[Secure-testing-commits] r25286 - in data: . CVE
Moritz Muehlenhoff
jmm at moszumanska.debian.org
Mon Jan 20 07:42:55 UTC 2014
Author: jmm
Date: 2014-01-20 07:42:55 +0000 (Mon, 20 Jan 2014)
New Revision: 25286
Modified:
data/CVE/list
data/dsa-needed.txt
Log:
libvirt N/A
take php-openid
Modified: data/CVE/list
===================================================================
--- data/CVE/list 2014-01-20 07:09:57 UTC (rev 25285)
+++ data/CVE/list 2014-01-20 07:42:55 UTC (rev 25286)
@@ -4856,8 +4856,11 @@
CVE-2013-6457 [avoid crashing if calling `virsh numatune' on inactive domain]
RESERVED
- libvirt 1.2.1-1
+ [wheezy] - libvirt <not-affected> (Vulnerable code not present)
+ [squeeze] - libvirt <not-affected> (Vulnerable code not present)
NOTE: https://www.redhat.com/archives/libvir-list/2013-December/msg01258.html
NOTE: http://libvirt.org/git/?p=libvirt.git;a=commit;h=f9ee91d35510ccbc6fc42cef8864b291b2d220f4
+ NOTE: Introduced in http://libvirt.org/git/?p=libvirt.git;a=commit;h=261c4f5fb93c5e23b8002f2760d4a7937cdb7f63
CVE-2013-6456 [virsh shutdown does not handle symlinks correctly for LXC]
RESERVED
- libvirt <unfixed> (bug #732394)
Modified: data/dsa-needed.txt
===================================================================
--- data/dsa-needed.txt 2014-01-20 07:09:57 UTC (rev 25285)
+++ data/dsa-needed.txt 2014-01-20 07:42:55 UTC (rev 25286)
@@ -68,7 +68,7 @@
--
phpmyadmin (thijs)
--
-php-openid
+php-openid (jmm)
--
pidgin/oldstable
The version in squeeze is likely too outdated anyway, so end-of-life might be the better option
More information about the Secure-testing-commits
mailing list