-stable: released (3.2.72) [rds-verify-the-underlying-transport-exists-before-creating-a.patch] 2.6.32-upstream-stable: released (2.6.32.69) diff --git a/retired/CVE-2015-7513 b/retired/CVE-2015-7513 index 8414270e..550add6a 100644 --- a/retired/CVE-2015-7513 +++ b/retired/CVE-2015-7513 @@ -2,7 +2,7 @@ Description: KVM: x86: Reload pit counters for all channels when restoring stat References: Notes: Bugs: -upstream: released (v4.4-rc7) [0185604c2d82c560dab2f2933a18f797e74ab5a8] +upstream: released (4.4-rc7) [0185604c2d82c560dab2f2933a18f797e74ab5a8] 3.16-upstream-stable: released (3.16.7-ckt22) 3.2-upstream-stable: released (3.2.76) [kvm-x86-reload-pit-counters-for-all-channels-when-restoring-state.patch] 2.6.32-upstream-stable: released (2.6.32.70) diff --git a/retired/CVE-2015-7613 b/retired/CVE-2015-7613 index c196c020..d56e71a1 100644 --- a/retired/CVE-2015-7613 +++ b/retired/CVE-2015-7613 @@ -5,7 +5,7 @@ Notes: carnil> and thus wheezy not affected. Needs to be checked. bwh> Both squeeze and wheezy have this issue. Bugs: -upstream: released (v4.3-rc4) [b9a532277938798b53178d5a66af6e2915cb27cf] +upstream: released (4.3-rc4) [b9a532277938798b53178d5a66af6e2915cb27cf] 3.16-upstream-stable: released (3.16.7-ckt19) 3.2-upstream-stable: released (3.2.72) [initialize-msg-shm-ipc-objects-before-doing-ipc_addid.patch] 2.6.32-upstream-stable: released (2.6.32.69) diff --git a/retired/CVE-2015-7872 b/retired/CVE-2015-7872 index 9a08cffb..7f09b6f6 100644 --- a/retired/CVE-2015-7872 +++ b/retired/CVE-2015-7872 @@ -5,7 +5,7 @@ Notes: Bugs: https://bugzilla.redhat.com/show_bug.cgi?id=1272371 https://bugzilla.redhat.com/show_bug.cgi?id=1272172 -upstream: released (v4.3-rc7) [f05819df10d7b09f6d1eb6f8534a8f68e5a4fe61] +upstream: released (4.3-rc7) [f05819df10d7b09f6d1eb6f8534a8f68e5a4fe61] 3.16-upstream-stable: released (3.16.7-ckt19) 3.2-upstream-stable: released (3.2.73) [keys-fix-crash-when-attempt-to-garbage-collect-an-uninstantiated.patch] 2.6.32-upstream-stable: N/A "vulnerable code not present" diff --git a/retired/CVE-2015-8019 b/retired/CVE-2015-8019 index ba67be9c..4a9fd3de 100644 --- a/retired/CVE-2015-8019 +++ b/retired/CVE-2015-8019 @@ -10,7 +10,7 @@ Notes: Only 3.16.7-ckt17-1 (jessie-p-u) is still affected and needs to be updated. Bugs: upstream: N/A "Vulnerable code not present" -3.16-upstream-stable: released (v3.16.7-ckt19) [fa89ae5548ed282f0ceb4660b3b93e4e2ee875f3] +3.16-upstream-stable: released (3.16.7-ckt19) [fa89ae5548ed282f0ceb4660b3b93e4e2ee875f3] 3.2-upstream-stable: released (3.2.73) [net-add-length-argument-to-skb_copy_and_csum_datagram_iovec.patch] 2.6.32-upstream-stable: N/A "Vulnerable code not present" sid: N/A "Vulnerable code not present" diff --git a/retired/CVE-2015-8104 b/retired/CVE-2015-8104 index 81935cd5..1d62b199 100644 --- a/retired/CVE-2015-8104 +++ b/retired/CVE-2015-8104 @@ -6,7 +6,7 @@ References: Notes: Bugs: upstream: released (4.4-rc1) [cbdb967af3d54993f5814f1cee0ed311a055377d] -3.16-upstream-stable: released (v3.16.7-ckt21) [13961a1784d20cc45210b664c6c2d0df6d2983c1] +3.16-upstream-stable: released (3.16.7-ckt21) [13961a1784d20cc45210b664c6c2d0df6d2983c1] 3.2-upstream-stable: released (3.2.74) 2.6.32-upstream-stable: ignored "EOL" sid: released (4.2.6-2) [bugfix/x86/kvm-svm-unconditionally-intercept-DB.patch] diff --git a/retired/CVE-2015-8215 b/retired/CVE-2015-8215 index a4574c2b..d25fed72 100644 --- a/retired/CVE-2015-8215 +++ b/retired/CVE-2015-8215 @@ -6,7 +6,7 @@ Notes: We originally used CVE-2015-0272 for this issue as well, but whose scope was actually for NetworkManager