[Secure-testing-commits] r34953 - data/CVE
Salvatore Bonaccorso
carnil at moszumanska.debian.org
Mon Jun 15 17:42:42 UTC 2015
Author: carnil
Date: 2015-06-15 17:42:42 +0000 (Mon, 15 Jun 2015)
New Revision: 34953
Modified:
data/CVE/list
Log:
Update CVE-2015-1850 and CVE-2015-1851
According to Red Hat Bugzilla information there were actually two CVEs
assigned. CVE-2015-1850 was for the issue in nova, CVE-2015-1851 for the
issue in cinder.
Modified: data/CVE/list
===================================================================
--- data/CVE/list 2015-06-15 17:07:59 UTC (rev 34952)
+++ data/CVE/list 2015-06-15 17:42:42 UTC (rev 34953)
@@ -7139,13 +7139,17 @@
[jessie] - python-keystoneclient <no-dsa> (Minor issue)
[wheezy] - python-keystoneclient <not-affected> (s3_token middleware not present)
NOTE: https://launchpad.net/bugs/1411063
-CVE-2015-1851
+CVE-2015-1851 [Host file disclosure through qcow2 backing file]
RESERVED
-CVE-2015-1850 [Format-guessing and file disclosure in image convert]
+ - cinder <unfixed>
+ NOTE: http://www.openwall.com/lists/oss-security/2015/06/13/1
+ NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=1231817
+ NOTE: https://bugs.launchpad.net/cinder/+bug/1415087
+CVE-2015-1850 [Host file disclosure through qcow2 backing file]
RESERVED
- - cinder <unfixed>
- nova <unfixed>
NOTE: http://www.openwall.com/lists/oss-security/2015/06/13/1
+ NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=1231816
NOTE: https://bugs.launchpad.net/cinder/+bug/1415087
CVE-2015-1849
RESERVED
More information about the Secure-testing-commits
mailing list