[Secure-testing-commits] r24083 - data/CVE

Salvatore Bonaccorso carnil at alioth.debian.org
Sun Oct 20 20:31:09 UTC 2013 

Author: carnil
Date: 2013-10-20 20:31:09 +0000 (Sun, 20 Oct 2013)
New Revision: 24083

Modified:
   data/CVE/list
Log:
Add fixed version for linux/3.11.5-1 upload to unstable

Modified: data/CVE/list
===================================================================
--- data/CVE/list	2013-10-20 20:19:24 UTC (rev 24082)
+++ data/CVE/list	2013-10-20 20:31:09 UTC (rev 24083)
@@ -3922,7 +3922,7 @@
 	NOTE: http://git.videolan.org/?p=vlc.git;a=commitdiff;h=9794ec1cd268c04c8bca13a5fae15df6594dff3e
 CVE-2013-4387 (net/ipv6/ip6_output.c in the Linux kernel through 3.11.4 does not ...)
 	- linux-2.6 <removed>
-	- linux <unfixed>
+	- linux 3.11.5-1
 CVE-2013-4386
 	RESERVED
 CVE-2013-4385 (Buffer overflow in the "read-string!" procedure in the "extras" unit ...)
@@ -4056,7 +4056,7 @@
 	- gnupg2 2.0.22-1 (low; bug #722724)
 CVE-2013-4350 (The IPv6 SCTP implementation in net/sctp/ipv6.c in the Linux kernel ...)
 	- linux-2.6 <removed>
-	- linux <unfixed>
+	- linux 3.11.5-1
 	NOTE: http://www.openwall.com/lists/oss-security/2013/09/13/2
 	NOTE: http://git.kernel.org/cgit/linux/kernel/git/davem/net.git/commit/?id=95ee62083cb6453e056562d91f597552021e6ae7
 CVE-2013-4349 [IcedTeaScriptableJavaObject::invoke off-by-one heap-based buffer overflow]
@@ -4081,7 +4081,7 @@
 	NOTE: https://github.com/simplegeo/python-oauth2/issues/129
 CVE-2013-4345 (Off-by-one error in the get_prng_bytes function in crypto/ansi_cprng.c ...)
 	- linux-2.6 <removed>
-	- linux <unfixed>
+	- linux 3.11.5-1
 CVE-2013-4344 (Buffer overflow in the SCSI implementation in QEMU, as used in Xen, ...)
 	- xen 4.2-1
 	- qemu 1.6.0+dfsg-2 (unimportant; bug #725944)
@@ -4092,7 +4092,7 @@
 	NOTE: Xen in Wheezy includes qemu
 	NOTE: Xen after Wheezy uses qemu-system-x86 from qemu, marking 4.2 as pseudo fixed
 CVE-2013-4343 (Use-after-free vulnerability in drivers/net/tun.c in the Linux kernel ...)
-	- linux <unfixed>
+	- linux 3.11.5-1
 	[wheezy] - linux <not-affected> (Introduced in 3.8)
 	- linux-2.6 <not-affected> (Introduced in 3.8)
 CVE-2013-4342 (xinetd does not enforce the user and group configuration directives ...)
@@ -7658,21 +7658,21 @@
 	[wheezy] - linux <not-affected> (driver introduced in 3.7)
 	- linux-2.6 <not-affected> (driver introduced in 3.7)
 CVE-2013-2897 (Multiple array index errors in drivers/hid/hid-multitouch.c in the ...)
-	- linux <unfixed> (low)
+	- linux 3.11.5-1 (low)
 	- linux-2.6 <not-affected> (driver introduced in 2.6.38)
 CVE-2013-2896 (drivers/hid/hid-ntrig.c in the Human Interface Device (HID) subsystem ...)
 	- linux 3.10.11-1 (low)
 	[wheezy] - linux 3.2.51-1
 	- linux-2.6 <not-affected> (Vulnerable feature probing code not present)
 CVE-2013-2895 (drivers/hid/hid-logitech-dj.c in the Human Interface Device (HID) ...)
-	- linux <unfixed> (low)
+	- linux 3.11.5-1 (low)
 	- linux-2.6 <not-affected> (driver introduced in 3.2)
 CVE-2013-2894 (drivers/hid/hid-lenovo-tpkbd.c in the Human Interface Device (HID) ...)
-	- linux <unfixed> (low)
+	- linux 3.11.5-1 (low)
 	[wheezy] - linux <not-affected> (driver introduced in 3.6)
 	- linux-2.6 <not-affected> (driver introduced in 3.6)
 CVE-2013-2893 (The Human Interface Device (HID) subsystem in the Linux kernel through ...)
-	- linux <unfixed> (low)
+	- linux 3.11.5-1 (low)
 	- linux-2.6 <removed> (low)
 CVE-2013-2892 (drivers/hid/hid-pl.c in the Human Interface Device (HID) subsystem in ...)
 	{DSA-2766-1}
@@ -7680,14 +7680,14 @@
 	[wheezy] - linux 3.2.51-1
 	- linux-2.6 <removed> (low)
 CVE-2013-2891 (drivers/hid/hid-steelseries.c in the Human Interface Device (HID) ...)
-	- linux <unfixed> (low)
+	- linux 3.11.5-1 (low)
 	[wheezy] - linux <not-affected> (steelseries driver introduced in 3.9)
 	- linux-2.6 <not-affected> (steelseries driver introduced in 3.9)
 CVE-2013-2890 (drivers/hid/hid-sony.c in the Human Interface Device (HID) subsystem ...)
 	- linux <not-affected> (buzz driver introduced in 3.11 cycle, only in experimental)
 	- linux-2.6 <not-affected> (buzz driver introduced in 3.11 cycle)
 CVE-2013-2889 (drivers/hid/hid-zpff.c in the Human Interface Device (HID) subsystem ...)
-	- linux <unfixed> (low)
+	- linux 3.11.5-1 (low)
 	- linux-2.6 <removed> (low)
 CVE-2013-2888 (Multiple array index errors in drivers/hid/hid-core.c in the Human ...)
 	{DSA-2766-1}
@@ -9760,7 +9760,7 @@
 	- linux 3.9.8-1 (low)
 CVE-2013-2147 (The HP Smart Array controller disk-array driver and Compaq SMART2 ...)
 	- linux-2.6 <removed> (low)
-	- linux <unfixed> (low)
+	- linux 3.11.5-1 (low)
 CVE-2013-2146 (arch/x86/kernel/cpu/perf_event_intel.c in the Linux kernel before ...)
 	- linux-2.6 <not-affected> (Introduced in 3.1)
 	- linux 3.9.4-1

More information about the Secure-testing-commits mailing list