[Secure-testing-commits] r35927 - data/CVE
Salvatore Bonaccorso
carnil at moszumanska.debian.org
Fri Aug 7 18:17:02 UTC 2015
Author: carnil
Date: 2015-08-07 18:17:02 +0000 (Fri, 07 Aug 2015)
New Revision: 35927
Modified:
data/CVE/list
Log:
Update information for CVE-2015-5745
Modified: data/CVE/list
===================================================================
--- data/CVE/list 2015-08-07 18:05:35 UTC (rev 35926)
+++ data/CVE/list 2015-08-07 18:17:02 UTC (rev 35927)
@@ -5,10 +5,12 @@
NOTE: Non-exploitable starting with Wheezy due to D_FORTIFY_SOURCE
CVE-2015-5745 [buffer overflow in virtio-serial]
- qemu <unfixed>
+ [squeeze] - qemu <not-affected> (Vulnerable code introduced later)
- qemu-kvm <removed>
+ [squeeze] - qemu-kvm <not-affected> (Vulnerable code introduced later)
NOTE: http://www.openwall.com/lists/oss-security/2015/08/06/3
NOTE: Fixed by: http://git.qemu.org/?p=qemu.git;a=commitdiff;h=7882080388be5088e72c425b02223c02e6cb4295 (v2.4.0-rc3)
- TODO: check affected versions
+ NOTE: Introduced in: http://git.qemu.org/?p=qemu.git;a=commitdiff;h=98b19252cf1bd97c54bc4613f3537c5ec0aae263 (v0.13.0-rc0)
CVE-2015-5737
RESERVED
CVE-2015-5736
More information about the Secure-testing-commits
mailing list