[Secure-testing-commits] r28979 - data/CVE
Moritz Muehlenhoff
jmm at moszumanska.debian.org
Tue Sep 23 10:37:58 UTC 2014
Author: jmm
Date: 2014-09-23 10:37:58 +0000 (Tue, 23 Sep 2014)
New Revision: 28979
Modified:
data/CVE/list
Log:
libvirt fixed
Modified: data/CVE/list
===================================================================
--- data/CVE/list 2014-09-23 09:32:07 UTC (rev 28978)
+++ data/CVE/list 2014-09-23 10:37:58 UTC (rev 28979)
@@ -1104,7 +1104,7 @@
CVE-2014-6610 [Remote crash when handling out of call message in certain dialplan configurations]
RESERVED
- asterisk 1:11.12.1~dfsg-1 (medium; bug #762164)
- [squeeze] - asterisk <not-affected>
+ [squeeze] - asterisk <not-affected> (Vulnerable code not present)
NOTE: http://downloads.asterisk.org/pub/security/AST-2014-010.html
NOTE: http://downloads.asterisk.org/pub/security/AST-2014-010-11.diff applies on 1:1.8.13.1~dfsg1-3+deb7u3
NOTE: Squeeze version doesn't have res/res_fax_spandsp.c with the problem.
@@ -7973,7 +7973,7 @@
RESERVED
CVE-2014-3633 [qemu: out-of-bounds read access in qemuDomainGetBlockIoTune() due to invalid index]
RESERVED
- - libvirt <unfixed> (bug #762203)
+ - libvirt 1.2.8-2 (bug #762203)
[squeeze] - libvirt <not-affected> (Vulnerable code introduced in v0.9.8)
NOTE: Upstream fix: http://libvirt.org/git/?p=libvirt.git;a=commit;h=3e745e8f775dfe6f64f18b5c2fe4791b35d3546b
NOTE: Introduced in http://libvirt.org/git/?p=libvirt.git;a=commitdiff;h=eca96694a7f992be633d48d5ca03cedc9bbc3c9a (v0.9.8)
More information about the Secure-testing-commits
mailing list