[Secure-testing-commits] r30169 - data/CVE

Moritz Muehlenhoff jmm at moszumanska.debian.org
Wed Nov 19 22:51:45 UTC 2014 

Author: jmm
Date: 2014-11-19 22:51:45 +0000 (Wed, 19 Nov 2014)
New Revision: 30169

Modified:
   data/CVE/list
Log:
bug filed for xen
xfca no-dsa


Modified: data/CVE/list
===================================================================
--- data/CVE/list	2014-11-19 22:43:56 UTC (rev 30168)
+++ data/CVE/list	2014-11-19 22:51:45 UTC (rev 30169)
@@ -1350,11 +1350,11 @@
 	TODO: check
 CVE-2014-8595 [XSA-110]
 	RESERVED
-	- xen <unfixed>
+	- xen <unfixed> (bug #770230)
 	[squeeze] - xen <end-of-life> (Unsupported in squeeze-lts)
 CVE-2014-8594 [XSA-109]
 	RESERVED
-	- xen <unfixed>
+	- xen <unfixed> (bug #770230)
 	[squeeze] - xen <end-of-life> (Unsupported in squeeze-lts)
 CVE-2014-8593 (Multiple cross-site scripting (XSS) vulnerabilities in Allomani ...)
 	NOT-FOR-US: Allomani Weblinks
@@ -9170,10 +9170,12 @@
 CVE-2014-5255 [Insecure use of temporary file related to the /tmp/get_infos_dvd.sh]
 	RESERVED
 	- xcfa <unfixed> (low; bug #756600)
+	[jessie] - xcfa <no-dsa> (Minor issue)
 	[wheezy] - xcfa <no-dsa> (Minor issue)
 CVE-2014-5254 [Symlink following issues]
 	RESERVED
 	- xcfa <unfixed> (low; bug #756600)
+	[jessie] - xcfa <no-dsa> (Minor issue)
 	[wheezy] - xcfa <no-dsa> (Minor issue)
 CVE-2014-XXXX [Enforce use of HTTPS for MathJax in IPython]
 	- ipython 0.12-1
@@ -9446,7 +9448,7 @@
 CVE-2014-5150
 	RESERVED
 CVE-2014-5149 (Certain MMU virtualization operations in Xen 4.2.x through 4.4.x, when ...)
-	- xen <unfixed>
+	- xen <unfixed> (low; bug #770230)
 	[wheezy] - xen <no-dsa> (Minor issue, too intrusive to backport)
 	[squeeze] - xen <end-of-life> (Unsupported in squeeze-lts)
 CVE-2014-5148 (Xen 4.4.x, when running on an ARM system and "handling an unknown ...)
@@ -9458,7 +9460,7 @@
 	[wheezy] - xen <not-affected> (Vulnerable code not present)
 	[squeeze] - xen <not-affected> (Vulnerable code not present)
 CVE-2014-5146 (Certain MMU virtualization operations in Xen 4.2.x through 4.4.x ...)
-	- xen <unfixed> (low)
+	- xen <unfixed> (low; bug #770230)
 	[wheezy] - xen <no-dsa> (Minor issue, too intrusive to backport)
 	[squeeze] - xen <end-of-life> (Unsupported in squeeze-lts)
 CVE-2014-5145

More information about the Secure-testing-commits mailing list