[Secure-testing-commits] r26563 - data/CVE
Salvatore Bonaccorso
carnil at moszumanska.debian.org
Tue Apr 15 19:42:01 UTC 2014
Author: carnil
Date: 2014-04-15 19:42:01 +0000 (Tue, 15 Apr 2014)
New Revision: 26563
Modified:
data/CVE/list
Log:
Add temporary (no CVE yet) issue for linux
NOTE for reviewers: I have searched the version containing the commit.
It was introduced in v3.0 and fix contained in v3.2. 3.2.20-1 is the
first src:linux version uploaded containing the fix, likelywise 3.2.1-1
the first v3.2 version of src:linux-2.6.
Modified: data/CVE/list
===================================================================
--- data/CVE/list 2014-04-15 19:26:18 UTC (rev 26562)
+++ data/CVE/list 2014-04-15 19:42:01 UTC (rev 26563)
@@ -1,3 +1,9 @@
+CVE-2014-XXXX [arch: x86: net: bpf_jit: an off-by-one bug in x86_64 cond jump target]
+ - linux 3.2.20-1
+ - linux-2.6 3.2.1-1
+ [squeeze] - linux-2.6 <not-affected> (Introduced in 3.0)
+ NOTE: introduced by https://git.kernel.org/linus/0a14842f5a3c0e88a1e59fac5c3025db39721f74
+ NOTE: Upstrem fix in https://git.kernel.org/linus/a03ffcf873fe0f2565386ca8ef832144c42e67fa
CVE-2014-XXXX [qemu: out of bounds buffer access, guest triggerable via IDE SMART]
- qemu <unfixed>
- qemu-kvm <removed>
More information about the Secure-testing-commits
mailing list