[Secure-testing-commits] r29773 - data/CVE
Joey Hess
joeyh at moszumanska.debian.org
Fri Oct 31 21:14:31 UTC 2014
Author: joeyh
Date: 2014-10-31 21:14:31 +0000 (Fri, 31 Oct 2014)
New Revision: 29773
Modified:
data/CVE/list
Log:
automatic update
Modified: data/CVE/list
===================================================================
--- data/CVE/list 2014-10-31 20:46:13 UTC (rev 29772)
+++ data/CVE/list 2014-10-31 21:14:31 UTC (rev 29773)
@@ -2904,6 +2904,7 @@
RESERVED
CVE-2014-7207 [Regression introduced in 3.2.63]
RESERVED
+ {DSA-3060-1}
- linux <not-affected> (Issue specific to 3.2.x)
NOTE: In 3.2.x introduced with https://git.kernel.org/cgit/linux/kernel/git/bwh/linux-3.2.y.git/commit/?h=linux-3.2.y&id=64b5c251d5b2cee4a0f697bfb90d79263f6dd517
NOTE: which is a backport of https://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=73f156a6e8c1074ac6327e0abd1169e95eb66463 (v3.16-rc1)
@@ -11186,6 +11187,7 @@
NOT-FOR-US: Foreman Smart Proxy
CVE-2014-3690
RESERVED
+ {DSA-3060-1}
- linux <unfixed>
- linux-2.6 <removed>
NOTE: Upstream fix: https://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=d974baa398f34393db76be45f7d4d04fbdbb4a0a (v3.18-rc1)
@@ -11198,11 +11200,13 @@
NOTE: http://git.qemu.org/?p=qemu.git;a=commitdiff;h=83afa38eb20ca27e30683edc7729880e091387fc
CVE-2014-3688 [net: sctp: remote memory pressure from excessive queueing]
RESERVED
+ {DSA-3060-1}
- linux <unfixed>
- linux-2.6 <removed>
NOTE: Upstream commit: https://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=26b87c7881006311828bb0ab271a551a62dcceb4 (v3.18-rc1)
CVE-2014-3687 [net: sctp: fix panic on duplicate ASCONF chunks]
RESERVED
+ {DSA-3060-1}
- linux <unfixed>
- linux-2.6 <removed>
NOTE: Upstream commit: https://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=b69040d8e39f20d5215a03502a8e8b4c6ab78395 (v3.18-rc1)
@@ -11248,6 +11252,7 @@
RESERVED
CVE-2014-3673 [sctp: skb_over_panic when receiving malformed ASCONF chunks]
RESERVED
+ {DSA-3060-1}
- linux <unfixed>
- linux-2.6 <removed>
NOTE: Upstream commit: https://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=9de7922bc709eee2f609cd01d98aaedc4cf5ea74 (v3.18-rc1)
@@ -11329,17 +11334,20 @@
RESERVED
CVE-2014-3647
RESERVED
+ {DSA-3060-1}
- linux <unfixed>
- linux-2.6 <removed>
NOTE: https://git.kernel.org/cgit/virt/kvm/kvm.git/commit/?id=234f3ce485d54017f15cf5e0699cff4100121601
NOTE: https://git.kernel.org/cgit/virt/kvm/kvm.git/commit/?id=d1442d85cc30ea75f7d399474ca738e0bc96f715
CVE-2014-3646
RESERVED
+ {DSA-3060-1}
- linux <unfixed>
- linux-2.6 <removed>
NOTE: https://git.kernel.org/cgit/virt/kvm/kvm.git/commit/?id=a642fc305053cc1c6e47e4f4df327895747ab485
CVE-2014-3645
RESERVED
+ {DSA-3060-1}
- linux 3.12.6-1
- linux-2.6 <removed>
NOTE: http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=bfd0a56b90005f8c8a004baf407ad90045c2b11e (v3.12-rc1)
@@ -11468,11 +11476,13 @@
RESERVED
CVE-2014-3611
RESERVED
+ {DSA-3060-1}
- linux <unfixed>
- linux-2.6 <removed>
NOTE: https://git.kernel.org/cgit/virt/kvm/kvm.git/commit/?id=2febc839133280d5a5e8e1179c94ea674489dae2
CVE-2014-3610
RESERVED
+ {DSA-3060-1}
- linux <unfixed>
- linux-2.6 <removed>
NOTE: https://git.kernel.org/cgit/virt/kvm/kvm.git/commit/?id=854e8bb1aa06c578c2c9145fa6bfe3680ef63b23
@@ -17260,13 +17270,13 @@
CVE-2014-1587
RESERVED
CVE-2014-1586 (content/base/src/nsDocument.cpp in Mozilla Firefox before 33.0, ...)
