[Secure-testing-commits] r28937 - data/CVE

Salvatore Bonaccorso carnil at moszumanska.debian.org
Sun Sep 21 12:39:09 UTC 2014 

Author: carnil
Date: 2014-09-21 12:39:09 +0000 (Sun, 21 Sep 2014)
New Revision: 28937

Modified:
   data/CVE/list
Log:
Add fixed versions for xen issues

Modified: data/CVE/list
===================================================================
--- data/CVE/list	2014-09-21 09:14:15 UTC (rev 28936)
+++ data/CVE/list	2014-09-21 12:39:09 UTC (rev 28937)
@@ -5970,7 +5970,7 @@
 	- ppc64-diag <itp> (bug #740179)
 CVE-2014-4021 (Xen 3.2.x through 4.4.x does not properly clean memory pages recovered ...)
 	{DSA-3006-1}
-	- xen <unfixed> (bug #751894)
+	- xen 4.4.1-1 (bug #751894)
 	[squeeze] - xen <end-of-life> (Unsupported in squeeze-lts)
 CVE-2014-4020 (The dissect_frame function in epan/dissectors/packet-frame.c in the ...)
 	- wireshark 1.10.8-1
@@ -6188,11 +6188,11 @@
 	[wheezy] - pulseaudio <no-dsa> (Minor issue)
 	NOTE: http://lists.freedesktop.org/archives/pulseaudio-discuss/2014-May/020740.html
 CVE-2014-3968 (The HVMOP_inject_msi function in Xen 4.2.x, 4.3.x, and 4.4.x allows ...)
-	- xen <unfixed> (bug #757724)
+	- xen 4.4.1-1 (bug #757724)
 	[wheezy] - xen <not-affected> (Xen versions from 4.2 onwards are vulnerable)
 	[squeeze] - xen <not-affected> (Xen versions from 4.2 onwards are vulnerable)
 CVE-2014-3967 (The HVMOP_inject_msi function in Xen 4.2.x, 4.3.x, and 4.4.x does not ...)
-	- xen <unfixed> (bug #757724)
+	- xen 4.4.1-1 (bug #757724)
 	[wheezy] - xen <not-affected> (Xen versions from 4.2 onwards are vulnerable)
 	[squeeze] - xen <not-affected> (Xen versions from 4.2 onwards are vulnerable)
 CVE-2014-3966 (Cross-site scripting (XSS) vulnerability in Special:PasswordReset in ...)
@@ -8384,7 +8384,7 @@
 	- xen <not-affected> (Only 32- and 64-bit ARM systems are affected from Xen 4.4 onwards)
 CVE-2014-3124 (The HVMOP_set_mem_type control in Xen 4.1 through 4.4.x allows local ...)
 	{DSA-3006-1}
-	- xen <unfixed> (bug #757724)
+	- xen 4.4.1-1 (bug #757724)
 	[squeeze] - xen <not-affected> (Xen versions from 4.1 onwards are vulnerable)
 CVE-2014-3123 (Cross-site scripting (XSS) vulnerability in admin/manage-images.php in ...)
 	NOT-FOR-US: Wordpress plugin
@@ -9965,7 +9965,7 @@
 	RESERVED
 CVE-2014-2599 (The HVMOP_set_mem_access HVM control operations in Xen 4.1.x for ...)
 	{DSA-3006-1}
-	- xen <unfixed> (bug #757724)
+	- xen 4.4.1-1 (bug #757724)
 	[squeeze] - xen <not-affected> (Only affects 4.1 and later)
 CVE-2014-2585 (ownCloud before 5.0.15 and 6.x before 6.0.2, when the file_external ...)
 	- owncloud 6.0.2+dfsg-1

More information about the Secure-testing-commits mailing list