[Secure-testing-commits] r38508 - data/CVE

[Salvatore Bonaccorso]

Author: carnil
Date: 2015-12-24 06:31:14 +0000 (Thu, 24 Dec 2015)
New Revision: 38508

Modified:
   data/CVE/list
Log:
Merge one qemu entry

Modified: data/CVE/list
===================================================================
--- data/CVE/list	2015-12-24 06:26:47 UTC (rev 38507)
+++ data/CVE/list	2015-12-24 06:31:14 UTC (rev 38508)
@@ -450,13 +450,6 @@
 	[squeeze] - t-coffee <not-affected> (version in Squeeze uses system() and umask is handled correctly by sh (as opposed to later versions that use mkdir()))
 	[wheezy] - t-coffee <no-dsa> (Minor issue)
 	[jessie] - t-coffee <no-dsa> (Minor issue)
-CVE-2015-8619 [hmp: stack based OOB write in hmp_sendkey routine]
-	RESERVED
-	- qemu <unfixed>
-	- qemu-kvm <removed>
-	NOTE: https://lists.gnu.org/archive/html/qemu-devel/2015-12/msg02930.html
-	NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=1283926
-	TODO: check affected versions
 CVE-2015-8617 [format string vulnerability]
 	RESERVED
 	- php7.0 <unfixed>
@@ -506,14 +499,14 @@
 	[wheezy] - xen <not-affected> (Only affects 4.6)
 	[squeeze] - xen <not-affected> (Only affects 4.6)
 	NOTE: http://xenbits.xen.org/xsa/advisory-169.html
-CVE-2015-XXXX [hmp: stack based OOB write in hmp_sendkey routine]
+CVE-2015-8619 [hmp: stack based OOB write in hmp_sendkey routine]
 	- qemu <unfixed>
 	[squeeze] - qemu <end-of-life> (Unsupported in squeeze-lts)
 	- qemu-kvm <removed>
 	[squeeze] - qemu-kvm <end-of-life> (Unsupported in squeeze-lts)
 	NOTE: https://lists.gnu.org/archive/html/qemu-devel/2015-12/msg02930.html
 	NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=1283926
-	TODO: check
+	TODO: check affected versions
 CVE-2015-XXXX [i386: null pointer dereference in vapic_write()]
 	- qemu <unfixed>
 	[squeeze] - qemu <end-of-life> (Unsupported in squeeze-lts)