[Secure-testing-commits] r20557 - data/CVE

Tue Nov 27 13:04:38 UTC 2012

Author: jmm
Date: 2012-11-27 13:04:37 +0000 (Tue, 27 Nov 2012)
New Revision: 20557

Modified:
   data/CVE/list
Log:
multiple CVE IDs have been split off from the tmem xen issue (no-dsa)


Modified: data/CVE/list
===================================================================

--- data/CVE/list	2012-11-27 08:13:21 UTC (rev 20556)
+++ data/CVE/list	2012-11-27 13:04:37 UTC (rev 20557)
@@ -1,19 +1,33 @@
 CVE-2012-6037 (Multiple cross-site scripting (XSS) vulnerabilities in Mahara 1.4.x ...)
 	TODO: check
 CVE-2012-6036 (The (1) memc_save_get_next_page, (2) tmemc_restore_put_page and (3) ...)
-	TODO: check
+	- xen <unfixed> (bug #686764)
+	[squeeze] - xen <no-dsa> (Experimental/unsupported feature)
+	[wheezy] - xen <no-dsa> (Experimental/unsupported feature)
 CVE-2012-6035 (The do_tmem_destroy_pool function in the Transcendent Memory (TMEM) in ...)
-	TODO: check
+	- xen <unfixed> (bug #686764)
+	[squeeze] - xen <no-dsa> (Experimental/unsupported feature)
+	[wheezy] - xen <no-dsa> (Experimental/unsupported feature)
 CVE-2012-6034 (The (1) tmemc_save_get_next_page and (2) tmemc_save_get_next_inv ...)
-	TODO: check
+	- xen <unfixed> (bug #686764)
+	[squeeze] - xen <no-dsa> (Experimental/unsupported feature)
+	[wheezy] - xen <no-dsa> (Experimental/unsupported feature)
 CVE-2012-6033 (The do_tmem_control function in the Transcendent Memory (TMEM) in Xen ...)
-	TODO: check
+	- xen <unfixed> (bug #686764)
+	[squeeze] - xen <no-dsa> (Experimental/unsupported feature)
+	[wheezy] - xen <no-dsa> (Experimental/unsupported feature)
 CVE-2012-6032 (Multiple integer overflows in the (1) tmh_copy_from_client and (2) ...)
-	TODO: check
+	- xen <unfixed> (bug #686764)
+	[squeeze] - xen <no-dsa> (Experimental/unsupported feature)
+	[wheezy] - xen <no-dsa> (Experimental/unsupported feature)
 CVE-2012-6031 (The do_tmem_get function in the Transcendent Memory (TMEM) in Xen 4.0, ...)
-	TODO: check
+	- xen <unfixed> (bug #686764)
+	[squeeze] - xen <no-dsa> (Experimental/unsupported feature)
+	[wheezy] - xen <no-dsa> (Experimental/unsupported feature)
 CVE-2012-6030 (The do_tmem_op function in the Transcendent Memory (TMEM) in Xen 4.0, ...)
-	TODO: check
+	- xen <unfixed> (bug #686764)
+	[squeeze] - xen <no-dsa> (Experimental/unsupported feature)
+	[wheezy] - xen <no-dsa> (Experimental/unsupported feature)
 CVE-2012-6029
 	RESERVED
 CVE-2012-6028
@@ -6494,6 +6508,8 @@
 	[squeeze] - xen <not-affected> (Vulnerable code not present)
 CVE-2012-3497 ((1) TMEMC_SAVE_GET_CLIENT_WEIGHT, (2) TMEMC_SAVE_GET_CLIENT_CAP, (3) ...)
 	- xen <unfixed> (bug #686764)
+	[squeeze] - xen <no-dsa> (Experimental/unsupported feature)
+	[wheezy] - xen <no-dsa> (Experimental/unsupported feature)
 CVE-2012-3496 (XENMEM_populate_physmap in Xen 4.0, 4.1, and 4.2, and Citrix XenServer ...)
 	{DSA-2544-1}
 	- xen 4.1.3-2 (bug #686764)
@@ -6891,7 +6907,7 @@
 	NOTE: http://seclists.org/bugtraq/2012/Jul/48
 CVE-2012-3375 (The epoll_ctl system call in fs/eventpoll.c in the Linux kernel before ...)
 	- linux 3.2.23-1
-	- linux-2.6 <not-affected> (http://anonscm.debian.org/viewvc/kernel-sec/retired/CVE-2012-3375?revision=2730&view=markup)
+	- linux-2.6 <not-affected> (Introduced in 3.2)
 CVE-2012-3374 (Buffer overflow in markup.c in the MXit protocol plugin in libpurple ...)
 	{DSA-2509-1}
 	- pidgin 2.10.6-1 (bug #680661)