- {DSA-3050-1}
+ {DSA-3061-1 DSA-3050-1}
- iceweasel 31.2.0esr-1
- icedove <unfixed>
[squeeze] - iceweasel <end-of-life>
[squeeze] - icedove <end-of-life>
CVE-2014-1585 (The WebRTC video-sharing feature in dom/media/MediaManager.cpp in ...)
- {DSA-3050-1}
+ {DSA-3061-1 DSA-3050-1}
- iceweasel 31.2.0esr-1
- icedove <unfixed>
[squeeze] - iceweasel <end-of-life>
@@ -17277,7 +17287,7 @@
[squeeze] - iceweasel <end-of-life>
[squeeze] - icedove <end-of-life>
CVE-2014-1583 (The Alarm API in Mozilla Firefox before 33.0 and Firefox ESR 31.x ...)
- {DSA-3050-1}
+ {DSA-3061-1 DSA-3050-1}
- iceweasel 31.2.0esr-1
[squeeze] - iceweasel <end-of-life>
CVE-2014-1582 (The Public Key Pinning (PKP) implementation in Mozilla Firefox before ...)
@@ -17286,7 +17296,7 @@
[squeeze] - iceweasel <end-of-life>
[squeeze] - icedove <end-of-life>
CVE-2014-1581 (Use-after-free vulnerability in DirectionalityUtils.cpp in Mozilla ...)
- {DSA-3050-1}
+ {DSA-3061-1 DSA-3050-1}
- iceweasel 31.2.0esr-1
- icedove <unfixed>
[squeeze] - iceweasel <end-of-life>
@@ -17299,7 +17309,7 @@
CVE-2014-1579
RESERVED
CVE-2014-1578 (The get_tile function in Mozilla Firefox before 33.0, Firefox ESR 31.x ...)
- {DSA-3050-1}
+ {DSA-3061-1 DSA-3050-1}
- iceweasel 31.2.0esr-1
- icedove <unfixed>
[squeeze] - iceweasel <end-of-life>
@@ -17310,13 +17320,13 @@
NOTE: https://www.mozilla.org/security/announce/2014/mfsa2014-77.html
NOTE: https://hg.mozilla.org/releases/mozilla-esr31/rev/6023f0b4f8ba
CVE-2014-1577 (The mozilla::dom::OscillatorNodeEngine::ComputeCustom function in the ...)
- {DSA-3050-1}
+ {DSA-3061-1 DSA-3050-1}
- iceweasel 31.2.0esr-1
- icedove <unfixed>
[squeeze] - iceweasel <end-of-life>
[squeeze] - icedove <end-of-life>
CVE-2014-1576 (Heap-based buffer overflow in the nsTransformedTextRun function in ...)
- {DSA-3050-1}
+ {DSA-3061-1 DSA-3050-1}
- iceweasel 31.2.0esr-1
- icedove <unfixed>
[squeeze] - iceweasel <end-of-life>
@@ -17327,7 +17337,7 @@
[squeeze] - iceweasel <end-of-life>
[squeeze] - icedove <end-of-life>
CVE-2014-1574 (Multiple unspecified vulnerabilities in the browser engine in Mozilla ...)
- {DSA-3050-1}
+ {DSA-3061-1 DSA-3050-1}
- iceweasel 31.2.0esr-1
- icedove <unfixed>
[squeeze] - iceweasel <end-of-life>
More information about the Secure-testing-commits
mailing list