[Secure-testing-commits] r38356 - data/CVE

Salvatore Bonaccorso carnil at moszumanska.debian.org
Wed Dec 16 13:32:32 UTC 2015


Author: carnil
Date: 2015-12-16 13:32:32 +0000 (Wed, 16 Dec 2015)
New Revision: 38356

Modified:
   data/CVE/list
Log:
Add another bug reference for qemu issues

Modified: data/CVE/list
===================================================================
--- data/CVE/list	2015-12-16 13:31:24 UTC (rev 38355)
+++ data/CVE/list	2015-12-16 13:32:32 UTC (rev 38356)
@@ -32,7 +32,7 @@
 	NOTE: https://twitter.com/grsecurity/status/676744240802750464
 	NOTE: https://lkml.org/lkml/2015/12/14/252
 CVE-2015-8568 [net: vmxnet3: host memory leakage -- did not free the transmit & receive buffers while deactivating]
-	- qemu <unfixed>
+	- qemu <unfixed> (bug #808145)
 	[wheezy] - qemu <not-affected> (Vulnerable code not present)
 	[squeeze] - qemu <not-affected> (Vulnerable code not present)
 	- qemu-kvm <not-affected> (Vulnerable code not present)
@@ -40,7 +40,7 @@
 	NOTE: http://www.openwall.com/lists/oss-security/2015/12/15/4
 	TODO: check
 CVE-2015-8567 [net: vmxnet3: host memory leakage -- does not check if the device is active before activating it]
-	- qemu <unfixed>
+	- qemu <unfixed> (bug #808145)
 	[wheezy] - qemu <not-affected> (Vulnerable code not present)
 	[squeeze] - qemu <not-affected> (Vulnerable code not present)
 	- qemu-kvm <not-affected> (Vulnerable code not present)




More information about the Secure-testing-commits mailing list