[Secure-testing-commits] r35512 - data/CVE

Thu Jul 16 17:31:48 UTC 2015

Author: benh
Date: 2015-07-16 17:31:48 +0000 (Thu, 16 Jul 2015)
New Revision: 35512

Modified:
   data/CVE/list
Log:
Mark virtualbox-ose issues unfixed in squeeze-lts, as it is still supported

Modified: data/CVE/list
===================================================================

--- data/CVE/list	2015-07-16 17:06:27 UTC (rev 35511)
+++ data/CVE/list	2015-07-16 17:31:48 UTC (rev 35512)
@@ -5148,6 +5148,7 @@
 	[squeeze] - xen-qemu-dm-4.0 <end-of-life> (Not supported in Squeeze LTS)
 	- virtualbox 4.3.28-dfsg-1 (bug #785424)
 	- virtualbox-ose <removed>
+	[squeeze] - virtualbox-ose <unfixed>
 	NOTE: http://www.oracle.com/technetwork/topics/security/alert-cve-2015-3456-2542656.html
 	NOTE: http://venom.crowdstrike.com/
 CVE-2015-3454
@@ -15357,6 +15358,7 @@
 	{DSA-3143-1 DLA-268-1}
 	- virtualbox 4.3.2-dfsg-1 (low; bug #775888)
 	- virtualbox-ose <removed> (low)
+	[squeeze] - virtualbox-ose <unfixed>
 	NOTE: This only affects releases < 4.3, so marking the first 4.3 upload as the fixed version
 	NOTE: Upstream patches in https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=775888#30
 CVE-2015-0417 (Unspecified vulnerability in the Siebel UI Framework component in ...)
@@ -15496,6 +15498,7 @@
 	{DSA-3143-1 DLA-268-1}
 	- virtualbox 4.3.2-dfsg-1 (bug #775888)
 	- virtualbox-ose <removed>
+	[squeeze] - virtualbox-ose <unfixed>
 	NOTE: According to http://www.oracle.com/technetwork/topics/security/cpujan2015-1972971.html the 4.3
 	NOTE: series is not affected, so marking the first 4.3 upload as fixed
 	NOTE: Upstream patches in https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=775888#30
@@ -38209,6 +38212,7 @@
 	{DSA-2904-1}
 	- virtualbox 4.3.10-dfsg-1 (bug #741602)
 	- virtualbox-ose <removed> (bug #741602)
+	[squeeze] - virtualbox-ose <unfixed>
 	NOTE: http://www.coresecurity.com/advisories/oracle-virtualbox-3d-acceleration-multiple-memory-corruption-vulnerabilities
 CVE-2014-0982
 	REJECTED
@@ -38216,6 +38220,7 @@
 	{DSA-2904-1}
 	- virtualbox 4.3.10-dfsg-1 (bug #741602)
 	- virtualbox-ose <removed> (bug #741602)
+	[squeeze] - virtualbox-ose <unfixed>
 	NOTE: http://www.coresecurity.com/advisories/oracle-virtualbox-3d-acceleration-multiple-memory-corruption-vulnerabilities
 CVE-2014-0980 (Buffer overflow in Poster Software PUBLISH-iT 3.6d allows remote ...)
 	NOT-FOR-US: Publish-It
@@ -39898,10 +39903,12 @@
 	{DSA-2878-1}
 	- virtualbox-ose <removed> (low)
 	- virtualbox 4.3.6-dfsg-1 (low; bug #735410)
+	[squeeze] - virtualbox-ose <unfixed>
 CVE-2014-0406 (Unspecified vulnerability in the Oracle VM VirtualBox component in ...)
 	{DSA-2878-1}
 	- virtualbox-ose <removed> (low)
 	- virtualbox 4.3.6-dfsg-1 (low; bug #735410)
+	[squeeze] - virtualbox-ose <unfixed>
 CVE-2014-0405 (Unspecified vulnerability in the Oracle VM VirtualBox component in ...)
 	- virtualbox-guest-additions <removed> (bug #735410)
 	[squeeze] - virtualbox-guest-additions <no-dsa> (Non-free not supported)
@@ -39911,6 +39918,7 @@
 	{DSA-2878-1}
 	- virtualbox-ose <removed> (low)
 	- virtualbox 4.3.6-dfsg-1 (low; bug #735410)
+	[squeeze] - virtualbox-ose <unfixed>
 CVE-2014-0403 (Unspecified vulnerability in Oracle Java SE 6u65 and 7u45 allows ...)
 	- openjdk-6 <not-affected> (Deployment components not part of OpenJDK, only present in Oracle Java)
 	- openjdk-7 <not-affected> (Deployment components not part of OpenJDK, only present in Oracle Java)
@@ -44582,6 +44590,7 @@
 	{DSA-2878-1}
 	- virtualbox-ose <removed> (low)
 	- virtualbox 4.3.6-dfsg-1 (low; bug #735410)
+	[squeeze] - virtualbox-ose <unfixed>
 CVE-2013-5891 (Unspecified vulnerability in the MySQL Server component in Oracle ...)
 	{DSA-2848-1}
 	- mariadb-5.5 5.5.35-1
@@ -69602,6 +69611,7 @@
 	{DSA-2594-1}
 	- virtualbox 4.1.18-dfsg-1.1 (bug #690777)
 	- virtualbox-ose <removed>
+	[squeeze] - virtualbox-ose <unfixed>
 	NOTE: http://www.halfdog.net/Security/2012/VirtualBoxSoftwareInterrupt0x8GuestCrash/
 CVE-2012-3220 (Unspecified vulnerability in the Spatial component in Oracle Database ...)
 	NOT-FOR-US: Oracle Database Server


