[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Re: CVE-2016-7117 Remote code execution vulnerability in kernel networking subsystem



Hello,


Am 10/05/2016 um 06:52 AM schrieb Salvatore Bonaccorso:
> On Tue, Oct 04, 2016 at 11:54:12PM +0200, Jan Lühr wrote:
>> Hello,
>> Am 10/04/2016 um 07:57 PM schrieb Nicholas Luedtke:
>>> On 10/04/2016 11:40 AM, Felix Knecht wrote:
>>>
>>>> On 10/04/2016 06:38 PM, Jan Lühr wrote:
>>>>> CVE-2016-7117 was patched in Android today.I don't see much information
>>>>> right now. The title is rather frightening - the issue appears to be urgent.
>>>> The following upstream kernel commit is referenced in the security bulletin:
>>>>
>>>> https://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=34b88a68f26a75e4fded796f1a49c40f82234b7d
>>>>
>>>> No idea if this is fixed in Debian though.
>>>>
>>>> Felix
>>>>
>>> Looks like it was picked up when Debian rolled to 3.16.36-1.
> I updated the security-tracker information for CVE-2016-7117:
> 
> https://security-tracker.debian.org/tracker/CVE-2016-7117 . The fix is
> as well included in 3.16.36-1.

Thanks for the info!
Updating dsa-3659 may help confused people like me ;-).

Greetz,
yanosz

-- 
-- 
There's a ripped off cord
To my TV screen
With a note saying:
"Im not afraid to dream"
-- Donkey Boy, Crazy Something Normal

Attachment: signature.asc
Description: OpenPGP digital signature


Reply to: