Cip-kernel-sec Updates for Week of 2021-03-04


Chen-Yu Tsai (Moxa) <wens@...>
 

Hi,

This week there are three new issues:

- CVE-2021-0399 [net/xt_qtaguid] - Android kernel only
- CVE-2021-0447 [l2tp] - Fixed in all kernels
- CVE-2021-0448 [netfilter/ctnetlink] - Duplicate of CVE-2020-25211.
Fixed in all kernels.

In addition, CVE-2020-25639 (nVidia / nouveau) is now fixed.
CVE-2020-29368 requires another patch for 4.9, which is queued up for
4.9.259.

I also added CVE-2020-27067, which was missing from our archive.
This is a superset of CVE-2021-0447, and is already fixed.

Last, I fixed a bug in the Debian import script that I introduced
last week. Fixes spanning multiple releases should now be parsed
correctly. The Ubuntu import script was fixed to correctly parse
alternative comment styles. Comments from Ubuntu maintainers are
now correctly grouped.


Regards
ChenYu

Join cip-dev@lists.cip-project.org to automatically receive all group messages.