[Secure-testing-commits] r38536 - data/CVE

[Ben Hutchings]

Author: benh
Date: 2015-12-27 05:27:30 +0000 (Sun, 27 Dec 2015)
New Revision: 38536

Modified:
   data/CVE/list
Log:
Add qemu to packages affected by CVE-2015-8550

Modified: data/CVE/list
===================================================================
--- data/CVE/list	2015-12-27 05:26:54 UTC (rev 38535)
+++ data/CVE/list	2015-12-27 05:27:30 UTC (rev 38536)
@@ -1144,8 +1144,10 @@
 CVE-2015-8550 [paravirtualized drivers incautious about shared memory contents]
 	- linux 4.4~rc6-1~exp1
 	- linux-2.6 <removed>
+	- qemu <unfixed>
 	- xen <unfixed>
 	[squeeze] - linux-2.6 <no-dsa> (Xen not supported in Squeeze LTS)
+	[squeeze] - qemu <end-of-life> (Unsupported in Squeeze LTS)
 	[squeeze] - xen <end-of-life> (Unsupported in Squeeze LTS)
 	NOTE: http://xenbits.xen.org/xsa/advisory-155.html
 	NOTE: https://git.kernel.org/linus/454d5d882c7e412b840e3c99010fe81a9862f6fb
@@ -1155,7 +1157,6 @@
 	NOTE: https://git.kernel.org/linus/18779149101c0dd43ded43669ae2a92d21b6f9cb
 	NOTE: https://git.kernel.org/linus/be69746ec12f35b484707da505c6c76ff06f97dc
 	NOTE: https://git.kernel.org/linus/8135cf8b092723dbfcc611fe6fdcb3a36c9951c5
-	TODO: check
 CVE-2015-8549
 	RESERVED
 CVE-2015-8569 [information leak from pptp get{sock,peer}name]