[Secure-testing-commits] r24119 - data/CVE

Salvatore Bonaccorso carnil at alioth.debian.org
Tue Oct 22 11:23:31 UTC 2013 

Author: carnil
Date: 2013-10-22 11:23:30 +0000 (Tue, 22 Oct 2013)
New Revision: 24119

Modified:
   data/CVE/list
Log:
Add bug number for libvirt issues

Modified: data/CVE/list
===================================================================
--- data/CVE/list	2013-10-22 10:11:47 UTC (rev 24118)
+++ data/CVE/list	2013-10-22 11:23:30 UTC (rev 24119)
@@ -3873,13 +3873,13 @@
 	- gnupg 1.4.15-1 (bug #725439)
 CVE-2013-4401 [unintended API access due to incorrect permissions checks]
 	RESERVED
-	- libvirt <unfixed>
+	- libvirt <unfixed> (bug #727101)
 	[squeeze] - libvirt <not-affected> (Introduced in 1.1.0, REMOTE_PROC_CONNECT_DOMAIN_XML_TO|FROM_NATIVE not yet present)
 	[wheezy] - libvirt <not-affected> (Introduced in 1.1.0, REMOTE_PROC_CONNECT_DOMAIN_XML_TO|FROM_NATIVE not yet present)
 	NOTE: http://libvirt.org/git/?p=libvirt.git;a=commit;h=57687fd6bf7f6e1b3662c52f3f26c06ab19dc96c
 CVE-2013-4400 [virt-login-shell arbitrary file overwrites vulnerability]
 	RESERVED
-	- libvirt <unfixed>
+	- libvirt <unfixed> (bug #727101)
 	[squeeze] - libvirt <not-affected> (Introduced in 1.1.2, virt-login-shell not yet present)
 	[wheezy] - libvirt <not-affected> (Introduced in 1.1.2, virt-login-shell not yet present)
 	NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=1015228#c3
@@ -3991,7 +3991,7 @@
 	RESERVED
 CVE-2013-4373
 	RESERVED
-	NOT-FOR-US: Red Hat JBoss Operations Network 
+	NOT-FOR-US: Red Hat JBoss Operations Network
 CVE-2013-4372 (Multiple cross-site scripting (XSS) vulnerabilities in Fuse Management ...)
 	NOT-FOR-US: JBoss Fuse
 CVE-2013-4371 [use-after-free in libxl_list_cpupool under memory pressure]
@@ -4271,7 +4271,7 @@
 	[wheezy] - keystone <not-affected> (only affects Folsom release and above)
 CVE-2013-4293
 	RESERVED
-	NOT-FOR-US: Red Hat JBoss Operations Network 
+	NOT-FOR-US: Red Hat JBoss Operations Network
 CVE-2013-4292 (libvirt 1.1.0 and 1.1.1 allows local users to cause a denial of ...)
 	- libvirt 1.1.2~rc2-1 (bug #721325)
 	[squeeze] - libvirt <not-affected> (Introduced with 1.1.0)

More information about the Secure-testing-commits mailing list