[Secure-testing-commits] r13375 - data/CVE

Michael Gilbert gilbert-guest at alioth.debian.org
Wed Nov 25 18:21:36 UTC 2009 

Author: gilbert-guest
Date: 2009-11-25 18:21:35 +0000 (Wed, 25 Nov 2009)
New Revision: 13375

Modified:
   data/CVE/list
Log:
- new kernel kvm issue
- kvm issues fixed in unstable

Modified: data/CVE/list
===================================================================
--- data/CVE/list	2009-11-25 17:55:19 UTC (rev 13374)
+++ data/CVE/list	2009-11-25 18:21:35 UTC (rev 13375)
@@ -73,8 +73,12 @@
 	RESERVED
 CVE-2009-4032
 	RESERVED
-CVE-2009-4031
+CVE-2009-4031 [linux-2.6/kvm dos]
 	RESERVED
+	- linux-2.6 <unfixed> (low)
+	[etch] - linux-2.6 <not-affected> (kvm introduced in 2.6.25)
+	- linux-2.6.24 <not-affected> (kvm introduced in 2.6.25)
+	- kvm <unfixed> (low)
 CVE-2009-4030
 	RESERVED
 CVE-2009-4029
@@ -308,7 +312,7 @@
 	- linux-2.6 <unfixed> (medium)
 	[etch] - linux-2.6 <not-affected> (kvm introduced in 2.6.25)
 	- linux-2.6.24 <not-affected> (kvm introduced in 2.6.25)
-	- kvm <unfixed> (medium; bug #557736)
+	- kvm 88+dfsg-2 (medium; bug #557736)
 	NOTE: http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git;a=commitdiff;h=a9e38c3e01ad242fe2a625354cf065c34b01e3aa
 CVE-2009-3937 (Memory leak in Solaris TCP sockets in Sun OpenSolaris snv_106 through ...)
 	NOT-FOR-US: Sun OpenSolaris
@@ -800,7 +804,7 @@
 	[etch] - linux-2.6 <not-affected> (issue introduced in 2.6.30-rc1)
 	[lenny] - linux-2.6 <not-affected> (issue introduced in 2.6.30-rc1)
 	- linux-2.6 2.6.31-1 (low)
-	- kvm <unfixed> (low; bug #557739)
+	- kvm 88+dfsg-2 (low; bug #557739)
 	NOTE: http://bugzilla.redhat.com/531660
 	NOTE: http://git.kernel.org/linus/0a79b009525b160081d75cef5dbf45817956acf2
 CVE-2009-3721
@@ -1022,7 +1026,7 @@
 	[lenny] - linux-2.6 <not-affected> (introduced post 2.6.27)
 	[etch] - linux-2.6 <not-affected> (introduced post 2.6.27)
 	- linux-2.6.24 <not-affected> (introduced post 2.6.27)
-	- kvm <unfixed> (medium; bug #557737)
+	- kvm 88+dfsg-2 (medium; bug #557737)
 	[lenny] - kvm <not-affected> (Vulnerable code not present)
 CVE-2009-3639 (The mod_tls module in ProFTPD before 1.3.2b, and 1.3.3 before ...)
 	{DSA-1925-1}
@@ -5478,7 +5482,7 @@
 	{DSA-1846-1 DSA-1845-1}
 	- linux-2.6 2.6.30-2 (low)
 	- linux-2.6.24 <removed>
-	- kvm <unfixed> (low; bug #557737)
+	- kvm 88+dfsg-2 (low; bug #557737)
 CVE-2009-2285 (Buffer underflow in the LZWDecodeCompat function in libtiff 3.8.2 ...)
 	{DSA-1835-1}
 	- tiff 3.8.2-12 (low; bug #534137)

More information about the Secure-testing-commits mailing list