[Secure-testing-commits] r26856 - data/CVE
Salvatore Bonaccorso
carnil at moszumanska.debian.org
Wed May 7 09:18:05 UTC 2014
Author: carnil
Date: 2014-05-07 09:18:05 +0000 (Wed, 07 May 2014)
New Revision: 26856
Modified:
data/CVE/list
Log:
Mark libvirt issue as unimportant, add explanation
Modified: data/CVE/list
===================================================================
--- data/CVE/list 2014-05-07 09:07:12 UTC (rev 26855)
+++ data/CVE/list 2014-05-07 09:18:05 UTC (rev 26856)
@@ -8188,9 +8188,8 @@
RESERVED
CVE-2014-0179 [Unsafe parsing of XML documents allows arbitrary file read]
RESERVED
- - libvirt 1.2.4-1 (low)
- [wheezy] - libvirt <no-dsa> (Can be fixed along in a future DSA)
- [squeeze] - libvirt <no-dsa> (Can be fixed along in a future DSA)
+ - libvirt 1.2.4-1 (unimportant)
+ NOTE: no ACL mechanism in squeeze and wheezy and all access is root-equivalent
CVE-2014-0178
RESERVED
CVE-2014-0177
More information about the Secure-testing-commits
mailing list