[Secure-testing-commits] r33397 - data/CVE

[Salvatore Bonaccorso]

Author: carnil
Date: 2015-04-06 18:13:21 +0000 (Mon, 06 Apr 2015)
New Revision: 33397

Modified:
   data/CVE/list
Log:
Add qemu for CVE-2015-2756, thanks waldi

Modified: data/CVE/list
===================================================================
--- data/CVE/list	2015-04-06 18:08:05 UTC (rev 33396)
+++ data/CVE/list	2015-04-06 18:13:21 UTC (rev 33397)
@@ -254,7 +254,10 @@
 	NOTE: http://www.openwall.com/lists/oss-security/2015/03/28/5
 CVE-2015-2756 (QEMU, as used in Xen 3.3.x through 4.5.x, does not properly restrict ...)
 	- xen <unfixed> (bug #781620)
+	- qemu <unfixed>
+	- qemu-kvm <removed>
 	NOTE: http://xenbits.xen.org/xsa/advisory-126.html
+	TODO: check qemu versions
 CVE-2015-2755 (Multiple cross-site request forgery (CSRF) vulnerabilities in the AB ...)
 	NOT-FOR-US: AB Google Map Travel (AB-MAP) plugin for WordPress
 CVE-2015-2752 (The XEN_DOMCTL_memory_mapping hypercall in Xen 3.2.x through 4.5.x, ...)