[Secure-testing-commits] r38576 - data/CVE
Salvatore Bonaccorso
carnil at moszumanska.debian.org
Mon Dec 28 12:23:10 UTC 2015
Author: carnil
Date: 2015-12-28 12:23:10 +0000 (Mon, 28 Dec 2015)
New Revision: 38576
Modified:
data/CVE/list
Log:
Update entry for CVE-2015-8613/qemu
Modified: data/CVE/list
===================================================================
--- data/CVE/list 2015-12-28 10:57:08 UTC (rev 38575)
+++ data/CVE/list 2015-12-28 12:23:10 UTC (rev 38576)
@@ -505,13 +505,13 @@
CVE-2015-8613 [scsi: stack based buffer overflow in megasas_ctrl_get_info]
RESERVED
- qemu <unfixed>
- [squeeze] - qemu <end-of-life> (Unsupported in squeeze-lts)
- - qemu-kvm <removed>
- [squeeze] - qemu-kvm <end-of-life> (Unsupported in squeeze-lts)
+ [wheezy] - qemu <not-affected> (Vulnerable code not present)
+ [squeeze] - qemu <not-affected> (Vulnerable code not present)
+ - qemu-kvm <not-affected> (Vulnerable code not present)
NOTE: https://lists.gnu.org/archive/html/qemu-devel/2015-12/msg03737.html
NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=1284008
NOTE: http://www.openwall.com/lists/oss-security/2015/12/21/7
- TODO: check
+ NOTE: LSI Megaraid SAS HBA emulation introduced in http://git.qemu.org/?p=qemu.git;a=commitdiff;h=e8f943c3bcc2a578bfd30b825f2ebaf345c63a09 (v1.2.0-rc0)
CVE-2015-8618 [math/big: fix carry propagation in Int.Exp Montgomery code]
RESERVED
- golang <unfixed> (bug #809168)
More information about the Secure-testing-commits
mailing list