diff options
| author |   Tom Wijsman <tomwij@gentoo.org> | 2013-08-31 19:46:19 +0000 |
|---|---|---|
| committer | Tom Wijsman <tomwij@gentoo.org> | 2013-08-31 19:46:19 +0000 |
| commit | ff91166ebb9591d0d1ea7e27d6b5b06911915dc8 (patch) | |
| tree | dcb17c614b1b8ec005161c2348bbe267961c0b8d /profiles | |
| parent | version bump (diff) | |
| download | historical-ff91166ebb9591d0d1ea7e27d6b5b06911915dc8.tar.gz historical-ff91166ebb9591d0d1ea7e27d6b5b06911915dc8.tar.bz2 historical-ff91166ebb9591d0d1ea7e27d6b5b06911915dc8.zip | |
Gentoo sources 3.8.13 masked due to security bug #475618: CVE-2013-1059: Linux Kernel Ceph NULL Pointer Dereference Denial of Service Vulnerability
Diffstat (limited to 'profiles')
| -rw-r--r-- | profiles/ChangeLog | 6 | ||||
| -rw-r--r-- | profiles/package.mask | 31 |
2 files changed, 35 insertions, 2 deletions
diff --git a/profiles/ChangeLog b/profiles/ChangeLog index c5bf672cb8a8..4128a6e7c8b2 100644 --- a/profiles/ChangeLog +++ b/profiles/ChangeLog @@ -1,11 +1,15 @@ # ChangeLog for profile directory # Copyright 1999-2013 Gentoo Foundation; Distributed under the GPL v2 -# $Header: /var/cvsroot/gentoo-x86/profiles/ChangeLog,v 1.8204 2013/08/31 15:21:46 pacho Exp $ +# $Header: /var/cvsroot/gentoo-x86/profiles/ChangeLog,v 1.8205 2013/08/31 19:46:19 tomwij Exp $ # # This ChangeLog should include records for all changes in profiles directory. # Only typo fixes which don't affect portage/repoman behaviour could be avoided # here. If in doubt put a record here! + 31 Aug 2013; Tom Wijsman <TomWij@gentoo.org> package.mask: + Gentoo sources 3.8.13 masked due to security bug #475618: CVE-2013-1059: + Linux Kernel Ceph NULL Pointer Dereference Denial of Service Vulnerability + 31 Aug 2013; Pacho Ramos <pacho@gentoo.org> package.mask: Clean mask entries diff --git a/profiles/package.mask b/profiles/package.mask index cdfd8d087d7c..c7638596f230 100644 --- a/profiles/package.mask +++ b/profiles/package.mask @@ -1,6 +1,6 @@ #################################################################### -# $Header: /var/cvsroot/gentoo-x86/profiles/package.mask,v 1.15080 2013/08/31 15:21:46 pacho Exp $ +# $Header: /var/cvsroot/gentoo-x86/profiles/package.mask,v 1.15081 2013/08/31 19:46:19 tomwij Exp $ # # When you add an entry to the top of this file, add your name, the date, and # an explanation of why something is getting masked. Please be extremely @@ -31,6 +31,35 @@ #--- END OF EXAMPLES --- +# Tom Wijsman <TomWij@gentoo.org> (28 Aug 2013) +# Gentoo sources 3.8.13 masked due to security bug #475618: CVE-2013-1059: +# Linux Kernel Ceph NULL Pointer Dereference Denial of Service Vulnerability +# +# This kernel also contains other security bugs due to its old age (May 11). +# +# We advice users to upgrade to the new stable kernel 3.10.7; alternatively, if +# necessary, users can also choose to accept keywords and accept a kernel from +# the earlier long term stable branches (3.0.X or 3.4.Y), this might be the case +# if you have older hardware or an unfortunate stability bug on 3.10.7. +# +# You can accept keywords by adding sys-kernel/gentoo-sources to the file +# /etc/portage/package.accept_keywords after which you can run +# `emerge sys-kernel/gentoo-sources:X.Y.Z` to select a specific LTS kernel. +# When you choose to turn back to stable later, don't forget to remove that. +# +# For proprietary NVIDIA drivers users, we temporarily keep 3.9.11-r1 around +# as some of them experience problems with the new stable kernel 3.10.7; we aim +# to mask it in one of the next weeks when the new branch 3.11 is out. +# +# References: +# +# - http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2013-1059 +# - https://secunia.com/advisories/54042/ +# - https://bugs.gentoo.org/show_bug.cgi?id=475618 +# - https://bugs.gentoo.org/buglist.cgi?quicksearch=assignee%3Asecurity%20kernel +# +=sys-kernel/gentoo-sources-3.8.13 + # Markos Chandras <hwoarang@gentoo.org> (30 Aug 2013) # Masked for proper testing in production =dev-util/buildbot-0.8.8 |