only. Bugs: -upstream: released (v4.0-rc3) [77751427a1ff25b27d47a4c36b12c3c8667855ac] +upstream: released (4.0-rc3) [77751427a1ff25b27d47a4c36b12c3c8667855ac] 3.16-upstream-stable: released (3.16.7-ckt18) 3.2-upstream-stable: released (3.2.72) [ipv6-addrconf-validate-new-mtu-before-applying-it.patch] 2.6.32-upstream-stable: released (2.6.32.69) diff --git a/retired/CVE-2015-8324 b/retired/CVE-2015-8324 index 4a9a21cd..bd364f00 100644 --- a/retired/CVE-2015-8324 +++ b/retired/CVE-2015-8324 @@ -2,7 +2,7 @@ Description: Null pointer dereference when mounting ext4 filesystem References: Notes: Bugs: -upstream: released (v2.6.34-rc1) [744692dc059845b2a3022119871846e74d4f6e11] +upstream: released (2.6.34-rc1) [744692dc059845b2a3022119871846e74d4f6e11] 3.16-upstream-stable: N/A "Fixed before 3.16" 3.2-upstream-stable: N/A "Fixed before 3.2" 2.6.32-upstream-stable: released (2.6.32.70) diff --git a/retired/CVE-2015-8374 b/retired/CVE-2015-8374 index 0305e58d..49e8c44e 100644 --- a/retired/CVE-2015-8374 +++ b/retired/CVE-2015-8374 @@ -2,8 +2,8 @@ Description: References: Notes: Bugs: -upstream: released (v4.4-rc1) [0305cd5f7fca85dae392b9ba85b116896eb7c1c7] -3.16-upstream-stable: released (v3.16.7-ckt21) [c40009c43c849713cad7a850af0e522e3132bc5d] +upstream: released (4.4-rc1) [0305cd5f7fca85dae392b9ba85b116896eb7c1c7] +3.16-upstream-stable: released (3.16.7-ckt21) [c40009c43c849713cad7a850af0e522e3132bc5d] 3.2-upstream-stable: released (3.2.74) 2.6.32-upstream-stable: ignored "btrfs in 2.6.32 is just a tech preview and not usable for production" sid: released (4.2.6-2) [bugfix/all/btrfs-fix-truncation-of-compressed-and-inlined-exten.patch] diff --git a/retired/CVE-2015-8539 b/retired/CVE-2015-8539 index 92c1f04b..9db90d75 100644 --- a/retired/CVE-2015-8539 +++ b/retired/CVE-2015-8539 @@ -5,7 +5,7 @@ Notes: carnil> check. carnil> Introduced by 146aa8b1453bd8f1ff2304ffb71b4ee0eb9acdcc (v4.4-rc1)? Bugs: -upstream: released (v4.4-rc3) [096fe9eaea40a17e125569f9e657e34cdb6d73bd] +upstream: released (4.4-rc3) [096fe9eaea40a17e125569f9e657e34cdb6d73bd] 3.16-upstream-stable: N/A "Vulnerable code not present" 3.2-upstream-stable: N/A "Vulnerable code not present" 2.6.32-upstream-stable: N/A "Vulnerable code not present" diff --git a/retired/CVE-2015-8660 b/retired/CVE-2015-8660 index 842e2ac9..d8e33d97 100644 --- a/retired/CVE-2015-8660 +++ b/retired/CVE-2015-8660 @@ -2,7 +2,7 @@ Description: overlay: fix permission checking for setattr References: Notes: Bugs: -upstream: released (v4.4-rc4) [acff81ec2c79492b180fade3c2894425cd35a545] +upstream: released (4.4-rc4) [acff81ec2c79492b180fade3c2894425cd35a545] 3.16-upstream-stable: N/A "Vulnerable code not present, introduced in e9be9d5e76e34872f0c37d72e25bc27fe9e2c54c (v3.18-rc2)" 3.2-upstream-stable: N/A "Vulnerable code not present, introduced in e9be9d5e76e34872f0c37d72e25bc27fe9e2c54c (v3.18-rc2)" 2.6.32-upstream-stable: N/A "Vulnerable code not present, introduced in e9be9d5e76e34872f0c37d72e25bc27fe9e2c54c (v3.18-rc2)" diff --git a/retired/CVE-2015-8746 b/retired/CVE-2015-8746 index 1100eb72..dd447905 100644 --- a/retired/CVE-2015-8746 +++ b/retired/CVE-2015-8746 @@ -2,8 +2,8 @@ Description: when NFSv4 migration is executed, kernel oops occurs at NFS client References: Notes: Bugs: -upstream: released (v4.3-rc1) [18e3b739fdc826481c6a1335ce0c5b19b3d415da] -3.16-upstream-stable: released (v3.16.7-ckt18) [6a64d8c4c07c176abee384803f28fa1507963369] +upstream: released (4.3-rc1) [18e3b739fdc826481c6a1335ce0c5b19b3d415da] +3.16-upstream-stable: released (3.16.7-ckt18) [6a64d8c4c07c176abee384803f28fa1507963369] 3.2-upstream-stable: N/A "Vulnerable code not present, introduced in [ec011fe847347b40c60fdb5085f65227762e2e08] (v3.13-rc1)" 2.6.32-upstream-stable: N/A "Vulnerable code not present, introduced in [ec011fe847347b40c60fdb5085f65227762e2e08] (v3.13-rc1)" sid: released (4.3.1-1) diff --git a/retired/CVE-2015-8767 b/retired/CVE-2015-8767 index 50fbbe96..80522909 100644 --- a/retired/CVE-2015-8767 +++ b/retired/CVE-2015-8767 @@ -6,7 +6,7 @@ Notes: bwh> changed a whole lot since 2.6.32 and most other security fixes bwh> have been needed all the way back. Bugs: -upstream: released (v4.3-rc4) [635682a14427d241bab7bbdeebb48a7d7b91638e] +upstream: released (4.3-rc4) [635682a14427d241bab7bbdeebb48a7d7b91638e] 3.16-upstream-stable: released (3.16.7-ckt24) 3.2-upstream-stable: released (3.2.77) [sctp-prevent-soft-lockup-when-sctp_accept-is-called-during-a.patch] 2.6.32-upstream-stable: released (2.6.32.71) diff --git a/retired/CVE-2015-8787 b/retired/CVE-2015-8787 index 019e4c47..ef8e6dbb 100644 --- a/retired/CVE-2015-8787 +++ b/retired/CVE-2015-8787 @@ -2,7 +2,7 @@ Description: Missing NULL pointer check in nf_nat_redirect_ipv4 References: Notes: Bugs: -upstream: released (v4.4-rc1) [94f9cd81436c85d8c3a318ba92e236ede73752fc] +upstream: released (4.4-rc1) [94f9cd81436c85d8c3a318ba92e236ede73752fc] 3.16-upstream-stable: N/A "Introduced by 8b13eddfdf04cbfa561725cfc42d6868fe896f56 in v3.19-rc1" 3.2-upstream-stable: N/A "Introduced by 8b13eddfdf04cbfa561725cfc42d6868fe896f56 in v3.19-rc1" 2.6.32-upstream-stable: N/A "Introduced by 8b13eddfdf04cbfa561725cfc42d6868fe896f56 in v3.19-rc1" diff --git a/retired/CVE-2015-8812 b/retired/CVE-2015-8812 index 584b4e90..79fab2ae 100644 --- a/retired/CVE-2015-8812 +++ b/retired/CVE-2015-8812 @@ -4,7 +4,7 @@ Notes: Introduced in 04b5d028f50ff05a8f9ae049ee71f8fdfcf1f5de (v2.6.30-rc2). Partially fixed in 2.6.35 with 73a203d2014f50d874b9e40083ad481ca70408e8. Bugs: -upstream: released (v4.5-rc1) [67f1aee6f45059fd6b0f5b0ecb2c97ad0451f6b3] +upstream: released (4.5-rc1) [67f1aee6f45059fd6b0f5b0ecb2c97ad0451f6b3] 3.16-upstream-stable: released (3.16.7-ckt25) 3.2-upstream-stable: released (3.2.78) [iw_cxgb3-fix-incorrectly-returning-error-on-success.patch] 2.6.32-upstream-stable: released (2.6.32.71) diff --git a/retired/CVE-2015-8816 b/retired/CVE-2015-8816 index 95e3acaf..79043f2a 100644 --- a/retired/CVE-2015-8816 +++ b/retired/CVE-2015-8816 @@ -2,7 +2,7 @@ Description: USB hub invalid memory access in hub_activate() References: Notes: Bugs: -upstream: released (v4.4-rc6) [e50293ef9775c5f1cf3fcc093037dd6a8c5684ea] +upstream: released (4.4-rc6) [e50293ef9775c5f1cf3fcc093037dd6a8c5684ea] 3.16-upstream-stable: released (3.16.7-ckt23) 3.2-upstream-stable: released (3.2.76) sid: released (4.4.2-1) diff --git a/retired/CVE-2015-8844 b/retired/CVE-2015-8844 index 183c9988..3f166c8c 100644 --- a/retired/CVE-2015-8844 +++ b/retired/CVE-2015-8844 @@ -3,8 +3,8 @@ References: Notes: Introduced by 2b0a576d15e0e14751f00f9c87e46bad27f217e7 (v3.9-rc1) Bugs: -upstream: released (v4.4-rc3) [d2b9d2a5ad5ef04ff978c9923d19730cb05efd55] -3.16-upstream-stable: released (v3.16.7-ckt22) [368d31a3656ce7df52a229f6375442ac529db201] +upstream: released (4.4-rc3) [d2b9d2a5ad5ef04ff978c9923d19730cb05efd55] +3.16-upstream-stable: released (3.16.7-ckt22) [368d31a3656ce7df52a229f6375442ac529db201] 3.2-upstream-stable: N/A "Vulnerable code introduced later" sid: released (4.4.2-1) 3.16-jessie-security: released (3.16.7-ckt25-1) diff --git a/retired/CVE-2015-8845 b/retired/CVE-2015-8845 index 