[Secure-testing-commits] r36684 - data/CVE

Tue Sep 15 15:15:46 UTC 2015

Author: carnil
Date: 2015-09-15 15:15:46 +0000 (Tue, 15 Sep 2015)
New Revision: 36684

Modified:
   data/CVE/list
Log:
Add CVE-2015-5278 and CVE-2015-5279 in qemu

Modified: data/CVE/list
===================================================================

--- data/CVE/list	2015-09-15 13:00:59 UTC (rev 36683)
+++ data/CVE/list	2015-09-15 15:15:46 UTC (rev 36684)
@@ -4084,10 +4084,18 @@
 	RESERVED
 CVE-2015-5280
 	RESERVED
-CVE-2015-5279
+CVE-2015-5279 [add checks to validate ring buffer pointers]
 	RESERVED
-CVE-2015-5278
+	- qemu <unfixed>
+	- qemu-kvm <removed>
+	NOTE: https://lists.gnu.org/archive/html/qemu-devel/2015-09/msg03984.html
+	TODO: check versions
+CVE-2015-5278 [net: avoid infinite loop when receiving packets]
 	RESERVED
+	- qemu <unfixed>
+	- qemu-kvm <removed>
+	NOTE: https://lists.gnu.org/archive/html/qemu-devel/2015-09/msg03985.html
+	TODO: check versions
 CVE-2015-5277 [data corruption while reading the NSS files database]
 	RESERVED
 	- glibc <unfixed>


