From ff924963cd4d9b88eaeded2270bc73a509816a10 Mon Sep 17 00:00:00 2001 From: Salvatore Bonaccorso Date: Sat, 13 Apr 2024 14:03:55 +0200 Subject: Sync CVEs with releases in 4.19.312 and 5.10.214 --- active/CVE-2022-48627 | 5 +++-- active/CVE-2023-52458 | 4 +++- active/CVE-2023-52482 | 3 ++- active/CVE-2023-52488 | 3 ++- active/CVE-2023-52620 | 5 +++-- active/CVE-2024-26642 | 4 ++-- active/CVE-2024-26643 | 2 +- active/CVE-2024-26654 | 4 ++-- active/CVE-2024-26687 | 3 ++- active/CVE-2024-26810 | 2 +- active/CVE-2024-26812 | 2 +- active/CVE-2024-26813 | 2 +- active/CVE-2024-26814 | 2 +- active/CVE-2024-27437 | 2 +- 14 files changed, 25 insertions(+), 18 deletions(-) diff --git a/active/CVE-2022-48627 b/active/CVE-2022-48627 index 70dcc6a3..8d05d93d 100644 --- a/active/CVE-2022-48627 +++ b/active/CVE-2022-48627 @@ -2,14 +2,15 @@ Description: vt: fix memory overlapping when deleting chars in the buffer References: Notes: carnil> Introduced in 81732c3b2fed ("tty vt: Fix line garbage in virtual console on - carnil> command line edition"). Vulnerable versions: 3.7-rc1 3.10.32 3.12.13 3.13.5. + carnil> command line edition"). Vulnerable versions: 3.7-rc1. Bugs: upstream: released (5.19-rc7) [39cdb68c64d84e71a4a717000b6e5de208ee60cc] +6.8-upstream-stable: N/A "Fixed before branching point" 6.7-upstream-stable: N/A "Fixed before branching point" 6.6-upstream-stable: N/A "Fixed before branching point" 6.1-upstream-stable: N/A "Fixed before branching point" 5.10-upstream-stable: released (5.10.132) [bfee93c9a6c395f9aa62268f1cedf64999844926] -4.19-upstream-stable: needed +4.19-upstream-stable: released (4.19.312) [c8686c014b5e872ba7e334f33ca553f14446fc29] sid: released (5.18.14-1) 6.1-bookworm-security: N/A "Fixed before branching point" 5.10-bullseye-security: released (5.10.136-1) diff --git a/active/CVE-2023-52458 b/active/CVE-2023-52458 index 32d815ea..cf7dba99 100644 --- a/active/CVE-2023-52458 +++ b/active/CVE-2023-52458 @@ -1,12 +1,14 @@ Description: block: add check that partition length needs to be aligned with block size References: Notes: + carnil> First introducing commit could not be determined. Bugs: upstream: released (6.8-rc1) [6f64f866aa1ae6975c95d805ed51d7e9433a0016] +6.8-upstream-stable: N/A "Fixed before branching point" 6.7-upstream-stable: released (6.7.2) [bcdc288e7bc008daf38ef0401b53e4a8bb61bbe5] 6.6-upstream-stable: released (6.6.14) [cb16cc1abda18a9514106d2ac8c8d7abc0be5ed8] 6.1-upstream-stable: released (6.1.75) [ef31cc87794731ffcb578a195a2c47d744e25fb8] -5.10-upstream-stable: needed +5.10-upstream-stable: released (5.10.215) [8f6dfa1f1efe6dcca2d43e575491d8fcbe922f62] 4.19-upstream-stable: needed sid: released (6.6.15-1) 6.1-bookworm-security: released (6.1.76-1) diff --git a/active/CVE-2023-52482 b/active/CVE-2023-52482 index a9a52132..6ca4243e 100644 --- a/active/CVE-2023-52482 +++ b/active/CVE-2023-52482 @@ -4,10 +4,11 @@ Notes: carnil> First introducing commit could