[Secure-testing-commits] r36200 - data/CVE
Moritz Muehlenhoff
jmm at moszumanska.debian.org
Wed Aug 19 21:04:21 UTC 2015
Author: jmm
Date: 2015-08-19 21:04:21 +0000 (Wed, 19 Aug 2015)
New Revision: 36200
Modified:
data/CVE/list
Log:
nova unimportant
Modified: data/CVE/list
===================================================================
--- data/CVE/list 2015-08-19 21:00:44 UTC (rev 36199)
+++ data/CVE/list 2015-08-19 21:04:21 UTC (rev 36200)
@@ -12669,12 +12669,11 @@
NOTE: https://bugs.launchpad.net/cinder/+bug/1415087
CVE-2015-1850 [Host file disclosure through qcow2 backing file]
RESERVED
- - nova <unfixed>
- [jessie] - nova <no-dsa> (Minor issue)
- [wheezy] - nova <no-dsa> (Minor issue)
+ - nova <unfixed> (unimportant)
NOTE: http://www.openwall.com/lists/oss-security/2015/06/13/1
NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=1231816
- NOTE: https://bugs.launchpad.net/cinder/+bug/1415087
+ NOTE: According to https://bugs.launchpad.net/cinder/+bug/1415087 not exploitable
+ NOTE: in nova, cinder covered by separate CVE ID CVE-2015-1851
CVE-2015-1849
RESERVED
NOT-FOR-US: JBoss EAP
More information about the Secure-testing-commits
mailing list