[Discuss] Notice about a new vulnerability

[gaf at blu.org (Jerry Feldman)]

Fixed in Fedora 22 with the 4.1.4 kernel.
https://lwn.net/Articles/654255/


On 08/07/2015 09:01 AM, O'Shea, Shawn - 0665 - MITLL wrote:
> According to Red Hat?s site (unauthenticated), RHEL is unaffected as they never back ported the vulnerable code. Fedora has an alert and updated packages.
>
> Red Hat: https://access.redhat.com/security/cve/CVE-2015-3290
> Fedora: https://lwn.net/Articles/653734/
>
> -Shawn
>
> On Aug 6, 2015, at 9:46 PM, Bill Ricker <bill.n1vux at gmail.com> wrote:
>
>> On Thu, Aug 6, 2015 at 8:00 PM, Bill Horne <bill at horne.net> wrote:
>>
>>> This is from a tweet I got from Dan Goodin, in which he asks "Anyone know
>>> if any upstream stable Linux kernels have patched CVE-2015-3290 yet? It
>>> looks serious."
>>>
>> ?Looks like it's in Debian Testing/Unstable and also Jessie(Security) patch
>> stream.
>> So yeah, it's Stable.
>>
>> https://www.debian.org/security/2015/dsa-3313
>> https://security-tracker.debian.org/tracker/CVE-2015-3290 ?
>> ?https://security-tracker.debian.org/tracker/CVE-2015-3291
>> ?https://security-tracker.debian.org/tracker/CVE-2015-5157
>>
>> ?Ubuntu Security has pushed out for  14.04 LTS :
>> http://www.ubuntu.com/usn/usn-2700-1/
>> and 12.04 LTS http://www.ubuntu.com/usn/usn-2701-1/
>> ?
>> AFAIK ?Red Hat requires log-in to see what they've patched ?...
>>
>>
>> -- 
>> Bill Ricker
>> bill.n1vux at gmail.com
>> https://www.linkedin.com/in/n1vux
>> _______________________________________________
>> Discuss mailing list
>> Discuss at blu.org
>> http://lists.blu.org/mailman/listinfo/discuss
> _______________________________________________
> Discuss mailing list
> Discuss at blu.org
> http://lists.blu.org/mailman/listinfo/discuss

-- 
Jerry Feldman <gaf at blu.org>
Boston Linux and Unix
PGP key id:B7F14F2F
PGP Key fingerprint: D937 A424 4836 E052 2E1B  8DC6 24D7 000F B7F1 4F2F