[Secure-testing-commits] r32836 - data/CVE

Salvatore Bonaccorso carnil at moszumanska.debian.org
Fri Mar 13 05:44:20 UTC 2015


Author: carnil
Date: 2015-03-13 05:44:20 +0000 (Fri, 13 Mar 2015)
New Revision: 32836

Modified:
   data/CVE/list
Log:
Update TODO for CVE-2015-2152

NOTE: vulnerable code seems present as well in wheezy, but double-check
needed since I have not verified the circumstancen when the
vulnerability takes effect according to
http://xenbits.xen.org/xsa/advisory-119.html

Modified: data/CVE/list
===================================================================
--- data/CVE/list	2015-03-13 04:56:23 UTC (rev 32835)
+++ data/CVE/list	2015-03-13 05:44:20 UTC (rev 32836)
@@ -341,7 +341,7 @@
 	RESERVED
 	- xen <unfixed>
 	NOTE: http://xenbits.xen.org/xsa/advisory-119.html
-	TODO: check
+	TODO: check: vulnerable code seems present
 CVE-2015-2151 [Hypervisor memory corruption due to x86 emulator flaw]
 	RESERVED
 	{DSA-3181-1}




More information about the Secure-testing-commits mailing list