[Secure-testing-commits] r25581 - data/CVE

[Salvatore Bonaccorso]

Author: carnil
Date: 2014-02-07 22:43:41 +0000 (Fri, 07 Feb 2014)
New Revision: 25581

Modified:
   data/CVE/list
Log:
CVEs for XSA-85 and XSA-86 also assigned, add to the tracker

Modified: data/CVE/list
===================================================================
--- data/CVE/list	2014-02-07 22:39:56 UTC (rev 25580)
+++ data/CVE/list	2014-02-07 22:43:41 UTC (rev 25581)
@@ -1,15 +1,26 @@
 CVE-2013-XXXX [OTP token invalidation]
 	- oath-toolkit <unfixed>
 	NOTE: http://lists.nongnu.org/archive/html/oath-toolkit-help/2013-12/msg00000.html
-CVE-2014-1893
+CVE-2014-1896 [XSA-86 libvchan failure handling malicious ring indexes]
 	- xen <unfixed>
+	[squeeze] - xen <not-affected> (Only affects 4.2 and later)
+	[wheezy] - xen <not-affected> (Only affects 4.2 and later)
+CVE-2014-1895 [XSA-85 Off-by-one error in FLASK_AVC_CACHESTAT hypercall]
+	- xen <unfixed>
+	[squeeze] - xen <not-affected> (Only affects 4.2 and later)
+	[wheezy] - xen <not-affected> (Only affects 4.2 and later)
+CVE-2014-1894 [XSA-84]
+	- xen <unfixed>
 	TODO: check
-CVE-2014-1892
+CVE-2014-1893 [XSA-84]
 	- xen <unfixed>
 	TODO: check
-CVE-2014-1891
+CVE-2014-1892 [XSA-84]
 	- xen <unfixed>
 	TODO: check
+CVE-2014-1891 [XSA-84]
+	- xen <unfixed>
+	TODO: check
 CVE-2014-1887
 	NOT-FOR-US: Apache Cordova
 CVE-2014-1886
@@ -90,14 +101,6 @@
 	- python3.4 <unfixed> (low)
 	NOTE: http://bugs.python.org/issue20246
 	TODO: check
-CVE-2014-XXXX [XSA-86 libvchan failure handling malicious ring indexes]
-	- xen <unfixed>
-	[squeeze] - xen <not-affected> (Only affects 4.2 and later)
-	[wheezy] - xen <not-affected> (Only affects 4.2 and later)
-CVE-2014-XXXX [XSA-85 Off-by-one error in FLASK_AVC_CACHESTAT hypercall]
-	- xen <unfixed>
-	[squeeze] - xen <not-affected> (Only affects 4.2 and later)
-	[wheezy] - xen <not-affected> (Only affects 4.2 and later)
 CVE-2014-1875 [insecure use of /tmp]
 	- libcapture-tiny-perl 0.24-1 (bug #737835)
 	[wheezy] - libcapture-tiny-perl <no-dsa> (Minor issue)