89ce4855..6d577a8b 100644 --- a/retired/CVE-2015-8845 +++ b/retired/CVE-2015-8845 @@ -3,8 +3,8 @@ References: Notes: Introduced by fb09692e71f13af7298eb603a1975850b1c7a8d8 (v3.9-rc1) Bugs: -upstream: released (v4.4-rc3) [7f821fc9c77a9b01fe7b1d6e72717b33d8d64142] -3.16-upstream-stable: released (v3.16.7-ckt22) [2682034aabc6fc07cf5fc088cca1e96f36a4e4bc] +upstream: released (4.4-rc3) [7f821fc9c77a9b01fe7b1d6e72717b33d8d64142] +3.16-upstream-stable: released (3.16.7-ckt22) [2682034aabc6fc07cf5fc088cca1e96f36a4e4bc] 3.2-upstream-stable: N/A "Vulnerable code not present" sid: released (4.4.2-1) 3.16-jessie-security: released (3.16.7-ckt25-1) diff --git a/retired/CVE-2016-0617 b/retired/CVE-2016-0617 index 25b22251..08467bd7 100644 --- a/retired/CVE-2016-0617 +++ b/retired/CVE-2016-0617 @@ -2,7 +2,7 @@ Description: References: Notes: Bugs: -upstream: released (v4.5-rc1) [9aacdd354d197ad64685941b36d28ea20ab88757] +upstream: released (4.5-rc1) [9aacdd354d197ad64685941b36d28ea20ab88757] 3.16-upstream-stable: N/A "Introduced by 1bfad99ab42569807d0ca1698449cae5e8c0334a in v4.3-rc1" 3.2-upstream-stable: N/A "Introduced by 1bfad99ab42569807d0ca1698449cae5e8c0334a in v4.3-rc1" sid: released (4.4.2-1) [bugfix/all/fs-hugetlbfs-inode.c-fix-bugs-in-hugetlb_vmtruncate_.patch] diff --git a/retired/CVE-2016-0823 b/retired/CVE-2016-0823 index 9deaf7f9..ad0aa12d 100644 --- a/retired/CVE-2016-0823 +++ b/retired/CVE-2016-0823 @@ -3,7 +3,7 @@ References: https://googleprojectzero.blogspot.cz/2015/03/exploiting-dram-rowhammer-bug-to-gain.html Notes: Bugs: -upstream: released (v4.0-rc5) [ab676b7d6fbf4b294bf198fb27ade5b0e865c7ce] +upstream: released (4.0-rc5) [ab676b7d6fbf4b294bf198fb27ade5b0e865c7ce] 3.16-upstream-stable: released (3.16.7-ckt10) [948e681e8731ab8b49d81d4a5b61b5bf3b3e6152] 3.2-upstream-stable: released (3.2.69) [1ffc3cd9a36b504c20ce98fe5eeb5463f389e1ac] sid: released (4.0.2-1) diff --git a/retired/CVE-2016-10200 b/retired/CVE-2016-10200 index 2aea5322..e621ba78 100644 --- a/retired/CVE-2016-10200 +++ b/retired/CVE-2016-10200 @@ -2,7 +2,7 @@ Description: Race in l2tp binding can lead to use-after-free References: Notes: Bugs: -upstream: released (v4.9-rc7) [32c231164b762dddefa13af5a0101032c70b50ef] +upstream: released (4.9-rc7) [32c231164b762dddefa13af5a0101032c70b50ef] 4.9-upstream-stable: N/A "Fixed before 4.9 LTS release" 3.16-upstream-stable: released (3.16.40) [7c3ad0d86f80618c00a5d6a267080238185038f6] 3.2-upstream-stable: released (3.2.88) [2147a17048314f069838aace1d08b8c719448b50] diff --git a/retired/CVE-2016-2069 b/retired/CVE-2016-2069 index bd4abfe2..45b8825f 100644 --- a/retired/CVE-2016-2069 +++ b/retired/CVE-2016-2069 @@ -2,7 +2,7 @@ Description: x86 Linux TLB flush bug References: Notes: Bugs: -upstream: released (v4.5-rc1) [71b3c126e61177eb693423f2e18a1914205b165e, 4eaffdd5a5fe6ff9f95e1ab4de1ac904d5e0fa8b] +upstream: released (4.5-rc1) [71b3c126e61177eb693423f2e18a1914205b165e, 4eaffdd5a5fe6ff9f95e1ab4de1ac904d5e0fa8b] 3.16-upstream-stable: released (3.16.7-ckt24) 3.2-upstream-stable: released (3.2.77) [x86-mm-add-barriers-and-document-switch_mm-vs-flush.patch, x86-mm-improve-switch_mm-barrier-comments.patch] 2.6.32-upstream-stable: released (2.6.32.71) diff --git a/retired/CVE-2016-2070 b/retired/CVE-2016-2070 index cccf5d83..5d955c54 100644 --- a/retired/CVE-2016-2070 +++ b/retired/CVE-2016-2070 @@ -2,7 +2,7 @@ Description: potential division by zero in TCP code References: Notes: Bugs: -upstream: released (v4.4) [8b8a321ff72c785ed5e8b4cf6eda20b35d427390] +upstream: released (4.4) [8b8a321ff72c785ed5e8b4cf6eda20b35d427390] 