From 460ec19d828250798375c25fd32951412ea74087 Mon Sep 17 00:00:00 2001 From: Salvatore Bonaccorso Date: Sun, 23 Aug 2020 16:39:08 +0200 Subject: Track some upstream fixes for filesystem issues Those are synced with the triage from ubuntu mostly. I could not reproduce the issues with the isolated fixes so please double check this commit. --- active/CVE-2019-19036 | 10 +++++----- active/CVE-2019-19039 | 4 ++-- active/CVE-2019-19813 | 8 ++++---- active/CVE-2019-19816 | 8 ++++---- active/CVE-2020-14314 | 2 +- 5 files changed, 16 insertions(+), 16 deletions(-) diff --git a/active/CVE-2019-19036 b/active/CVE-2019-19036 index 5eb8e982..db216fb7 100644 --- a/active/CVE-2019-19036 +++ b/active/CVE-2019-19036 @@ -10,11 +10,11 @@ Notes: carnil> 5.3.4 fixing information would as well match what is available carnil> from the Red Hat bugzilla. Bugs: -upstream: -4.19-upstream-stable: +upstream: released (5.4-rc1) [62fdaa52a3d00a875da771719b6dc537ca79fce1] +4.19-upstream-stable: released (4.19.129) [227af79e6cb0ee3faeb8c70be4bc0aec0b09ea25] 4.9-upstream-stable: 3.16-upstream-stable: ignored "EOL" -sid: -4.19-buster-security: -4.9-stretch-security: +sid: released (5.3.7-1) +4.19-buster-security: released (4.19.131-1) +e.9-stretch-security: 3.16-jessie-security: ignored "EOL" diff --git a/active/CVE-2019-19039 b/active/CVE-2019-19039 index 563850e3..7874fa97 100644 --- a/active/CVE-2019-19039 +++ b/active/CVE-2019-19039 @@ -8,11 +8,11 @@ Notes: bwh> However this can still be a denial-of-service if panic_on_warn is bwh> enabled. Bugs: -upstream: needed +upstream: released (5.7-rc1) [b3ff8f1d380e65dddd772542aa9bff6c86bf715a] 4.19-upstream-stable: 4.9-upstream-stable: 3.16-upstream-stable: ignored "EOL" -sid: needed +sid: released (5.6.7-1) 4.19-buster-security: 4.9-stretch-security: 3.16-jessie-security: ignored "EOL" diff --git a/active/CVE-2019-19813 b/active/CVE-2019-19813 index 87a7b8a7..f4d092c3 100644 --- a/active/CVE-2019-19813 +++ b/active/CVE-2019-19813 @@ -3,11 +3,11 @@ References: https://github.com/bobfuzzer/CVE/tree/master/CVE-2019-19813 Notes: Bugs: -upstream: -4.19-upstream-stable: +upstream: released (5.2-rc1) [6bf9e4bd6a277840d3fe8c5d5d530a1fbd3db592] +4.19-upstream-stable: released (4.19.137) [4e986ab36ed11ecf21de9b5aab0e46ac3342df93] 4.9-upstream-stable: 3.16-upstream-stable: ignored "EOL" -sid: -4.19-buster-security: +sid: released (5.2.6-1) +4.19-buster-security: needed 4.9-stretch-security: 3.16-jessie-security: ignored "EOL" diff --git a/active/CVE-2019-19816 b/active/CVE-2019-19816 index 77804250..920df467 100644 --- a/active/CVE-2019-19816 +++ b/active/CVE-2019-19816 @@ -4,11 +4,11 @@ References: https://bugzilla.suse.com/show_bug.cgi?id=1159439 Notes: Bugs: -upstream: -4.19-upstream-stable: +upstream: released (5.2-rc1) [6bf9e4bd6a277840d3fe8c5d5d530a1fbd3db592] +4.19-upstream-stable: released (4.19.137) [4e986ab36ed11ecf21de9b5aab0e46ac3342df93] 4.9-upstream-stable: 3.16-upstream-stable: ignored "EOL" -sid: -4.19-buster-security: +sid: released (5.2.6-1) +4.19-buster-security: needed 4.9-stretch-security: 3.16-jessie-security: ignored "EOL" diff --git a/active/CVE-2020-14314 b/active/CVE-2020-14314 index 27e86ed8..87674447 100644 --- a/active/CVE-2020-14314 +++ b/active/CVE-2020-14314 @@ -4,7 +4,7 @@ References: https://lore.kernel.org/linux-ext4/f53e246b-647c-64bb-16ec-135383c70ad7@redhat.com/T/#u Notes: Bugs: -upstream: needed +upstream: pending [5872331b3d91820e14716632ebb56b1399b34fe1] 4.19-upstream-stable: needed 4.9-upstream-stable: heeded sid: needed -- cgit v1.2.3