[Secure-testing-commits] r15217 - data/CVE

Moritz Muehlenhoff jmm-guest at alioth.debian.org
Thu Aug 26 09:11:27 UTC 2010


Author: jmm-guest
Date: 2010-08-26 09:11:20 +0000 (Thu, 26 Aug 2010)
New Revision: 15217

Modified:
   data/CVE/list
Log:
- one kvm issue doesn't affect Debian
- spice ITPd


Modified: data/CVE/list
===================================================================
--- data/CVE/list	2010-08-26 08:46:30 UTC (rev 15216)
+++ data/CVE/list	2010-08-26 09:11:20 UTC (rev 15217)
@@ -746,7 +746,7 @@
 CVE-2010-2812 (Client.cpp in ZNC 0.092 allows remote attackers to cause a denial of ...)
 	TODO: check
 CVE-2010-2811 (Virtual Desktop Server Manager (VDSM) in Red Hat Enterprise ...)
-	TODO: check
+	NOT-FOR-US: Red Hat Virtual Desktop Server Manager
 CVE-2010-2810 (Heap-based buffer overflow in the convert_to_idna function in ...)
 	- lynx-cur <unfixed> (bug #594300)
 	[lenny] - lynx-cur <no-dsa> (Minor issue)
@@ -7446,13 +7446,14 @@
 CVE-2010-0432 (Multiple cross-site scripting (XSS) vulnerabilities in the Apache Open ...)
 	NOT-FOR-US: Apache Open For Business Project (OFBiz)
 CVE-2010-0431 (QEMU-KVM, as used in the Hypervisor (aka rhev-hypervisor) in Red Hat ...)
-	TODO: check
+	- qemu-kvm <not-affected> (QXL support not yet present in Debian packages)
+	- kvm <not-affected> (QXL support not yet present in Debian packages)
 CVE-2010-0430
 	RESERVED
 CVE-2010-0429 (libspice, as used in QEMU-KVM in the Hypervisor (aka rhev-hypervisor) ...)
-	TODO: check
+	- spice <itp> (bug #560721)
 CVE-2010-0428 (libspice, as used in QEMU-KVM in the Hypervisor (aka rhev-hypervisor) ...)
-	TODO: check
+	- spice <itp> (bug #560721)
 CVE-2010-0427 (sudo 1.6.x before 1.6.9p21, when the runas_default option is used, ...)
 	{DSA-2006-1}
 	- sudo 1.7.0-1




More information about the Secure-testing-commits mailing list