1 |
tomwij 13/08/31 19:46:20 |
2 |
|
3 |
Modified: ChangeLog package.mask |
4 |
Log: |
5 |
Gentoo sources 3.8.13 masked due to security bug #475618: CVE-2013-1059: Linux Kernel Ceph NULL Pointer Dereference Denial of Service Vulnerability |
6 |
|
7 |
Revision Changes Path |
8 |
1.8205 profiles/ChangeLog |
9 |
|
10 |
file : http://sources.gentoo.org/viewvc.cgi/gentoo-x86/profiles/ChangeLog?rev=1.8205&view=markup |
11 |
plain: http://sources.gentoo.org/viewvc.cgi/gentoo-x86/profiles/ChangeLog?rev=1.8205&content-type=text/plain |
12 |
diff : http://sources.gentoo.org/viewvc.cgi/gentoo-x86/profiles/ChangeLog?r1=1.8204&r2=1.8205 |
13 |
|
14 |
Index: ChangeLog |
15 |
=================================================================== |
16 |
RCS file: /var/cvsroot/gentoo-x86/profiles/ChangeLog,v |
17 |
retrieving revision 1.8204 |
18 |
retrieving revision 1.8205 |
19 |
diff -u -r1.8204 -r1.8205 |
20 |
--- ChangeLog 31 Aug 2013 15:21:46 -0000 1.8204 |
21 |
+++ ChangeLog 31 Aug 2013 19:46:19 -0000 1.8205 |
22 |
@@ -1,11 +1,15 @@ |
23 |
# ChangeLog for profile directory |
24 |
# Copyright 1999-2013 Gentoo Foundation; Distributed under the GPL v2 |
25 |
-# $Header: /var/cvsroot/gentoo-x86/profiles/ChangeLog,v 1.8204 2013/08/31 15:21:46 pacho Exp $ |
26 |
+# $Header: /var/cvsroot/gentoo-x86/profiles/ChangeLog,v 1.8205 2013/08/31 19:46:19 tomwij Exp $ |
27 |
# |
28 |
# This ChangeLog should include records for all changes in profiles directory. |
29 |
# Only typo fixes which don't affect portage/repoman behaviour could be avoided |
30 |
# here. If in doubt put a record here! |
31 |
|
32 |
+ 31 Aug 2013; Tom Wijsman <TomWij@g.o> package.mask: |
33 |
+ Gentoo sources 3.8.13 masked due to security bug #475618: CVE-2013-1059: |
34 |
+ Linux Kernel Ceph NULL Pointer Dereference Denial of Service Vulnerability |
35 |
+ |
36 |
31 Aug 2013; Pacho Ramos <pacho@g.o> package.mask: |
37 |
Clean mask entries |
38 |
|
39 |
|
40 |
|
41 |
|
42 |
1.15081 profiles/package.mask |
43 |
|
44 |
file : http://sources.gentoo.org/viewvc.cgi/gentoo-x86/profiles/package.mask?rev=1.15081&view=markup |
45 |
plain: http://sources.gentoo.org/viewvc.cgi/gentoo-x86/profiles/package.mask?rev=1.15081&content-type=text/plain |
46 |
diff : http://sources.gentoo.org/viewvc.cgi/gentoo-x86/profiles/package.mask?r1=1.15080&r2=1.15081 |
47 |
|
48 |
Index: package.mask |
49 |
=================================================================== |
50 |
RCS file: /var/cvsroot/gentoo-x86/profiles/package.mask,v |
51 |
retrieving revision 1.15080 |
52 |
retrieving revision 1.15081 |
53 |
diff -u -r1.15080 -r1.15081 |
54 |
--- package.mask 31 Aug 2013 15:21:46 -0000 1.15080 |
55 |
+++ package.mask 31 Aug 2013 19:46:19 -0000 1.15081 |
56 |
@@ -1,6 +1,6 @@ |
57 |
#################################################################### |
58 |
|
59 |
-# $Header: /var/cvsroot/gentoo-x86/profiles/package.mask,v 1.15080 2013/08/31 15:21:46 pacho Exp $ |
60 |
+# $Header: /var/cvsroot/gentoo-x86/profiles/package.mask,v 1.15081 2013/08/31 19:46:19 tomwij Exp $ |
61 |
# |
62 |
# When you add an entry to the top of this file, add your name, the date, and |
63 |
# an explanation of why something is getting masked. Please be extremely |
64 |
@@ -31,6 +31,35 @@ |
65 |
|
66 |
#--- END OF EXAMPLES --- |
67 |
|
68 |
+# Tom Wijsman <TomWij@g.o> (28 Aug 2013) |
69 |
+# Gentoo sources 3.8.13 masked due to security bug #475618: CVE-2013-1059: |
70 |
+# Linux Kernel Ceph NULL Pointer Dereference Denial of Service Vulnerability |
71 |
+# |
72 |
+# This kernel also contains other security bugs due to its old age (May 11). |
73 |
+# |
74 |
+# We advice users to upgrade to the new stable kernel 3.10.7; alternatively, if |
75 |
+# necessary, users can also choose to accept keywords and accept a kernel from |
76 |
+# the earlier long term stable branches (3.0.X or 3.4.Y), this might be the case |
77 |
+# if you have older hardware or an unfortunate stability bug on 3.10.7. |
78 |
+# |
79 |
+# You can accept keywords by adding sys-kernel/gentoo-sources to the file |
80 |
+# /etc/portage/package.accept_keywords after which you can run |
81 |
+# `emerge sys-kernel/gentoo-sources:X.Y.Z` to select a specific LTS kernel. |
82 |
+# When you choose to turn back to stable later, don't forget to remove that. |
83 |
+# |
84 |
+# For proprietary NVIDIA drivers users, we temporarily keep 3.9.11-r1 around |
85 |
+# as some of them experience problems with the new stable kernel 3.10.7; we aim |
86 |
+# to mask it in one of the next weeks when the new branch 3.11 is out. |
87 |
+# |
88 |
+# References: |
89 |
+# |
90 |
+# - http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2013-1059 |
91 |
+# - https://secunia.com/advisories/54042/ |
92 |
+# - https://bugs.gentoo.org/show_bug.cgi?id=475618 |
93 |
+# - https://bugs.gentoo.org/buglist.cgi?quicksearch=assignee%3Asecurity%20kernel |
94 |
+# |
95 |
+=sys-kernel/gentoo-sources-3.8.13 |
96 |
+ |
97 |
# Markos Chandras <hwoarang@g.o> (30 Aug 2013) |
98 |
# Masked for proper testing in production |
99 |
=dev-util/buildbot-0.8.8 |