[Secure-testing-commits] r25192 - data/CVE
Moritz Muehlenhoff
jmm at moszumanska.debian.org
Tue Jan 14 09:51:11 UTC 2014
Author: jmm
Date: 2014-01-14 09:51:10 +0000 (Tue, 14 Jan 2014)
New Revision: 25192
Modified:
data/CVE/list
Log:
xen updates
Modified: data/CVE/list
===================================================================
--- data/CVE/list 2014-01-14 09:14:11 UTC (rev 25191)
+++ data/CVE/list 2014-01-14 09:51:10 UTC (rev 25192)
@@ -1496,6 +1496,7 @@
- libav <unfixed>
- ffmpeg <removed>
NOTE: Fix in ffmpeg: http://git.videolan.org/?p=ffmpeg.git;a=commit;h=e74cd2f4706f71da5e9205003c1d8263b54ed3fb
+ NOTE: Fix in libav: http://git.libav.org/?p=libav.git;a=commit;h=2115a3597457231a6e5c0527fe0ff8550f64b733
CVE-2012-6617 (The prepare_sdp_description function in ffserver.c in FFmpeg before ...)
- libav <unfixed>
- ffmpeg <removed>
@@ -9155,7 +9156,7 @@
{DSA-2794-1}
- spip 2.1.24-1 (bug #729172)
CVE-2013-4554 (Xen 3.0.3 through 4.1.x (possibly 4.1.6.1), 4.2.x (possibly 4.2.3), ...)
- - xen <unfixed>
+ - xen <not-affected> (Doesn't affect Linux)
CVE-2013-4553 (The XEN_DOMCTL_getmemlist hypercall in Xen 3.4.x through 4.3.x ...)
- xen <unfixed>
CVE-2013-4552
@@ -9749,7 +9750,8 @@
CVE-2013-4375 [qemu disk backend (qdisk) resource leak]
RESERVED
- xen 4.2
- [squeeze] - xen <not-affected> (potentially affected by 4.1 versions and above)
+ [squeeze] - xen <not-affected> (Only affects 4.2 and later)
+ [wheezy] - xen <not-affected> (Only affects 4.2 and later)
- qemu 1.7.0+dfsg-1
[jessie] - qemu <not-affected> (Xen in Wheezy uses it's internal copy of qemu)
[wheezy] - qemu <not-affected> (Xen in Wheezy uses it's internal copy of qemu)
More information about the Secure-testing-commits
mailing list