[Secure-testing-commits] r22881 - data/CVE
Salvatore Bonaccorso
carnil at alioth.debian.org
Mon Jul 8 14:06:29 UTC 2013
Author: carnil
Date: 2013-07-08 14:06:29 +0000 (Mon, 08 Jul 2013)
New Revision: 22881
Modified:
data/CVE/list
Log:
removed three jessie tagged CVE entries
Modified: data/CVE/list
===================================================================
--- data/CVE/list 2013-07-08 13:55:19 UTC (rev 22880)
+++ data/CVE/list 2013-07-08 14:06:29 UTC (rev 22881)
@@ -4103,7 +4103,6 @@
- linux 3.9.4-1
- linux-2.6 <not-affected> (Introduced in 3.1)
[wheezy] - linux 3.2.46-1
- [jessie] - linux 3.2.46-1
CVE-2013-2849 (Multiple cross-site scripting (XSS) vulnerabilities in Google Chrome ...)
{DSA-2695-1}
- chromium-browser 27.0.1453.93-1
@@ -4669,7 +4668,6 @@
CVE-2013-2596 (Integer overflow in the fb_mmap function in drivers/video/fbmem.c in ...)
- linux 3.9-1
[wheezy] - linux 3.2.46-1
- [jessie] - linux 3.2.46-1
NOTE: the issue comes from fbmem code from linux mainline, the exploit was just targetting motorola
NOTE: phones that ship code that is based on the original linux code, but both are affected.
NOTE: an exploit needs access to /dev/fb0 which is not world readable/writable on Debian
@@ -5974,7 +5972,6 @@
- linux-2.6 <removed>
- linux 3.9.4-1
[wheezy] - linux 3.2.46-1
- [jessie] - linux 3.2.46-1
CVE-2013-2145 [arbitrary code execution when verifying SIGNATURE]
RESERVED
- libmodule-signature-perl 0.73-1 (bug #711239)
More information about the Secure-testing-commits
mailing list