[Secure-testing-commits] r22047 - data/CVE
Salvatore Bonaccorso
carnil at alioth.debian.org
Sat Apr 27 04:50:49 UTC 2013
Author: carnil
Date: 2013-04-27 04:50:48 +0000 (Sat, 27 Apr 2013)
New Revision: 22047
Modified:
data/CVE/list
Log:
mark tmem related xen issues as unimportant
NOTE: as considered as technology preview it should not be used in production systems, thus
marking as unimportant
Modified: data/CVE/list
===================================================================
--- data/CVE/list 2013-04-26 21:15:03 UTC (rev 22046)
+++ data/CVE/list 2013-04-27 04:50:48 UTC (rev 22047)
@@ -8840,33 +8840,47 @@
{DSA-2591-1}
- mahara 1.5.1-3
CVE-2012-6036 (The (1) memc_save_get_next_page, (2) tmemc_restore_put_page and (3) ...)
- - xen <unfixed> (bug #686764)
+ - xen <unfixed> (unimportant; bug #686764)
[squeeze] - xen <no-dsa> (Experimental/unsupported feature)
[wheezy] - xen <no-dsa> (Experimental/unsupported feature)
+ NOTE: CVE-2012-3497 has been SPLIT into this ID and others
+ NOTE: TMEM not supported for production systems (technology preview)
CVE-2012-6035 (The do_tmem_destroy_pool function in the Transcendent Memory (TMEM) in ...)
- - xen <unfixed> (bug #686764)
+ - xen <unfixed> (unimportant; bug #686764)
[squeeze] - xen <no-dsa> (Experimental/unsupported feature)
[wheezy] - xen <no-dsa> (Experimental/unsupported feature)
+ NOTE: CVE-2012-3497 has been SPLIT into this ID and others
+ NOTE: TMEM not supported for production systems (technology preview)
CVE-2012-6034 (The (1) tmemc_save_get_next_page and (2) tmemc_save_get_next_inv ...)
- - xen <unfixed> (bug #686764)
+ - xen <unfixed> (unimportant; bug #686764)
[squeeze] - xen <no-dsa> (Experimental/unsupported feature)
[wheezy] - xen <no-dsa> (Experimental/unsupported feature)
+ NOTE: CVE-2012-3497 has been SPLIT into this ID and others
+ NOTE: TMEM not supported for production systems (technology preview)
CVE-2012-6033 (The do_tmem_control function in the Transcendent Memory (TMEM) in Xen ...)
- - xen <unfixed> (bug #686764)
+ - xen <unfixed> (unimportant; bug #686764)
[squeeze] - xen <no-dsa> (Experimental/unsupported feature)
[wheezy] - xen <no-dsa> (Experimental/unsupported feature)
+ NOTE: CVE-2012-3497 has been SPLIT into this ID and others
+ NOTE: TMEM not supported for production systems (technology preview)
CVE-2012-6032 (Multiple integer overflows in the (1) tmh_copy_from_client and (2) ...)
- - xen <unfixed> (bug #686764)
+ - xen <unfixed> (unimportant; bug #686764)
[squeeze] - xen <no-dsa> (Experimental/unsupported feature)
[wheezy] - xen <no-dsa> (Experimental/unsupported feature)
+ NOTE: CVE-2012-3497 has been SPLIT into this ID and others
+ NOTE: TMEM not supported for production systems (technology preview)
CVE-2012-6031 (The do_tmem_get function in the Transcendent Memory (TMEM) in Xen 4.0, ...)
- - xen <unfixed> (bug #686764)
+ - xen <unfixed> (unimportant; bug #686764)
[squeeze] - xen <no-dsa> (Experimental/unsupported feature)
[wheezy] - xen <no-dsa> (Experimental/unsupported feature)
+ NOTE: CVE-2012-3497 has been SPLIT into this ID and others
+ NOTE: TMEM not supported for production systems (technology preview)
CVE-2012-6030 (The do_tmem_op function in the Transcendent Memory (TMEM) in Xen 4.0, ...)
- - xen <unfixed> (bug #686764)
+ - xen <unfixed> (unimportant; bug #686764)
[squeeze] - xen <no-dsa> (Experimental/unsupported feature)
[wheezy] - xen <no-dsa> (Experimental/unsupported feature)
+ NOTE: CVE-2012-3497 has been SPLIT into this ID and others
+ NOTE: TMEM not supported for production systems (technology preview)
CVE-2012-6029 (Multiple cross-site scripting (XSS) vulnerabilities in the ...)
NOT-FOR-US: Cisco NAC Appliance
CVE-2012-6028
@@ -15589,9 +15603,10 @@
- xen 4.1.3-2 (bug #686764)
[squeeze] - xen <not-affected> (Vulnerable code not present)
CVE-2012-3497 ((1) TMEMC_SAVE_GET_CLIENT_WEIGHT, (2) TMEMC_SAVE_GET_CLIENT_CAP, (3) ...)
- - xen 4.1.4-1 (bug #686764)
+ - xen <unfixed> (unimportant; bug #686764)
[squeeze] - xen <no-dsa> (Experimental/unsupported feature)
[wheezy] - xen <no-dsa> (Experimental/unsupported feature)
+ NOTE: TMEM not supported for production systems (technology preview)
CVE-2012-3496 (XENMEM_populate_physmap in Xen 4.0, 4.1, and 4.2, and Citrix XenServer ...)
{DSA-2544-1}
- xen 4.1.3-2 (bug #686764)
More information about the Secure-testing-commits
mailing list