diff options
| author |   Tom Wijsman <tomwij@gentoo.org> | 2013-09-09 19:56:13 +0000 |
|---|---|---|
| committer | Tom Wijsman <tomwij@gentoo.org> | 2013-09-09 19:56:13 +0000 |
| commit | 593d7fec4e850b6135f4fe1b95ae55c0397008a0 (patch) | |
| tree | fd0b54f9c78c08af4706e2b4dbbc66da20b0fa4b /profiles | |
| parent | Add prebuilt binary for alpha/ia64/ppc/ppc64/sparc. (diff) | |
| download | gentoo-2-593d7fec4e850b6135f4fe1b95ae55c0397008a0.tar.gz gentoo-2-593d7fec4e850b6135f4fe1b95ae55c0397008a0.tar.bz2 gentoo-2-593d7fec4e850b6135f4fe1b95ae55c0397008a0.zip | |
Listed two more important security bugs in the gentoo-sources-3.8.13 mask reason.
Diffstat (limited to 'profiles')
| -rw-r--r-- | profiles/ChangeLog | 6 | ||||
| -rw-r--r-- | profiles/package.mask | 18 |
2 files changed, 19 insertions, 5 deletions
diff --git a/profiles/ChangeLog b/profiles/ChangeLog index 89e3406d4ef3..00187a038cc3 100644 --- a/profiles/ChangeLog +++ b/profiles/ChangeLog @@ -1,11 +1,15 @@ # ChangeLog for profile directory # Copyright 1999-2013 Gentoo Foundation; Distributed under the GPL v2 -# $Header: /var/cvsroot/gentoo-x86/profiles/ChangeLog,v 1.8225 2013/09/09 10:17:17 hasufell Exp $ +# $Header: /var/cvsroot/gentoo-x86/profiles/ChangeLog,v 1.8226 2013/09/09 19:56:13 tomwij Exp $ # # This ChangeLog should include records for all changes in profiles directory. # Only typo fixes which don't affect portage/repoman behaviour could be avoided # here. If in doubt put a record here! + 09 Sep 2013; Tom Wijsman <TomWij@gentoo.org> package.mask: + Listed two more important security bugs in the gentoo-sources-3.8.13 mask + reason. + 09 Sep 2013; Julian Ospald <hasufell@gentoo.org> package.mask: revert mask wrt #483588 diff --git a/profiles/package.mask b/profiles/package.mask index 58cc8ecc4e66..7dc93b3cb3c2 100644 --- a/profiles/package.mask +++ b/profiles/package.mask @@ -1,6 +1,6 @@ #################################################################### -# $Header: /var/cvsroot/gentoo-x86/profiles/package.mask,v 1.15094 2013/09/09 10:17:17 hasufell Exp $ +# $Header: /var/cvsroot/gentoo-x86/profiles/package.mask,v 1.15095 2013/09/09 19:56:13 tomwij Exp $ # # When you add an entry to the top of this file, add your name, the date, and # an explanation of why something is getting masked. Please be extremely @@ -106,8 +106,16 @@ dev-games/neotools >=app-crypt/libsecret-0.16 # Tom Wijsman <TomWij@gentoo.org> (28 Aug 2013) -# Gentoo sources 3.8.13 masked due to security bug #475618: CVE-2013-1059: -# Linux Kernel Ceph NULL Pointer Dereference Denial of Service Vulnerability +# =sys-kernel/gentoo-sources-3.8.13 is masked due to multiple security bugs: +# +# 1. Security Bug #475618: CVE-2013-1059: +# Linux Kernel: Ceph: NULL Pointer Dereference Denial of Service Vulnerability +# +# 2. Security Bug #480200: CVE-2013-4205: +# Linux Kernel: CLONE_NEWUSER local DoS +# +# 3. Security Bug #482896: From CVE-2013-2888 to CVE-2013-2899: +# Linux Kernel: HID security flaws (Memory writes and leaks, NULL DoS, etc...) # # This kernel also contains other security bugs due to its old age (May 11). # @@ -123,13 +131,15 @@ dev-games/neotools # # For proprietary NVIDIA drivers users, we temporarily keep 3.9.11-r1 around # as some of them experience problems with the new stable kernel 3.10.7; we aim -# to mask it in one of the next weeks when the new branch 3.11 is out. +# to mask it in one of the next weeks when the time is right. # # References: # # - http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2013-1059 # - https://secunia.com/advisories/54042/ # - https://bugs.gentoo.org/show_bug.cgi?id=475618 +# - https://bugs.gentoo.org/show_bug.cgi?id=480200 +# - https://bugs.gentoo.org/show_bug.cgi?id=482896 # - https://bugs.gentoo.org/buglist.cgi?quicksearch=assignee%3Asecurity%20kernel # =sys-kernel/gentoo-sources-3.8.13 |