[Secure-testing-commits] r26513 - data/CVE
Raphael Geissert
atomo64-guest at moszumanska.debian.org
Fri Apr 11 13:21:43 UTC 2014
Author: atomo64-guest
Date: 2014-04-11 13:21:43 +0000 (Fri, 11 Apr 2014)
New Revision: 26513
Modified:
data/CVE/list
Log:
notes for CVE-2014-0055 and CVE-2014-0077, squeeze not-affected
Modified: data/CVE/list
===================================================================
--- data/CVE/list 2014-04-11 10:58:48 UTC (rev 26512)
+++ data/CVE/list 2014-04-11 13:21:43 UTC (rev 26513)
@@ -7181,6 +7181,8 @@
RESERVED
- linux <unfixed>
- linux-2.6 <not-affected> (Vulnerable code not present)
+ NOTE: seems introduced in https://github.com/torvalds/linux/commit/8dd014adfea6f173c1ef6378f7e5e7924866c923
+ NOTE: qemu is built with support for vhost_net but nothing seems to actually load it
CVE-2014-0076 (The Montgomery ladder implementation in OpenSSL through 1.0.0l does ...)
- openssl 1.0.1g-1 (low; bug #742923)
[wheezy] - openssl <no-dsa> (Minor issue, local attack)
@@ -7271,8 +7273,10 @@
- neutron 2013.2.2-4 (bug #742800)
CVE-2014-0055 (The get_rx_bufs function in drivers/vhost/net.c in the vhost-net ...)
- linux <unfixed>
- - linux-2.6 <removed>
- TODO: check, Red Hat specific?
+ - linux-2.6 <not-affected> (Vulnerable code not present)
+ TODO: check
+ NOTE: introduced in https://github.com/torvalds/linux/commit/8dd014adfea6f173c1ef6378f7e5e7924866c923
+ NOTE: qemu is built with support for vhost_net but nothing seems to actually load it
CVE-2014-0054
RESERVED
{DSA-2890-1}
More information about the Secure-testing-commits
mailing list