not be determined. Bugs: upstream: released (6.6-rc4) [a5ef7d68cea1344cf524f04981c2b3f80bedbb0d] +6.8-upstream-stable: N/A "Fixed before branching point" 6.7-upstream-stable: N/A "Fixed before branching point" 6.6-upstream-stable: N/A "Fixed before branching point" 6.1-upstream-stable: released (6.1.56) [6ce2f297a7168274547d0b5aea6c7c16268b8a96] -5.10-upstream-stable: needed +5.10-upstream-stable: released (5.10.215) [e7ea043bc3f19473561c08565047b3f1671bf35d] 4.19-upstream-stable: needed sid: released (6.5.6-1) 6.1-bookworm-security: released (6.1.64-1) diff --git a/active/CVE-2023-52488 b/active/CVE-2023-52488 index 2dbfb149..5567286a 100644 --- a/active/CVE-2023-52488 +++ b/active/CVE-2023-52488 @@ -5,10 +5,11 @@ Notes: bwh> Driver is not enabled in any suite. Bugs: upstream: released (6.8-rc1) [dbf4ab821804df071c8b566d9813083125e6d97b] +6.8-upstream-stable: N/A "Fixed before branching point" 6.7-upstream-stable: released (6.7.3) [aa7cb4787698add9367b19f7afc667662c9bdb23] 6.6-upstream-stable: released (6.6.15) [084c24e788d9cf29c55564de368bf5284f2bb5db] 6.1-upstream-stable: released (6.1.76) [416b10d2817c94db86829fb92ad43ce7d002c573] -5.10-upstream-stable: needed +5.10-upstream-stable: released (5.10.215) [4e37416e4ee1b1bc17364a68973e0c63be89e611] 4.19-upstream-stable: needed sid: released (6.6.15-1) 6.1-bookworm-security: released (6.1.76-1) diff --git a/active/CVE-2023-52620 b/active/CVE-2023-52620 index 3f4ee251..ede450c8 100644 --- a/active/CVE-2023-52620 +++ b/active/CVE-2023-52620 @@ -4,11 +4,12 @@ Notes: carnil> First introducing commit could not be determined. Bugs: upstream: released (6.4) [e26d3009efda338f19016df4175f354a9bd0a4ab] +6.8-upstream-stable: N/A "Fixed before branching point" 6.7-upstream-stable: N/A "Fixed before branching point" 6.6-upstream-stable: N/A "Fixed before branching point" 6.1-upstream-stable: released (6.1.81) [b7be6c737a179a76901c872f6b4c1d00552d9a1b] -5.10-upstream-stable: needed -4.19-upstream-stable: needed +5.10-upstream-stable: released (5.10.215) [6f3ae02bbb62f151b19162d5fdc9fe3d48450323] +4.19-upstream-stable: released (4.19.312) [116b0e8e4673a5faa8a739a19b467010c4d3058c] sid: released (6.4.4-1) 6.1-bookworm-security: released (6.1.82-1) 5.10-bullseye-security: needed diff --git a/active/CVE-2024-26642 b/active/CVE-2024-26642 index 14818077..f58984fd 100644 --- a/active/CVE-2024-26642 +++ b/active/CVE-2024-26642 @@ -8,8 +8,8 @@ upstream: released (6.8) [16603605b667b70da974bea8216c93e7db043bf1] 6.7-upstream-stable: released (6.7.12) [8e07c16695583a66e81f67ce4c46e94dece47ba7] 6.6-upstream-stable: released (6.6.24) [c0c2176d1814b92ea4c8e7eb7c9cd94cd99c1b12] 6.1-upstream-stable: released (6.1.84) [72c1efe3f247a581667b7d368fff3bd9a03cd57a] -5.10-upstream-stable: needed -4.19-upstream-stable: needed +5.10-upstream-stable: released (5.10.215) [fe40ffbca19dc70d7c6b1e3c77b9ccb404c57351] +4.19-upstream-stable: released (4.19.312) [e4988d8415bd0294d6f9f4a1e7095f8b50a97ca9] sid: needed 6.1-bookworm-security: released (6.1.85-1) 5.10-bullseye-security: needed diff --git a/active/CVE-2024-26643 b/active/CVE-2024-26643 index daf24959..70e7946e 100644 --- a/active/CVE-2024-26643 +++ b/active/CVE-2024-26643 @@ -9,7 +9,7 @@ upstream: released (6.8) [552705a3650bbf46a22b1adedc1b04181490fc36] 6.7-upstream-stable: released (6.7.12) [5224afbc30c3ca9ba23e752f0f138729b2c48dd8] 6.6-upstream-stable: released (6.6.24) [b2d6f9a5b1cf968f1eaa71085ceeb09c2cb276b1] 6.1-upstream-stable: released (6.1.84) [406b0241d0eb598a0b330ab20ae325537d8d8163] -5.10-upstream-stable: needed +5.10-upstream-stable: released (5.10.215) [e2d45f467096e931044f0ab7634499879d851a5c] 4.19-upstream-stable: N/A "Vulnerable code not present" sid: needed 6.1-bookworm-security: released (6.1.85-1) diff --git a/active/CVE-2024-26654 b/active/CVE-2024-26654 index 7ccc8292..24a31505 100644 --- a/active/CVE-2024-26654 +++ b/active/CVE-2024-26654 @@ -8,8 +8,8 @@ upstream: released (6.9-rc2) [051e0840ffa8ab25554d6b14b62c9ab9e4901457] 6.7-upstream-stable: released (6.7.12) [e955e8a7f38a856fc6534ba4e6bffd4d5cc80ac3] 6.6-upstream-stable: released (6.6.24) [61d4787692c1fccdc268ffa7a891f9c149f50901] 6.1-upstream-stable: released (6.1.84) [9d66ae0e7bb78b54e1e0525456c6b54e1d132046] -5.10-upstream-stable: needed -4.19-upstream-stable: needed +5.10-upstream-stable: released (5.10.215) [aa39e6878f61f50892ee2dd9d2176f72020be845] +4.19-upstream-stable: released (4.19.312) [eeb2a2ca0b8de7e1c66afaf719529154e7dc60b2] sid: needed 6.1-bookworm-security: released (6.1.85-1) 5.10-bullseye-security: needed diff --git a/active/CVE-2024-26687 b/active/CVE-2024-26687 index 3f3bc705..da6dec5c 100644 --- a/active/CVE-2024-26687 +++ b/active/CVE-2024-26687 @@ -5,10 +5,11 @@ Notes: carnil> Vulnerable versions: 2.6.37-rc1. Bugs: upstream: released (6.8-rc5) [fa765c4b4aed2d64266b694520ecb025c862c5a9] +6.8-upstream-stable: N/A "Fixed before branching point" 6.7-upstream-stable: released (6.7.6) [9be71aa12afa91dfe457b3fb4a444c42b1ee036b] 6.6-upstream-stable: released (6.6.19) [20980195ec8d2e41653800c45c8c367fa1b1f2b4] 6.1-upstream-stable: released (6.1.81) [585a344af6bcac222608a158fc2830ff02712af5] -5.10-upstream-stable: needed +5.10-upstream-stable: released (5.10.215) [0fc88aeb2e32b76db3fe6a624b8333dbe621b8fd] 4.19-upstream-stable: needed sid: released (6.7.7-1) 6.1-bookworm-security: released (6.1.82-1) diff --git a/active/CVE-2024-26810 b/active/CVE-2024-26810 index 366ece5c..9a04a397 100644 --- a/active/CVE-2024-26810 +++ b/active/CVE-2024-26810 @@ -9,7 +9,7 @@ upstream: released (6.9-rc1) [810cd4bb53456d0503cc4e7934e063835152c1b7] 6.7-upstream-stable: released (6.7.12) [6fe478d855b20ac1eb5da724afe16af5a2aaaa40] 6.6-upstream-stable: released (6.6.24) [04a4a017b9ffd7b0f427b8c376688d14cb614651] 6.1-upstream-stable: released (6.1.84) [3fe0ac10bd117df847c93408a9d428a453cd60e5] -5.10-upstream-stable: needed +5.10-upstream-stable: released (5.10.215) [3dd9be6cb55e0f47544e7cdda486413f7134e3b3] 4.19-upstream-stable: needed sid: needed 6.1-bookworm-security: released (6.1.85-1) diff --git a/active/CVE-2024-26812 b/active/CVE-2024-26812 index 20bde843..3ad8be12 100644 --- a/active/CVE-2024-26812 +++ b/active/CVE-2024-26812 @@ -9,7 +9,7 @@ upstream: released (6.9-rc1) [18c198c96a815c962adc2b9b77909eec0be7df4d] 6.7-upstream-stable: released (6.7.12) [4c089cefe30924fbe20dd1ee92774ea1f5eca834] 6.6-upstream-stable: released (6.6.24) [69276a555c740acfbff13fb5769ee9c92e1c828e] 6.1-upstream-stable: released (6.1.84) [7d29d4c72c1e196cce6969c98072a272d1a703b3] -5.10-upstream-stable: needed +5.10-upstream-stable: released (5.10.215) [27d40bf72dd9a6600b76ad05859176ea9a1b4897] 4.19-upstream-stable: needed sid: needed 6.1-bookworm-security: released (6.1.85-1) diff --git a/active/CVE-2024-26813 b/active/CVE-2024-26813 index e5d1870c..9ef973a0 100644 --- a/active/CVE-2024-26813 +++ b/active/CVE-2024-26813 @@ -9,7 +9,7 @@ upstream: released (6.9-rc1) [675daf435e9f8e5a5eab140a9864dfad6668b375] 6.7-upstream-stable: released (6.7.12) [d6bedd6acc0bcb1e7e010bc046032e47f08d379f] 6.6-upstream-stable: released (6.6.24) [62d4e43a569b67929eb3319780be5359694c8086] 6.1-upstream-stable: released (6.1.84) [7932db06c82c5b2f42a4d1a849d97dba9ce4a362] -5.10-upstream-stable: needed +5.10-upstream-stable: released (5.10.215) [09452c8fcbd7817c06e8e3212d99b45917e603a5] 4.19-upstream-stable: needed sid: needed 6.1-bookworm-security: released (6.1.85-1) diff --git a/active/CVE-2024-26814 b/active/CVE-2024-26814 index de3db7b4..65220897 100644 --- a/active/CVE-2024-26814 +++ b/active/CVE-2024-26814 @@ -9,7 +9,7 @@ upstream: released (6.9-rc1) [7447d911af699a15f8d050dfcb7c680a86f87012] 6.7-upstream-stable: released (6.7.12) [de87511fb0404d23b6da5f4660383b6ed095e28d] 6.6-upstream-stable: released (6.6.24) [ee0bd4ad780dfbb60355b99f25063357ab488267] 6.1-upstream-stable: released (6.1.84) [083e750c9f5f4c3bf61161330fb84d7c8e8bb417] -5.10-upstream-stable: needed +5.10-upstream-stable: released (5.10.215) [a563fc18583ca4f42e2fdd0c70c7c618288e7ede] 4.19-upstream-stable: N/A "Vulnerable code not present" sid: needed 6.1-bookworm-security: released (6.1.85-1) diff --git a/active/CVE-2024-27437 b/active/CVE-2024-27437 index 0d6b1364..261a23c5 100644 --- a/active/CVE-2024-27437 +++ b/active/CVE-2024-27437 @@ -9,7 +9,7 @@ upstream: released (6.9-rc1) [fe9a7082684eb059b925c535682e68c34d487d43] 6.7-upstream-stable: released (6.7.12) [3b3491ad0f80d913e7d255941d4470f4a4d9bfda] 6.6-upstream-stable: released (6.6.24) [2a4a666c45107206605b7b5bc20545f8aabc4fa2] 6.1-upstream-stable: released (6.1.84) [139dfcc4d723ab13469881200c7d80f49d776060] -5.10-upstream-stable: needed +5.10-upstream-stable: released (5.10.215) [561d5e1998d58b54ce2bbbb3e843b669aa0b3db5] 4.19-upstream-stable: needed sid: needed 6.1-bookworm-security: released (6.1.85-1) -- cgit v1.2.3