[Secure-testing-commits] r40692 - data/CVE
Guido Guenther
agx at moszumanska.debian.org
Fri Apr 1 09:42:41 UTC 2016
Author: agx
Date: 2016-04-01 09:42:41 +0000 (Fri, 01 Apr 2016)
New Revision: 40692
Modified:
data/CVE/list
Log:
Update information on libvirt/CVE-2013-4311
Modified: data/CVE/list
===================================================================
--- data/CVE/list 2016-04-01 09:13:42 UTC (rev 40691)
+++ data/CVE/list 2016-04-01 09:42:41 UTC (rev 40692)
@@ -70048,10 +70048,11 @@
NOTE: https://git.kernel.org/linus/712f4aad406bb1ed67f3f98d04c044191f0ff593 (v4.5-rc1)
NOTE: First patch for mitigation in 4.3.3-6, 4.3.5-1 adds a second bit required, that is CVE-2016-2847
CVE-2013-4311 (libvirt 1.0.5.x before 1.0.5.6, 0.10.2.x before 0.10.2.8, and 0.9.12.x ...)
- - libvirt <unfixed> (unimportant)
- NOTE: polkit support not activated in Debian build, will be fixed in point update
- NOTE: for wheezy: sourcewise support for 3-arg pkcheck syntax in libvirt is included
- NOTE: since 0.9.12.3-1 in wyeezy-security (and 1.1.3~rc1-1 in unstable). But we need
+ - libvirt 1.1.3~rc1-1 (unimportant)
+ [jessie] - libvirt 1.1.3~rc1-1
+ NOTE: polkit support not activated in Debian build prior to 1.2.9.
+ NOTE: sourcewise support for 3-arg pkcheck syntax in libvirt is included
+ NOTE: since 0.9.12.3-1 in wheezy-security (and 1.1.3~rc1-1 in unstable). But we need
NOTE: to wait for the pu in #726558 for policykit-1/0.105-3+deb7u1 and have a rebuild
NOTE: of libvirt then.
NOTE: Needs a build dependency on libpolkit-gobject-1-dev
More information about the Secure-testing-commits
mailing list