[Secure-testing-commits] r16618 - data/CVE
Moritz Muehlenhoff
jmm at alioth.debian.org
Sun May 1 20:21:47 UTC 2011
Author: jmm
Date: 2011-05-01 20:21:47 +0000 (Sun, 01 May 2011)
New Revision: 16618
Modified:
data/CVE/list
Log:
kvm update
add spip DSA
Modified: data/CVE/list
===================================================================
--- data/CVE/list 2011-05-01 16:51:52 UTC (rev 16617)
+++ data/CVE/list 2011-05-01 20:21:47 UTC (rev 16618)
@@ -1,3 +1,6 @@
+CVE-2011-XXXX [spip DoS]
+ - spip <unfixed>
+ [squeeze] - spip 2.1.1-3squeeze1
CVE-2011-1827
RESERVED
CVE-2011-XXXX [Arbitrary command execution via sudo opcontrol]
@@ -221,7 +224,8 @@
RESERVED
CVE-2011-1750 [virtio-blk: heap buffer overflow caused by unaligned requests]
RESERVED
- TODO: check
+ - qemu-kvm <unfixed> (bug #624177)
+ - kvm <not-affected> (Vulnerable code not present)
NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=698906
CVE-2011-1749 [nfs-utils: mount.nfs fails to anticipate RLIMIT_FSIZE]
RESERVED
@@ -5597,8 +5601,8 @@
NOT-FOR-US: SPICE Firefox plug-in
CVE-2011-0011 [qemu-kvm: Setting VNC password to empty string silently disables all authentication]
RESERVED
- - qemu <unfixed> (unimportant; bug #611134)
- - kvm <removed> (unimportant; bug #611134)
+ - qemu-kvm <unfixed> (low; bug #611134)
+ - kvm <not-affected> (Vulnerable code not present)
NOTE: Harmless implementation bug, see discussion in #611134
CVE-2011-0010 (check.c in sudo 1.7.x before 1.7.4p5, when a Runas group is ...)
- sudo 1.7.4p4-6 (bug #609641)
More information about the Secure-testing-commits
mailing list