3.16-upstream-stable: N/A "Introduced by 3759824da87b30ce7a35b4873b62b0ba38905ef5 in v4.3-rc1" 3.2-upstream-stable: N/A "Introduced by 3759824da87b30ce7a35b4873b62b0ba38905ef5 in v4.3-rc1" 2.6.32-upstream-stable: N/A "Introduced by 3759824da87b30ce7a35b4873b62b0ba38905ef5 in v4.3-rc1" diff --git a/retired/CVE-2016-2543 b/retired/CVE-2016-2543 index 4d9120ec..5ec7636f 100644 --- a/retired/CVE-2016-2543 +++ b/retired/CVE-2016-2543 @@ -2,7 +2,7 @@ Description: ALSA: seq: Fix missing NULL check at remove_events ioctl References: Notes: Bugs: -upstream: released (v4.5-rc1) [030e2c78d3a91dd0d27fef37e91950dde333eba1] +upstream: released (4.5-rc1) [030e2c78d3a91dd0d27fef37e91950dde333eba1] 3.16-upstream-stable: released (3.16.7-ckt24) 3.2-upstream-stable: released (3.2.77) sid: released (4.4.2-1) diff --git a/retired/CVE-2016-2544 b/retired/CVE-2016-2544 index 12d6815a..3380d5fc 100644 --- a/retired/CVE-2016-2544 +++ b/retired/CVE-2016-2544 @@ -2,7 +2,7 @@ Description: ALSA: seq: Fix race at timer setup and close References: Notes: Bugs: -upstream: released (v4.5-rc1) [3567eb6af614dac436c4b16a8d426f9faed639b3] +upstream: released (4.5-rc1) [3567eb6af614dac436c4b16a8d426f9faed639b3] 3.16-upstream-stable: released (3.16.7-ckt24) 3.2-upstream-stable: released (3.2.77) sid: released (4.4.2-1) diff --git a/retired/CVE-2016-2545 b/retired/CVE-2016-2545 index 290d9007..0c78d7b9 100644 --- a/retired/CVE-2016-2545 +++ b/retired/CVE-2016-2545 @@ -2,7 +2,7 @@ Description: ALSA: timer: Fix double unlink of active_list References: Notes: Bugs: -upstream: released (v4.5-rc1) [ee8413b01045c74340aa13ad5bdf905de32be736] +upstream: released (4.5-rc1) [ee8413b01045c74340aa13ad5bdf905de32be736] 3.16-upstream-stable: released (3.16.7-ckt24) 3.2-upstream-stable: released (3.2.77) sid: released (4.4.2-1) diff --git a/retired/CVE-2016-2546 b/retired/CVE-2016-2546 index d756a401..164d454e 100644 --- a/retired/CVE-2016-2546 +++ b/retired/CVE-2016-2546 @@ -2,7 +2,7 @@ Description: ALSA: timer: Fix race among timer ioctls References: Notes: Bugs: -upstream: released (v4.5-rc1) [af368027a49a751d6ff4ee9e3f9961f35bb4fede] +upstream: released (4.5-rc1) [af368027a49a751d6ff4ee9e3f9961f35bb4fede] 3.16-upstream-stable: released (3.16.7-ckt24) 3.2-upstream-stable: released (3.2.77) sid: released (4.4.2-1) diff --git a/retired/CVE-2016-2547 b/retired/CVE-2016-2547 index 4b76f716..154596aa 100644 --- a/retired/CVE-2016-2547 +++ b/retired/CVE-2016-2547 @@ -2,7 +2,7 @@ Description: Use-after-free in ALSA timer subsystem References: Notes: Bugs: -upstream: released (v4.5-rc1) [b5a663aa426f4884c71cd8580adae73f33570f0d] +upstream: released (4.5-rc1) [b5a663aa426f4884c71cd8580adae73f33570f0d] 3.16-upstream-stable: released (3.16.7-ckt24) 3.2-upstream-stable: released (3.2.77) sid: released (4.4.2-1) diff --git a/retired/CVE-2016-2548 b/retired/CVE-2016-2548 index 4b76f716..154596aa 100644 --- a/retired/CVE-2016-2548 +++ b/retired/CVE-2016-2548 @@ -2,7 +2,7 @@ Description: Use-after-free in ALSA timer subsystem References: Notes: Bugs: -upstream: released (v4.5-rc1) [b5a663aa426f4884c71cd8580adae73f33570f0d] +upstream: released (4.5-rc1) [b5a663aa426f4884c71cd8580adae73f33570f0d] 3.16-upstream-stable: released (3.16.7-ckt24) 3.2-upstream-stable: released (3.2.77) sid: released (4.4.2-1) diff --git a/retired/CVE-2016-2549 b/retired/CVE-2016-2549 index e69fad6e..d0772a5d 100644 --- a/retired/CVE-2016-2549 +++ b/retired/CVE-2016-2549 @@ -2,7 +2,7 @@ Description: ALSA: hrtimer: Fix stall by hrtimer_cancel() References: Notes: Bugs: -upstream: released (v4.5-rc1) [2ba1fe7a06d3624f9a7586d672b55f08f7c670f3] +upstream: released (4.5-rc1) [2ba1fe7a06d3624f9a7586d672b55f08f7c670f3] 3.16-upstream-stable: released (3.16.7-ckt24) 3.2-upstream-stable: released (3.2.77) sid: released (4.4.2-1) diff --git a/retired/CVE-2016-2550 b/retired/CVE-2016-2550 index dc0e4546..d7aeea9a 100644 --- a/retired/CVE-2016-2550 +++ b/retired/CVE-2016-2550 @@ -4,9 +4,9 @@ Notes: Introduced by (v4.5-rc1) [712f4aad406bb1ed67f3f98d04c044191f0ff593] while addressing CVE-2013-4312. Bugs: -upstream: released (v4.5-rc4) [415e3d3e90ce9e18727e8843ae343eda5a58fad6] +upstream: released (4.5-rc4) [415e3d3e90ce9e18727e8843ae343eda5a58fad6] 3.16-upstream-stable: released (3.16.7-ckt25) [03c70599a7323eeb63f41b8f03666c1319171d5f] -3.2-upstream-stable: released (v3.2.78) [5ea820046ee399214221c0bb817eb35d304c9604] +3.2-upstream-stable: released (3.2.78) [5ea820046ee399214221c0bb817eb35d304c9604] sid: released (4.4.4-1) 3.16-jessie-security: released (3.16.7-ckt20-1+deb8u4) [bugfix/all/unix-correctly-track-in-flight-fds-in-sending-process-user_struct.patch] 3.2-wheezy-security: released (3.2.73-2+deb7u3) [bugfix/all/unix-correctly-track-in-flight-fds-in-sending-process-user_struct.patch] diff --git a/retired/CVE-2016-2782 b/retired/CVE-2016-2782 index 3f261597..e57a8a88 100644 --- a/retired/CVE-2016-2782 +++ b/retired/CVE-2016-2782 @@ -2,9 +2,9 @@ Description: USB: visor: fix null-deref at probe References: Notes: Bugs: -upstream: released (v4.5-rc2) [cac9b50b0d75a1d50d6c056ff65c005f3224c8e0] +upstream: released (4.5-rc2) [cac9b50b0d75a1d50d6c056ff65c005f3224c8e0] 3.16-upstream-stable: released (3.16.7-ckt25) [2e943fbce619e71cd28adc23abe2104f5675bdc3] -3.2-upstream-stable: released (v3.2.78) [eff70986a653dbf87ede52a1293dc499b6eb829e] +3.2-upstream-stable: released (3.2.78) [eff70986a653dbf87ede52a1293dc499b6eb829e] sid: released (4.4.2-1) 3.16-jessie-security: released (3.16.7-ckt25-1) 3.2-wheezy-security: released (3.2.78-1) diff --git a/retired/CVE-2016-2847 b/retired/CVE-2016-2847 index 31655f77..15135e22 100644 --- a/retired/CVE-2016-2847 +++ b/retired/CVE-2016-2847 @@ -2,9 +2,9 @@ Description: pipe: limit the per-user amount of pages allocated in pipes References: Notes: Bugs: -upstream: released (v4.5-rc1) [759c01142a5d0f364a462346168a56de28a80f52] +upstream: released (4.5-rc1) [759c01142a5d0f364a462346168a56de28a80f52] 3.16-upstream-stable: released (3.16.7-ckt25) -3.2-upstream-stable: released (v3.2.78) [92375b85b70395c8180991084c05e8d78e55d066] +3.2-upstream-stable: released (3.2.78) [92375b85b70395c8180991084c05e8d78e55d066] sid: released (4.3.5-1) [bugfix/all/pipe-limit-the-per-user-amount-of-pages-allocated-in.patch] 3.16-jessie-security: released (3.16.7-ckt20-1+deb8u4) [bugfix/all/pipe-limit-the-per-user-amount-of-pages-allocated-in.patch] 3.2-wheezy-security: released (3.2.73-2+deb7u3) [bugfix/all/pipe-limit-the-per-user-amount-of-pages-allocated-in.patch] diff --git a/retired/CVE-2016-3135 b/retired/CVE-2016-3135 index 19a18d75..9374eb17 100644 --- a/retired/CVE-2016-3135 +++ b/retired/CVE-2016-3135 @@ -5,7 +5,7 @@ References: Notes: Possibly introduced by 711bdde6a884354ddae8da2fcb495b2a9364cc90 (v4.2-rc1) Bugs: -upstream: released (v4.6-rc1) [d157bd761585605b7882935ffb86286919f62ea1] +upstream: released (4.6-rc1) [d157bd761585605b7882935ffb86286919f62ea1] 3.16-upstream-stable: N/A "Vulnerable code not present, introduced in 711bdde6a884354ddae8da2fcb495b2a9364cc90 (v4.2-rc1)" 3.2-upstream-stable: N/A "Vulnerable code not present, introduced in 711bdde6a884354ddae8da2fcb495b2a9364cc90 (v4.2-rc1)" sid: released (4.4.6-1) [bugfix/all/netfilter-x_tables-check-for-size-overflow.patch] diff --git a/retired/CVE-2016-5728 b/retired/CVE-2016-5728 index 235407c5..fb881dc5 100644 --- a/retired/CVE-2016-5728 +++ b/retired/CVE-2016-5728 @@ -16,7 +16,7 @@ Notes: Introduced in 3.13-rc1 with f69bcbf3b4c4b333dcd7a48eaf868bf0c88edab5 Bugs: https://bugzilla.kernel.org/show_bug.cgi?id=116651 -upstream: released (v4.7-rc1) [9bf292bfca94694a721449e3fd752493856710f6] +upstream: released (4.7-rc1) [9bf292bfca94694a721449e3fd752493856710f6] 3.16-upstream-stable: released (3.16.37) [misc-mic-fix-for-double-fetch-security-bug-in-vop-driver.patch] 3.2-upstream-stable: N/A "Vulnerable code introduced in 3.13-rc1 with f69bcbf3b4c4b333dcd7a48eaf868bf0c88edab5" sid: released (4.6.1-1) [2a9369456a384d84c521c8ebb48d247e8738f84f] diff --git a/retired/CVE-2016-7914 b/retired/CVE-2016-7914 index 2ce817df..c4bacb78 100644 --- a/retired/CVE-2016-7914 +++ b/retired/CVE-2016-7914 @@ -3,7 +3,7 @@ References: Notes: bwh> assoc_array was added in v3.13 Bugs: -upstream: released (v4.6-rc4) [8d4a2ec1e0b41b0cf9a0c5cd4511da7f8e4f3de2] +upstream: released (4.6-rc4) [8d4a2ec1e0b41b0cf9a0c5cd4511da7f8e4f3de2] 3.16-upstream-stable: released (3.16.36) 3.2-upstream-stable: N/A "Vulnerable code not present" sid: released (4.5.3-1) diff --git a/retired/CVE-2017-13220 b/retired/CVE-2017-13220 index 9bf810e3..fdde9115 100644 --- a/retired/CVE-2017-13220 +++ b/retired/CVE-2017-13220 @@ -6,7 +6,7 @@ Notes: carnil> Introduced in/later than b4f34d8d9d26b2428fa7cf7c8f97690a297978e6 carnil> in 3.10-rc1. Bugs: -upstream: released (v3.19-rc3) [51bda2bca53b265715ca1852528f38dc67429d9a] +upstream: released (3.19-rc3) [51bda2bca53b265715ca1852528f38dc67429d9a] 4.9-upstream-stable: N/A "Fixed before branching point" 3.16-upstream-stable: released (3.16.57) [3738d7b1da4d6f306ca6d5a6a96dd70c36f53f94] 3.2-upstream-stable: N/A "Vulnerable code not present" diff --git a/retired/CVE-2017-18193 b/retired/CVE-2017-18193 index 18ebc724..35609031 100644 --- a/retired/CVE-2017-18193 +++ b/retired/CVE-2017-18193 @@ -4,7 +4,7 @@ Notes: bwh> The extent tree was implemented in f2fs in 4.3, so I think the bwh> vulnerability cannot be older than that. Bugs: -upstream: released (v4.13-rc1) [dad48e73127ba10279ea33e6dbc8d3905c4d31c0] +upstream: released (4.13-rc1) [dad48e73127ba10279ea33e6dbc8d3905c4d31c0] 4.9-upstream-stable: released (4.9.86) [4a97b2d09d332c43612f489c99b97d691002b6d4] 3.16-upstream-stable: N/A "Vulnerable code not present" 3.2-upstream-stable: N/A "Vulnerable code not present" diff --git a/retired/CVE-2018-9465 b/retired/CVE-2018-9465 index 00b6bcbc..01dadf99 100644 --- a/retired/CVE-2018-9465 +++ b/retired/CVE-2018-9465 @@ -3,7 +3,7 @@ References: https://source.android.com/security/bulletin/2018-08-01 Notes: Bugs: -upstream: released (v4.15-rc6) [7f3dc0088b98533f17128058fac73cd8b2752ef1] +upstream: released (4.15-rc6) [7f3dc0088b98533f17128058fac73cd8b2752ef1] 4.9-upstream-stable: released (4.9.144) [c0d75dacffb9cf3c0e3812ba0c7607c063cd7e9d] 3.16-upstream-stable: N/A "Vulnerable code not present" sid: released released (4.14.12-1) diff --git a/retired/CVE-2018-9516 b/retired/CVE-2018-9516 index a3153150..aa3072b9 100644 --- a/retired/CVE-2018-9516 +++ b/retired/CVE-2018-9516 @@ -3,7 +3,7 @@ References: https://source.android.com/security/bulletin/pixel/2018-09-01 Notes: Bugs: -upstream: released (v4.18-rc5) [717adfdaf14704fd3ec7fa2c04520c0723247eac] +upstream: released (4.18-rc5) [717adfdaf14704fd3ec7fa2c04520c0723247eac] 4.9-upstream-stable: released (4.9.112) [4a30c12542290f1def08b9ef0d677c024c500589] 3.16-upstream-stable: released (3.16.59) [hid-debug-check-length-before-copy_to_user.patch] sid: released (4.17.6-1) diff --git a/retired/CVE-2019-0136 b/retired/CVE-2019-0136 index d8fa5a9e..1d26de4d 100644 --- a/retired/CVE-2019-0136 +++ b/retired/CVE-2019-0136 @@ -10,7 +10,7 @@ Notes: carnil> Backport request for 4.9: https://lore.kernel.org/stable/20190927115711.GA8961@eldamar.local/ bwh> stretch still only has the first commit. Bugs: -upstream: released (v5.2-rc6) [588f7d39b3592a36fb7702ae3b8bdd9be4621e2f, 79c92ca42b5a3e0ea172ea2ce8df8e125af237da] +upstream: released (5.2-rc6) [588f7d39b3592a36fb7702ae3b8bdd9be4621e2f, 79c92ca42b5a3e0ea172ea2ce8df8e125af237da] 4.19-upstream-stable: released (4.19.56) [0e879ef1cb5baddebe1f12a9a3940a87d8e61558, 1e1007ac47d85dacf6d45821a2870b6268499700] 4.9-upstream-stable: released (4.9.195) [9f0f5ff93ed0205a90f11103e9937f3c0417cd4b, 7b1f4ffab73d9319b8132bbf5f4a0e2110a98bde] 3.16-upstream-stable: released (3.16.74) [62909f7d0b1360ddb147bae8f546228dd93588e1, 8c2981482a9a1b8910dd0b4365b53db1a056ae66] diff --git a/retired/CVE-2019-1999 b/retired/CVE-2019-1999 index cde03f75..251590a9 100644 --- a/retired/CVE-2019-1999 +++ b/retired/CVE-2019-1999 @@ -6,7 +6,7 @@ Notes: bwh> shrinker to binder". Backports of the fix to stable have incorrect bwh> metadata. Bugs: -upstream: released (v5.1-rc3) [5cec2d2e5839f9c0fec319c523a911e0a7fd299f] +upstream: released (5.1-rc3) [5cec2d2e5839f9c0fec319c523a911e0a7fd299f] 4.19-upstream-stable: released (4.19.38) [6bf7d3c5c0c5dad650bfc4345ed553c18b69d59e] 4.9-upstream-stable: N/A "Vulnerable code introduced later" 3.16-upstream-stable: N/A "Vulnerable code introduced later" diff --git a/retired/CVE-2019-2054 b/retired/CVE-2019-2054 index 114b4554..ecd6bed4 100644 --- a/retired/CVE-2019-2054 +++ b/retired/CVE-2019-2054 @@ -6,7 +6,7 @@ Notes: bwh> This was a documented limitation of seccomp, and applied to all bwh> architectures; see commit 58d0a862f573c3354fa912603ef5a4db188774e7. Bugs: -upstream: released (v4.8-rc1) [0f3912fd934cdfd03d93f2dc6f064099795bf638] +upstream: released (4.8-rc1) [0f3912fd934cdfd03d93f2dc6f064099795bf638] 4.19-upstream-stable: N/A "Fixed before branching point" 4.9-upstream-stable: N/A "Fixed before branching point" 3.16-upstream-stable: ignored "Documented limitation" diff --git a/retired/CVE-2019-2181 b/retired/CVE-2019-2181 index 809472f1..1703dffb 100644 --- a/retired/CVE-2019-2181 +++ b/retired/CVE-2019-2181 @@ -5,7 +5,7 @@ Notes: bwh> Introduced in 5.1 by commit ec74136ded79 "binder: create node flag bwh> to request sender's security context". Bugs: -upstream: released (v5.2-rc1) [0b0509508beff65c1d50541861bc0d4973487dc5] +upstream: released (5.2-rc1) [0b0509508beff65c1d50541861bc0d4973487dc5] 4.19-upstream-stable: N/A "Vulnerable code not present" 4.9-upstream-stable: N/A "Vulnerable code not present" 3.16-upstream-stable: N/A "Vulnerable code not present" diff --git a/retired/CVE-2019-9458 b/retired/CVE-2019-9458 index 03426185..acecb344 100644 --- a/retired/CVE-2019-9458 +++ b/retired/CVE-2019-9458 @@ -5,7 +5,7 @@ Notes: carnil> event: Add subscription to list before calling "add" carnil> operation") Bugs: -upstream: released (v4.19-rc7) [ad608fbcf166fec809e402d548761768f602702c] +upstream: released (4.19-rc7) [ad608fbcf166fec809e402d548761768f602702c] 4.19-upstream-stable: N/A "Fixed before branching point" 4.9-upstream-stable: released (4.9.131) [ec964c3c00457e7ce6b633a33d1c6b61e0091557] 3.16-upstream-stable: released (3.16.61) [a37099499a019538386ef53ca1485cafa6095e0b] |