[Secure-testing-commits] r46885 - data/CVE

[Nicholas Luedtke]

Author: nluedtke-guest
Date: 2016-12-08 16:26:02 +0000 (Thu, 08 Dec 2016)
New Revision: 46885

Modified:
   data/CVE/list
Log:
Update CVE-2016-9913/qemu

Modified: data/CVE/list
===================================================================
--- data/CVE/list	2016-12-08 16:20:49 UTC (rev 46884)
+++ data/CVE/list	2016-12-08 16:26:02 UTC (rev 46885)
@@ -1080,11 +1080,13 @@
 	TODO: check affected versions
 CVE-2016-9913
 	- qemu <unfixed>
+	[jessie] - qemu <not-affected> (Vulnerable code introduced in 2.5.0)
+	[wheezy] - qemu <not-affected> (Vulnerable code introduced in 2.5.0)
 	- qemu-kvm <removed>
+	[wheezy] - qemu-kvm <not-affected> (Vulnerable code not present)
 	NOTE: https://lists.gnu.org/archive/html/qemu-devel/2016-11/msg03278.html
 	NOTE: http://git.qemu.org/?p=qemu.git;a=commit;h=4774718e5c194026ba5ee7a28d9be49be3080e42
 	NOTE: http://www.openwall.com/lists/oss-security/2016/12/06/11
-	TODO: check affected versions
 CVE-2016-9911 [usb: ehci: memory leakage in ehci_init_transfer]
 	- qemu <unfixed>
 	- qemu-kvm <removed>