diff options
| author | Moritz Muehlenhoff <jmm@debian.org> | 2013-08-29 06:26:59 +0000 |
|---|---|---|
| committer | Moritz Muehlenhoff <jmm@debian.org> | 2013-08-29 06:26:59 +0000 |
| commit | f28634c9ec2188a43ab8c4655a0f23ac198c30c5 (patch) | |
| tree | 6b04e688417f254decd923867aee076bc8c76acf /retired | |
| parent | c2ce29e2dbd0ea9a802e85d5fe2b70e2687d75f3 (diff) | |
retire
git-svn-id: svn+ssh://svn.debian.org/svn/kernel-sec@3048 e094ebfe-e918-0410-adfb-c712417f3574
Diffstat (limited to 'retired')
| -rw-r--r-- | retired/CVE-2013-1059 | 12 | ||||
| -rw-r--r-- | retired/CVE-2013-2148 | 11 | ||||
| -rw-r--r-- | retired/CVE-2013-4163 | 13 |
3 files changed, 36 insertions, 0 deletions
diff --git a/retired/CVE-2013-1059 b/retired/CVE-2013-1059 new file mode 100644 index 00000000..0efbbcde --- /dev/null +++ b/retired/CVE-2013-1059 @@ -0,0 +1,12 @@ +Description: libceph: Fix NULL pointer dereference in auth client code +References: + https://bugzilla.redhat.com/attachment.cgi?id=767633&action=diff + https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2013-1059 +Notes: +Bugs: +upstream: released (3.11-rc1) [2cb33cac622afde897aa02d3dcd9fbba8bae839e] +2.6.32-upstream-stable: N/A "ceph was introduced in 2.6.34" +sid: released (3.10.1-1) +3.2-wheezy-security: released (3.2.46-1+deb7u1) [bugfix/all/libceph-Fix-NULL-pointer-dereference-in-auth-client-.patch] +2.6.32-squeeze-security: N/A "ceph was introduced in 2.6.34" +3.2-upstream-stable: released (3.2.49)
\ No newline at end of file diff --git a/retired/CVE-2013-2148 b/retired/CVE-2013-2148 new file mode 100644 index 00000000..2e52bbfb --- /dev/null +++ b/retired/CVE-2013-2148 @@ -0,0 +1,11 @@ +Description: stack info leak in fanotify +References: + https://lkml.org/lkml/2013/6/3/128 +Notes: +Bugs: +upstream: released (3.11-rc1) [de1e0c40aceb9d5bff09c3a3b97b2f1b178af53f] +2.6.32-upstream-stable: N/A "fanotify introduced in 2.6.36" +sid: released (3.9.8-1) +3.2-wheezy-security: released (3.2.46-1+deb7u1) [bugfix/all/fanotify-info-leak-in-copy_event_to_user.patch] +2.6.32-squeeze-security: N/A "fanotify introduced in 2.6.36" +3.2-upstream-stable: released (3.2.50) diff --git a/retired/CVE-2013-4163 b/retired/CVE-2013-4163 new file mode 100644 index 00000000..c9632edf --- /dev/null +++ b/retired/CVE-2013-4163 @@ -0,0 +1,13 @@ +Description: net: panic while appending data to a corked IPv6 socket in ip6_append_data_mtu +References: +Notes: + jmm> This was introduced upstream in 3.5, but 0c1833797a5a6ec23ea9261d979aa18078720b74 was + jmm> merged into 3.2.20, so Wheezy and 3.2.x LTS are affected + jmm> Fixed in 3.10.4 +Bugs: +upstream: released (3.11-rc1) [75a493e60ac4bbe2e977e7129d6d8cbb0dd236be] +2.6.32-upstream-stable: N/A "Introduced with 0c1833797a5a6ec23ea9261d979aa18078720b74" +sid: released (3.10.5-1) +3.2-wheezy-security: released (3.2.46-1+deb7u1) [bugfix/all/ipv6-ip6_append_data_mtu-did-not-care-about-pmtudisc.patch] +2.6.32-squeeze-security: N/A "Introduced with 0c1833797a5a6ec23ea9261d979aa18078720b74" +3.2-upstream-stable: released (3.2.50) |