[Secure-testing-commits] r37422 - in data: . CVE

Thu Oct 29 12:39:21 UTC 2015

Author: jmm
Date: 2015-10-29 12:39:20 +0000 (Thu, 29 Oct 2015)
New Revision: 37422

Modified:
   data/CVE/list
   data/dsa-needed.txt
Log:
add xen to dsa-needed
some xen issues n/a in wheezy


Modified: data/CVE/list
===================================================================

--- data/CVE/list	2015-10-29 12:23:35 UTC (rev 37421)
+++ data/CVE/list	2015-10-29 12:39:20 UTC (rev 37422)
@@ -86,23 +86,19 @@
 	RESERVED
 	- xen <unfixed>
 	NOTE: http://xenbits.xen.org/xsa/advisory-153.html
-	TODO: check
 CVE-2015-7971 [x86: some pmu and profiling hypercalls log without rate limiting]
 	RESERVED
 	- xen <unfixed>
 	NOTE: http://xenbits.xen.org/xsa/advisory-152.html
-	TODO: check
 CVE-2015-7970 [x86: Long latency populate-on-demand operation is not preemptible]
 	RESERVED
 	- xen <unfixed>
 	NOTE: http://xenbits.xen.org/xsa/advisory-150.html
-	TODO: check
 CVE-2015-7969 [leak of main per-domain vcpu pointer array]
 	RESERVED
 	- xen <unfixed>
 	NOTE: http://xenbits.xen.org/xsa/advisory-149.html
 	NOTE: http://xenbits.xen.org/xsa/advisory-151.html
-	TODO: check
 CVE-2015-7968
 	RESERVED
 CVE-2015-7967
@@ -506,7 +502,6 @@
 	RESERVED
 	- xen <unfixed>
 	NOTE: http://xenbits.xen.org/xsa/advisory-148.html
-	TODO: check
 CVE-2015-7834 (Multiple unspecified vulnerabilities in Google V8 before 4.6.85.23, as ...)
 	TODO: check
 CVE-2015-7833 (The usbvision driver in the Linux kernel package 3.10.0-123.20.1.el7 ...)
@@ -551,17 +546,17 @@
 	RESERVED
 	- xen <unfixed>
 	NOTE: http://xenbits.xen.org/xsa/advisory-147.html
-	TODO: check
+	[wheezy] - xen <not-affected> (arm not yet supported)
 CVE-2015-7813 [arm: various unimplemented hypercalls log without rate limiting]
 	RESERVED
 	- xen <unfixed>
+	[wheezy] - xen <not-affected> (arm not yet supported)
 	NOTE: http://xenbits.xen.org/xsa/advisory-146.html
-	TODO: check
 CVE-2015-7812 [arm: Host crash when preempting a multicall]
 	RESERVED
 	- xen <unfixed>
+	[wheezy] - xen <not-affected> (arm not yet supported)
 	NOTE: http://xenbits.xen.org/xsa/advisory-145.html
-	TODO: check
 CVE-2013-7445 (The Direct Rendering Manager (DRM) subsystem in the Linux kernel ...)
 	- linux <unfixed>
 	- linux-2.6 <removed>

Modified: data/dsa-needed.txt
===================================================================
--- data/dsa-needed.txt	2015-10-29 12:23:35 UTC (rev 37421)
+++ data/dsa-needed.txt	2015-10-29 12:39:20 UTC (rev 37422)
@@ -94,6 +94,8 @@
 --
 wpa (carnil)
 --
+xen
+--
 yubiserver
 --
 xscreensaver


