[Secure-testing-commits] r30276 - data/CVE

Moritz Muehlenhoff jmm at moszumanska.debian.org
Mon Nov 24 12:27:40 UTC 2014


Author: jmm
Date: 2014-11-24 12:27:40 +0000 (Mon, 24 Nov 2014)
New Revision: 30276

Modified:
   data/CVE/list
Log:
record upstream fixes for older unimportant kernel issues


Modified: data/CVE/list
===================================================================
--- data/CVE/list	2014-11-24 11:58:09 UTC (rev 30275)
+++ data/CVE/list	2014-11-24 12:27:40 UTC (rev 30276)
@@ -10942,7 +10942,7 @@
 CVE-2014-4612
 	RESERVED
 CVE-2014-4611 (Integer overflow in the LZ4 algorithm implementation, as used in Yann ...)
-	- linux <unfixed> (unimportant)
+	- linux 3.14.9-1 (unimportant)
 	[wheezy] - linux <not-affected> (LZ4 support introduced in 3.11)
 	- linux-2.6 <not-affected> (LZ4 support introduced in 3.11)
 	NOTE: possible fix in https://lkml.org/lkml/2014/7/4/288
@@ -43007,7 +43007,7 @@
 	NOT-FOR-US: Havalite CMS
 CVE-2013-0160 (The Linux kernel through 3.7.9 allows local users to obtain sensitive ...)
 	{DSA-2669-1}
-	- linux <unfixed> (unimportant)
+	- linux 3.8.12-1 (unimportant)
 	- linux-2.6 <removed> (unimportant)
 	NOTE: Minor information leak, rather a missing hardening feature than a security vulnerability.
 CVE-2013-0159
@@ -45496,7 +45496,7 @@
 	- lighttpd 1.4.31-2
 	[squeeze] - lighttpd <not-affected> (Introduced in 1.4.31)
 CVE-2012-5532 (The main function in tools/hv/hv_kvp_daemon.c in hypervkvpd, as ...)
-	- linux <unfixed> (unimportant)
+	- linux 3.8-1 (unimportant)
 	- linux-2.6 <not-affected> (userspace daemon not yet present)
 	NOTE: hyperv tools are not build in sid
 CVE-2012-5531 (Multiple cross-site scripting (XSS) vulnerabilities in the GateIn ...)




More information about the Secure-testing-commits mailing list