[Secure-testing-commits] r36367 - data/CVE
Salvatore Bonaccorso
carnil at moszumanska.debian.org
Fri Aug 28 17:38:44 UTC 2015
Author: carnil
Date: 2015-08-28 17:38:44 +0000 (Fri, 28 Aug 2015)
New Revision: 36367
Modified:
data/CVE/list
Log:
Update CVE-2015-5166/qemu
Modified: data/CVE/list
===================================================================
--- data/CVE/list 2015-08-28 14:38:31 UTC (rev 36366)
+++ data/CVE/list 2015-08-28 17:38:44 UTC (rev 36367)
@@ -3828,14 +3828,16 @@
RESERVED
CVE-2015-5166 (Use-after-free vulnerability in QEMU in Xen 4.5.x and earlier does not ...)
- qemu <unfixed> (bug #794611)
+ [jessie] - qemu <not-affected> (Vulnerable code not present)
+ [wheezy] - qemu <not-affected> (Vulnerable code not present)
[squeeze] - qemu <not-affected> (Vulnerable code not present)
- - qemu-kvm <removed>
- [squeeze] - qemu-kvm <not-affected> (Vulnerable code not present)
+ - qemu-kvm <not-affected> (Vulnerable code not present)
- xen 4.4.0-1
[wheezy] - xen <not-affected> (Vulnerable code not present)
[squeeze] - xen <not-affected> (Vulnerable code not present)
NOTE: Xen switched to qemu-system in 4.4.0-1
NOTE: pci_piix3_xen_ide_unplug introduced in http://git.qemu.org/?p=qemu.git;a=commitdiff;h=679f4f8b178e7c66fbc2f39c905374ee8663d5d8 (v1.0-rc0)
+ NOTE: BlockDriverState converted to BlockBackend in http://git.qemu.org/?p=qemu.git;a=commitdiff;h=4be746345f13e99e468c60acbd3a355e8183e3ce (v2.2.0-rc0)
NOTE: Fixed by: http://git.qemu.org/?p=qemu.git;a=commitdiff;h=6cd387833d05e8ad31829d97e474dc420625aed9 (v2.4.0-rc4)
NOTE: http://xenbits.xen.org/xsa/advisory-139.html
CVE-2015-5165 (The C+ mode offload emulation in the RTL8139 network card device model ...)
More information about the Secure-testing-commits
mailing list