[Secure-testing-commits] r30276 - data/CVE
Moritz Muehlenhoff
jmm at moszumanska.debian.org
Mon Nov 24 12:27:40 UTC 2014
Author: jmm
Date: 2014-11-24 12:27:40 +0000 (Mon, 24 Nov 2014)
New Revision: 30276
Modified:
data/CVE/list
Log:
record upstream fixes for older unimportant kernel issues
Modified: data/CVE/list
===================================================================
--- data/CVE/list 2014-11-24 11:58:09 UTC (rev 30275)
+++ data/CVE/list 2014-11-24 12:27:40 UTC (rev 30276)
@@ -10942,7 +10942,7 @@
CVE-2014-4612
RESERVED
CVE-2014-4611 (Integer overflow in the LZ4 algorithm implementation, as used in Yann ...)
- - linux <unfixed> (unimportant)
+ - linux 3.14.9-1 (unimportant)
[wheezy] - linux <not-affected> (LZ4 support introduced in 3.11)
- linux-2.6 <not-affected> (LZ4 support introduced in 3.11)
NOTE: possible fix in https://lkml.org/lkml/2014/7/4/288
@@ -43007,7 +43007,7 @@
NOT-FOR-US: Havalite CMS
CVE-2013-0160 (The Linux kernel through 3.7.9 allows local users to obtain sensitive ...)
{DSA-2669-1}
- - linux <unfixed> (unimportant)
+ - linux 3.8.12-1 (unimportant)
- linux-2.6 <removed> (unimportant)
NOTE: Minor information leak, rather a missing hardening feature than a security vulnerability.
CVE-2013-0159
@@ -45496,7 +45496,7 @@
- lighttpd 1.4.31-2
[squeeze] - lighttpd <not-affected> (Introduced in 1.4.31)
CVE-2012-5532 (The main function in tools/hv/hv_kvp_daemon.c in hypervkvpd, as ...)
- - linux <unfixed> (unimportant)
+ - linux 3.8-1 (unimportant)
- linux-2.6 <not-affected> (userspace daemon not yet present)
NOTE: hyperv tools are not build in sid
CVE-2012-5531 (Multiple cross-site scripting (XSS) vulnerabilities in the GateIn ...)
More information about the Secure-testing-commits
mailing list