[Secure-testing-commits] r28187 - data/CVE

Moritz Muehlenhoff jmm at moszumanska.debian.org
Sun Aug 10 18:36:19 UTC 2014 

Author: jmm
Date: 2014-08-10 18:36:19 +0000 (Sun, 10 Aug 2014)
New Revision: 28187

Modified:
   data/CVE/list
Log:
more sid fixes


Modified: data/CVE/list
===================================================================
--- data/CVE/list	2014-08-10 18:28:40 UTC (rev 28186)
+++ data/CVE/list	2014-08-10 18:36:19 UTC (rev 28187)
@@ -20654,15 +20654,15 @@
 CVE-2013-4372 (Multiple cross-site scripting (XSS) vulnerabilities in Fuse Management ...)
 	NOT-FOR-US: JBoss Fuse
 CVE-2013-4371 (Use-after-free vulnerability in the libxl_list_cpupool function in the ...)
-	- xen <unfixed>
+	- xen 4.4.0-1
 	[wheezy] - xen <not-affected> (Vulnerable code only present from 4.2 onwards)
 	[squeeze] - xen <not-affected> (Vulnerable code only present from 4.2 onwards)
 CVE-2013-4370 (The ocaml binding for the xc_vcpu_getaffinity function in Xen 4.2.x ...)
-	- xen <unfixed>
+	- xen 4.4.0-1
 	[wheezy] - xen <not-affected> (Vulnerable code only present from 4.2 onwards)
 	[squeeze] - xen <not-affected> (Vulnerable code only present from 4.2 onwards)
 CVE-2013-4369 (The xlu_vif_parse_rate function in the libxlu library in Xen 4.2.x and ...)
-	- xen <unfixed>
+	- xen 4.4.0-1
 	[wheezy] - xen <not-affected> (Vulnerable code only present from 4.2 onwards)
 	[squeeze] - xen <not-affected> (Vulnerable code only present from 4.2 onwards)
 CVE-2013-4368 (The outs instruction emulation in Xen 3.1.x, 4.2.x, 4.3.x, and ...)
@@ -20690,7 +20690,7 @@
 	- davfs2 1.4.7-3 (bug #723034)
 	NOTE: http://savannah.nongnu.org/bugs/?40034
 CVE-2013-4361 (The fbld instruction emulation in Xen 3.3.x through 4.3.x does not use ...)
-	- xen <unfixed>
+	- xen 4.4.0-1
 	[squeeze] - xen <end-of-life> (Unsupported in squeeze-lts)
 CVE-2013-4360
 	RESERVED
@@ -20707,7 +20707,7 @@
 	- eglibc <unfixed> (unimportant; bug #742925)
 	NOTE: http://sourceware.org/bugzilla/show_bug.cgi?id=12671
 CVE-2013-4356 (Xen 4.3.x writes hypervisor mappings to certain shadow pagetables when ...)
-	- xen <unfixed>
+	- xen 4.4.0-1
 	[wheezy] - xen <not-affected> (Only affects 4.3+)
 	[squeeze] - xen <not-affected> (Only affects 4.3+)
 CVE-2013-4355 (Xen 4.3.x and earlier does not properly handle certain errors, which ...)

More information about the Secure-testing-commits mailing list