From 376d4c7e81df70c1b39e2f912570baa5049dd245 Mon Sep 17 00:00:00 2001 From: Salvatore Bonaccorso Date: Mon, 28 Nov 2016 19:21:47 +0000 Subject: Retire some CVEs fixed everywhere git-svn-id: svn+ssh://svn.debian.org/svn/kernel-sec@4738 e094ebfe-e918-0410-adfb-c712417f3574 --- active/CVE-2015-8956 | 12 ------------ active/CVE-2016-6480 | 13 ------------- active/CVE-2016-6828 | 12 ------------ active/CVE-2016-7042 | 12 ------------ active/CVE-2016-7425 | 12 ------------ retired/CVE-2015-8956 | 12 ++++++++++++ retired/CVE-2016-6480 | 13 +++++++++++++ retired/CVE-2016-6828 | 12 ++++++++++++ retired/CVE-2016-7042 | 12 ++++++++++++ retired/CVE-2016-7425 | 12 ++++++++++++ 10 files changed, 61 insertions(+), 61 deletions(-) delete mode 100644 active/CVE-2015-8956 delete mode 100644 active/CVE-2016-6480 delete mode 100644 active/CVE-2016-6828 delete mode 100644 active/CVE-2016-7042 delete mode 100644 active/CVE-2016-7425 create mode 100644 retired/CVE-2015-8956 create mode 100644 retired/CVE-2016-6480 create mode 100644 retired/CVE-2016-6828 create mode 100644 retired/CVE-2016-7042 create mode 100644 retired/CVE-2016-7425 diff --git a/active/CVE-2015-8956 b/active/CVE-2015-8956 deleted file mode 100644 index f39603429..000000000 --- a/active/CVE-2015-8956 +++ /dev/null @@ -1,12 +0,0 @@ -Description: Potential null dereference in rfcomm protocol -References: -Notes: - bwh> This is minor for 3.2 as the only dereference is in a conditional - bwh> logging statement which is disabled by default. -Bugs: -upstream: released (4.2-rc1) [951b6a0717db97ce420547222647bcc40bf1eacd] -3.16-upstream-stable: released (3.16.39) [bluetooth-fix-potential-null-dereference-in-rfcomm-bind-callback.patch] -3.2-upstream-stable: released (3.2.84) [bluetooth-fix-potential-null-dereference-in-rfcomm-bind-callback.patch] -sid: released (4.2.1-1) -3.16-jessie-security: released (3.16.36-1+deb8u2) [bugfix/all/bluetooth-fix-potential-null-dereference-in-rfcomm-b.patch] -3.2-wheezy-security: released (3.2.82-1) [bugfix/all/bluetooth-fix-potential-null-dereference-in-rfcomm-b.patch] diff --git a/active/CVE-2016-6480 b/active/CVE-2016-6480 deleted file mode 100644 index fd1c155fd..000000000 --- a/active/CVE-2016-6480 +++ /dev/null @@ -1,13 +0,0 @@ -Description: scsi: aacraid: double fetch in ioctl_send_fib() -References: - https://bugzilla.kernel.org/show_bug.cgi?id=116751 - http://seclists.org/bugtraq/2016/Aug/15 - Introduced by 7c00ffa314bf0fb0e23858bbebad33b48b6abbb9 (2.6.13-rc1) -Notes: -Bugs: -upstream: released (4.8-rc3) [fa00c437eef8dc2e7b25f8cd868cfa405fcc2bb3] -3.16-upstream-stable: released (3.16.39) [aacraid-check-size-values-after-double-fetch-from-user.patch] -3.2-upstream-stable: released (3.2.84) [aacraid-check-size-values-after-double-fetch-from-user.patch] -sid: released (4.7.2-1) [bugfix/all/aacraid-check-size-values-after-double-fetch-from-us.patch] -3.16-jessie-security: released (3.16.36-1+deb8u1) [bugfix/all/aacraid-Check-size-values-after-double-fetch-from-us.patch] -3.2-wheezy-security: released (3.2.81-2) [bugfix/all/aacraid-check-size-values-after-double-fetch-from-us.patch] diff --git a/active/CVE-2016-6828 b/active/CVE-2016-6828 deleted file mode 100644 index 403fc0252..000000000 --- a/active/CVE-2016-6828 +++ /dev/null @@ -1,12 +0,0 @@ -Description: Linux tcp_xmit_retransmit_queue use after free -References: - http://www.openwall.com/lists/oss-security/2016/08/15/1 - https://www.spinics.net/lists/netdev/msg390257.html -Notes: -Bugs: -upstream: released (4.8-rc5) [bb1fceca22492109be12640d49f5ea5a544c6bb4] -3.16-upstream-stable: released (3.16.39) [tcp-fix-use-after-free-in-tcp_xmit_retransmit_queue.patch] -3.2-upstream-stable: released (3.2.84) [tcp-fix-use-after-free-in-tcp_xmit_retransmit_queue.patch] -sid: released (4.7.2-1) [bugfix/all/tcp-fix-use-after-free-in-tcp_xmit_retransmit_queue.patch] -3.16-jessie-security: released (3.16.36-1+deb8u1) [bugfix/all/tcp-fix-use-after-free-in-tcp_xmit_retransmit_queue.patch] -3.2-wheezy-security: released (3.2.81-2) [bugfix/all/tcp-fix-use-after-free-in-tcp_xmit_retransmit_queue.patch] diff --git a/active/CVE-2016-7042 b/active/CVE-2016-7042 deleted file mode 100644 index 5ac4d469b..000000000 --- a/active/CVE-2016-7042 +++ /dev/null @@ -1,12 +0,0 @@ -Description: -References: - https://bugzilla.redhat.com/show_bug.cgi?id=1373966 - https://bugzilla.redhat.com/show_bug.cgi?id=1373499 (reproducer, patch) -Notes: -Bugs: -upstream: released (4.9-rc3) [03dab869b7b239c4e013ec82aea22e181e441cfc] -3.16-upstream-stable: released (3.16.39) [keys-fix-short-sprintf-buffer-in-proc-keys-show-function.patch] -3.2-upstream-stable: released (3.2.84) [keys-fix-short-sprintf-buffer-in-proc-keys-show-function.patch] -sid: released (4.7.8-1) [bugfix/all/KEYS-Fix-short-sprintf-buffer-in-proc-keys-show-func.patch] -3.16-jessie-security: released (3.16.36-1+deb8u2) [bugfix/all/KEYS-Fix-short-sprintf-buffer-in-proc-keys-show-func.patch] -3.2-wheezy-security: released (3.2.82-1) [bugfix/all/keys-fix-short-sprintf-buffer-in-proc-keys-show-func.patch] diff --git a/active/CVE-2016-7425 b/active/CVE-2016-7425 deleted file mode 100644 index 3f5dc98dd..000000000 --- a/active/CVE-2016-7425 +++ /dev/null @@ -1,12 +0,0 @@ -Description: -References: - http://marc.info/?l=linux-scsi&m=147394713328707&w=2 - http://marc.info/?l=linux-scsi&m=147394796228991&w=2 -Notes: -Bugs: -upstream: released (4.9-rc1) [7bc2b55a5c030685b399bb65b6baa9ccc3d1f167] -3.16-upstream-stable: released (3.16.39) [scsi-arcmsr-buffer-overflow-in-arcmsr_iop_message_xfer.patch] -3.2-upstream-stable: released (3.2.84) [scsi-arcmsr-buffer-overflow-in-arcmsr_iop_message_xfer.patch] -sid: released (4.7.8-1) [bugfix/all/scsi-arcmsr-buffer-overflow-in-arcmsr_iop_message_xf.patch] -3.16-jessie-security: released (3.16.36-1+deb8u2) [bugfix/all/scsi-arcmsr-Buffer-overflow-in-arcmsr_iop_message_xf.patch] -3.2-wheezy-security: released (3.2.82-1) [bugfix/all/scsi-arcmsr-buffer-overflow-in-arcmsr_iop_message_xf.patch] diff --git a/retired/CVE-2015-8956 b/retired/CVE-2015-8956 new file mode 100644 index 000000000..f39603429 --- /dev/null +++ b/retired/CVE-2015-8956 @@ -0,0 +1,12 @@ +Description: Potential null dereference in rfcomm protocol +References: +Notes: + bwh> This is minor for 3.2 as the only dereference is in a conditional + bwh> logging statement which is disabled by default. +Bugs: +upstream: released (4.2-rc1) [951b6a0717db97ce420547222647bcc40bf1eacd] +3.16-upstream-stable: released (3.16.39) [bluetooth-fix-potential-null-dereference-in-rfcomm-bind-callback.patch] +3.2-upstream-stable: released (3.2.84) [bluetooth-fix-potential-null-dereference-in-rfcomm-bind-callback.patch] +sid: released (4.2.1-1) +3.16-jessie-security: released (3.16.36-1+deb8u2) [bugfix/all/bluetooth-fix-potential-null-dereference-in-rfcomm-b.patch] +3.2-wheezy-security: released (3.2.82-1) [bugfix/all/bluetooth-fix-potential-null-dereference-in-rfcomm-b.patch] diff --git a/retired/CVE-2016-6480 b/retired/CVE-2016-6480 new file mode 100644 index 000000000..fd1c155fd --- /dev/null +++ b/retired/CVE-2016-6480 @@ -0,0 +1,13 @@ +Description: scsi: aacraid: double fetch in ioctl_send_fib() +References: + https://bugzilla.kernel.org/show_bug.cgi?id=116751 + http://seclists.org/bugtraq/2016/Aug/15 + Introduced by 7c00ffa314bf0fb0e23858bbebad33b48b6abbb9 (2.6.13-rc1) +Notes: +Bugs: +upstream: released (4.8-rc3) [fa00c437eef8dc2e7b25f8cd868cfa405fcc2bb3] +3.16-upstream-stable: released (3.16.39) [aacraid-check-size-values-after-double-fetch-from-user.patch] +3.2-upstream-stable: released (3.2.84) [aacraid-check-size-values-after-double-fetch-from-user.patch] +sid: released (4.7.2-1) [bugfix/all/aacraid-check-size-values-after-double-fetch-from-us.patch] +3.16-jessie-security: released (3.16.36-1+deb8u1) [bugfix/all/aacraid-Check-size-values-after-double-fetch-from-us.patch] +3.2-wheezy-security: released (3.2.81-2) [bugfix/all/aacraid-check-size-values-after-double-fetch-from-us.patch] diff --git a/retired/CVE-2016-6828 b/retired/CVE-2016-6828 new file mode 100644 index 000000000..403fc0252 --- /dev/null +++ b/retired/CVE-2016-6828 @@ -0,0 +1,12 @@ +Description: Linux tcp_xmit_retransmit_queue use after free +References: + http://www.openwall.com/lists/oss-security/2016/08/15/1 + https://www.spinics.net/lists/netdev/msg390257.html +Notes: +Bugs: +upstream: released (4.8-rc5) [bb1fceca22492109be12640d49f5ea5a544c6bb4] +3.16-upstream-stable: released (3.16.39) [tcp-fix-use-after-free-in-tcp_xmit_retransmit_queue.patch] +3.2-upstream-stable: released (3.2.84) [tcp-fix-use-after-free-in-tcp_xmit_retransmit_queue.patch] +sid: released (4.7.2-1) [bugfix/all/tcp-fix-use-after-free-in-tcp_xmit_retransmit_queue.patch] +3.16-jessie-security: released (3.16.36-1+deb8u1) [bugfix/all/tcp-fix-use-after-free-in-tcp_xmit_retransmit_queue.patch] +3.2-wheezy-security: released (3.2.81-2) [bugfix/all/tcp-fix-use-after-free-in-tcp_xmit_retransmit_queue.patch] diff --git a/retired/CVE-2016-7042 b/retired/CVE-2016-7042 new file mode 100644 index 000000000..5ac4d469b --- /dev/null +++ b/retired/CVE-2016-7042 @@ -0,0 +1,12 @@ +Description: +References: + https://bugzilla.redhat.com/show_bug.cgi?id=1373966 + https://bugzilla.redhat.com/show_bug.cgi?id=1373499 (reproducer, patch) +Notes: +Bugs: +upstream: released (4.9-rc3) [03dab869b7b239c4e013ec82aea22e181e441cfc] +3.16-upstream-stable: released (3.16.39) [keys-fix-short-sprintf-buffer-in-proc-keys-show-function.patch] +3.2-upstream-stable: released (3.2.84) [keys-fix-short-sprintf-buffer-in-proc-keys-show-function.patch] +sid: released (4.7.8-1) [bugfix/all/KEYS-Fix-short-sprintf-buffer-in-proc-keys-show-func.patch] +3.16-jessie-security: released (3.16.36-1+deb8u2) [bugfix/all/KEYS-Fix-short-sprintf-buffer-in-proc-keys-show-func.patch] +3.2-wheezy-security: released (3.2.82-1) [bugfix/all/keys-fix-short-sprintf-buffer-in-proc-keys-show-func.patch] diff --git a/retired/CVE-2016-7425 b/retired/CVE-2016-7425 new file mode 100644 index 000000000..3f5dc98dd --- /dev/null +++ b/retired/CVE-2016-7425 @@ -0,0 +1,12 @@ +Description: +References: + http://marc.info/?l=linux-scsi&m=147394713328707&w=2 + http://marc.info/?l=linux-scsi&m=147394796228991&w=2 +Notes: +Bugs: +upstream: released (4.9-rc1) [7bc2b55a5c030685b399bb65b6baa9ccc3d1f167] +3.16-upstream-stable: released (3.16.39) [scsi-arcmsr-buffer-overflow-in-arcmsr_iop_message_xfer.patch] +3.2-upstream-stable: released (3.2.84) [scsi-arcmsr-buffer-overflow-in-arcmsr_iop_message_xfer.patch] +sid: released (4.7.8-1) [bugfix/all/scsi-arcmsr-buffer-overflow-in-arcmsr_iop_message_xf.patch] +3.16-jessie-security: released (3.16.36-1+deb8u2) [bugfix/all/scsi-arcmsr-Buffer-overflow-in-arcmsr_iop_message_xf.patch] +3.2-wheezy-security: released (3.2.82-1) [bugfix/all/scsi-arcmsr-buffer-overflow-in-arcmsr_iop_message_xf.patch] -- cgit v1.2.3