[Secure-testing-commits] r24269 - data/CVE
Salvatore Bonaccorso
carnil at alioth.debian.org
Sun Nov 3 12:48:11 UTC 2013
Author: carnil
Date: 2013-11-03 12:48:10 +0000 (Sun, 03 Nov 2013)
New Revision: 24269
Modified:
data/CVE/list
Log:
Two CVes for libvirt fixed in experimental
Modified: data/CVE/list
===================================================================
--- data/CVE/list 2013-11-03 12:43:50 UTC (rev 24268)
+++ data/CVE/list 2013-11-03 12:48:10 UTC (rev 24269)
@@ -4469,12 +4469,14 @@
[squeeze] - libvirt <not-affected> (Introduced in 1.1.0, REMOTE_PROC_CONNECT_DOMAIN_XML_TO|FROM_NATIVE not yet present)
[wheezy] - libvirt <not-affected> (Introduced in 1.1.0, REMOTE_PROC_CONNECT_DOMAIN_XML_TO|FROM_NATIVE not yet present)
NOTE: http://libvirt.org/git/?p=libvirt.git;a=commit;h=57687fd6bf7f6e1b3662c52f3f26c06ab19dc96c
+ NOTE: fixed in experimental 1.1.4~rc2-1, mark when first uploaded to unstable
CVE-2013-4400 [virt-login-shell arbitrary file overwrites vulnerability]
RESERVED
- libvirt <unfixed> (bug #727101)
[squeeze] - libvirt <not-affected> (Introduced in 1.1.2, virt-login-shell not yet present)
[wheezy] - libvirt <not-affected> (Introduced in 1.1.2, virt-login-shell not yet present)
NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=1015228#c3
+ NOTE: fixed in experimental 1.1.4~rc2-1, mark when first uploaded to unstable
CVE-2013-4399 [unprivileged user can crash libvirtd when ACLs are enabled]
RESERVED
- libvirt <unfixed>
More information about the Secure-testing-commits
mailing list