[Secure-testing-commits] r37679 - data/CVE
Salvatore Bonaccorso
carnil at moszumanska.debian.org
Fri Nov 13 07:54:12 UTC 2015
Author: carnil
Date: 2015-11-13 07:54:12 +0000 (Fri, 13 Nov 2015)
New Revision: 37679
Modified:
data/CVE/list
Log:
Add fixed version for four more xen CVEs
Modified: data/CVE/list
===================================================================
--- data/CVE/list 2015-11-13 06:38:02 UTC (rev 37678)
+++ data/CVE/list 2015-11-13 07:54:12 UTC (rev 37679)
@@ -10422,12 +10422,12 @@
NOTE: https://github.com/imotov/elasticsearch/commit/f5cfb2a1869d1a52930cbd3138278a6e2c1b22e6
CVE-2015-4164 (The compat_iret function in Xen 3.1 through 4.5 iterates the wrong way ...)
{DSA-3286-1}
- - xen <unfixed> (bug #795721)
+ - xen 4.6.0-1 (bug #795721)
[squeeze] - xen <end-of-life> (Not supported in Squeeze LTS)
NOTE: http://xenbits.xen.org/xsa/advisory-136.html
CVE-2015-4163 (GNTTABOP_swap_grant_ref in Xen 4.2 through 4.5 does not check the ...)
{DSA-3286-1}
- - xen <unfixed> (bug #795721)
+ - xen 4.6.0-1 (bug #795721)
[wheezy] - xen <not-affected> (Xen 4.2 onwards are vulnerable)
[squeeze] - xen <not-affected> (Xen 4.2 onwards are vulnerable)
NOTE: http://xenbits.xen.org/xsa/advisory-134.html
@@ -12824,7 +12824,7 @@
- libv8-3.14 <unfixed> (unimportant)
NOTE: libv8 not covered by security support
CVE-2015-3340 (Xen 4.2.x through 4.5.x does not initialize certain fields, which ...)
- - xen <unfixed> (unimportant; bug #784011)
+ - xen 4.6.0-1 (unimportant; bug #784011)
[jessie] - xen <no-dsa> (Can be fixed along with a future DSA)
[wheezy] - xen 4.1.4-3+deb7u8
[squeeze] - xen <end-of-life> (Not supported in Squeeze LTS)
@@ -13099,7 +13099,7 @@
CVE-2015-3260
RESERVED
CVE-2015-3259 (Stack-based buffer overflow in the xl command line utility in Xen ...)
- - xen <unfixed> (low; bug #795721)
+ - xen 4.6.0-1 (low; bug #795721)
[jessie] - xen <no-dsa> (Can be fixed along with a future DSA)
[wheezy] - xen <no-dsa> (Can be fixed along with a future DSA)
[squeeze] - xen <not-affected> (xl not shipped in Squeeze)
More information about the Secure-testing-commits
mailing list