Skip to content

linux: multiple TCP-based remote denial of service vulnerabilities #63373

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Merged
merged 5 commits into from
Jun 17, 2019
Merged

linux: multiple TCP-based remote denial of service vulnerabilities #63373

merged 5 commits into from
Jun 17, 2019
+10 −10

Conversation

alyssais
Copy link
Member

@alyssais alyssais commented Jun 17, 2019
edited
Loading

Motivation for this change

https://github.com/Netflix/security-bulletins/blob/master/advisories/third-party/2019-001.md

Things done
  • Tested using sandboxing (nix.useSandbox on NixOS, or option sandbox in nix.conf on non-NixOS)
  • Built on platform(s)
    • NixOS
    • macOS
    • other Linux distributions
  • Tested via one or more NixOS test(s) if existing and applicable for the change (look inside nixos/tests)
  • Tested compilation of all pkgs that depend on this change using nix-shell -p nix-review --run "nix-review wip"
  • Tested execution of all binary files (usually in ./result/bin/)
  • Determined the impact on package closure size (by running nix path-info -S before and after)
  • Assured whether relevant documentation is up to date
  • Fits CONTRIBUTING.md.

Sorry, something went wrong.

alyssais added 5 commits June 17, 2019 19:43
@alyssais
linux_4_4: 4.4.181 -> 4.4.182

Unverified

This commit is not signed, but one or more authors requires that any commit attributed to them is signed.
Learn about vigilant mode
4810809 
CVE-2019-11477
CVE-2019-11478
CVE-2019-11479
@alyssais
linux_4_9: 4.9.181 -> 4.9.182

Verified

This commit was signed with the committer’s verified signature. The key has expired.
Ma27 Maximilian Bosch
GPG key ID: 091DBF4D1FC46B8E
Expired
Verified
Learn about vigilant mode
9ccdf3c 
CVE-2019-11477
CVE-2019-11478
CVE-2019-11479
@alyssais
linux_4_14: 4.14.126 -> 4.14.127
84de6ae 
CVE-2019-11477
CVE-2019-11478
CVE-2019-11479
@alyssais
linux_4_19: 4.19.51 -> 4.19.21
d5bf0ae 
CVE-2019-11477
CVE-2019-11478
CVE-2019-11479
@alyssais
linux_5_1: 5.1.10 -> 5.1.11
73e0f13 
CVE-2019-11477
CVE-2019-11478
CVE-2019-11479
@alyssais alyssais added 1.severity: security Issues which raise a security issue, or PRs that fix one 9.needs: port to stable A PR needs a backport to the stable release. labels Jun 17, 2019
@ofborg ofborg bot added 10.rebuild-darwin: 0 This PR does not cause any packages to rebuild on Darwin 10.rebuild-linux: 501+ 10.rebuild-linux: 1001-2500 labels Jun 17, 2019
@alyssais
Copy link
Member Author

Have tested the build myself.

@alyssais alyssais merged commit 4ef1306 into NixOS:master Jun 17, 2019
@alyssais alyssais deleted the netflix-cve branch June 17, 2019 20:32
@alyssais
Copy link
Member Author

Cherry-picked to 19.03.

@tilpner
Copy link
Member

tilpner commented Jun 18, 2019

Backport here, for reference: a49d7d3...07103a2

@TredwellGit TredwellGit added 8.has: port to stable A PR already has a backport to the stable release. and removed 9.needs: port to stable A PR needs a backport to the stable release. labels Aug 20, 2021
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers
No reviews
Assignees
No one assigned
Labels
1.severity: security Issues which raise a security issue, or PRs that fix one 8.has: port to stable A PR already has a backport to the stable release. 10.rebuild-darwin: 0 This PR does not cause any packages to rebuild on Darwin 10.rebuild-linux: 501+ 10.rebuild-linux: 1001-2500
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.

None yet
3 participants
@alyssais @tilpner @TredwellGit