[Secure-testing-commits] r30967 - data/CVE
Salvatore Bonaccorso
carnil at moszumanska.debian.org
Wed Dec 24 10:24:34 UTC 2014
Author: carnil
Date: 2014-12-24 10:24:34 +0000 (Wed, 24 Dec 2014)
New Revision: 30967
Modified:
data/CVE/list
Log:
Update information for CVE-2014-8136/libvirt
Modified: data/CVE/list
===================================================================
--- data/CVE/list 2014-12-24 10:21:48 UTC (rev 30966)
+++ data/CVE/list 2014-12-24 10:24:34 UTC (rev 30967)
@@ -4402,7 +4402,10 @@
- jasper 1.900.1-debian1-2.3 (bug #773463)
CVE-2014-8136 (The (1) qemuDomainMigratePerform and (2) qemuDomainMigrateFinish2 ...)
- libvirt <unfixed> (bug #773856)
+ [wheezy] - libvirt <not-affected> (Vulnerable code introduced later)
+ [squeeze] - libvirt <not-affected> (Vulnerable code introduced later)
NOTE: Upstream commit: http://libvirt.org/git/?p=libvirt.git;a=commit;h=2bdcd29c713dfedd813c89f56ae98f6f3898313d (v1.2.11-rc2)
+ NOTE: Introduced in http://libvirt.org/git/?p=libvirt.git;a=commitdiff;h=abf75aea247e (v1.1.0-rc1)
CVE-2014-8135 (The storageVolUpload function in storage/storage_driver.c in libvirt ...)
- libvirt <unfixed> (bug #773855)
NOTE: Upstream fix: http://libvirt.org/git/?p=libvirt.git;a=commit;h=87b9437f8951f9d24f9a85c6bbfff0e54df8c984 (v1.2.11-rc1)
More information about the Secure-testing-commits
mailing list