[Secure-testing-commits] r47373 - data/CVE

Moritz Muehlenhoff jmm at moszumanska.debian.org
Fri Dec 23 07:47:37 UTC 2016 

Author: jmm
Date: 2016-12-23 07:47:37 +0000 (Fri, 23 Dec 2016)
New Revision: 47373

Modified:
   data/CVE/list
Log:
new curl issue (not affected)
record older openstack fixes in unstable


Modified: data/CVE/list
===================================================================
--- data/CVE/list	2016-12-23 07:12:31 UTC (rev 47372)
+++ data/CVE/list	2016-12-23 07:47:37 UTC (rev 47373)
@@ -8516,6 +8516,8 @@
 	NOT-FOR-US: Katello
 CVE-2016-9594
 	RESERVED
+	- curl <not-affected> (Only affects 7.52)
+	NOTE: https://curl.haxx.se/docs/adv_20161223.html
 CVE-2016-9593
 	RESERVED
 	- foreman <itp> (bug #663101)
@@ -36497,7 +36499,7 @@
 	NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=1294264
 	NOTE: https://github.com/tomhughes/libdwarf/commit/11750a2838e52953013e3114ef27b3c7b1780697
 CVE-2015-8749 (The volume_utils._parse_volume_info function in OpenStack Compute ...)
-	- nova <unfixed>
+	- nova 2:13.0.0~rc3-1
 	[jessie] - nova <no-dsa> (Minor issue)
 	[wheezy] - nova <no-dsa> (Minor issue)
 	NOTE: https://launchpad.net/bugs/1516765
@@ -43861,7 +43863,7 @@
 	NOTE: Upstream commit: http://git.qemu.org/?p=qemu.git;a=commitdiff;h=43b11a91dd861a946b231b89b7542856ade23d1b (v2.5.0-rc0)
 	NOTE: Introduced by: http://git.qemu.org/?p=qemu.git;a=commitdiff;h=d35e428c8400f9ddc07e5a15ff19622c869b9ba0 (v1.2.0-rc0)
 CVE-2015-7548 (OpenStack Compute (Nova) before 2015.1.3 (kilo) and 12.0.x before ...)
-	- nova <unfixed>
+	- nova 2:13.0.0~rc3-1
 	[jessie] - nova <no-dsa> (Minor issue)
 	[wheezy] - nova <no-dsa> (Minor issue)
 	NOTE: Affects: Nova: <=2015.1.2, ==12.0.0
@@ -50526,12 +50528,12 @@
 	[jessie] - glance <not-affected> (Affects Glance 2015.1 versions trough 2015.1.1)
 	[wheezy] - glance <not-affected> (Affects Glance 2015.1 versions trough 2015.1.1)
 CVE-2015-5162 (The image parser in OpenStack Cinder 7.0.2 and 8.0.0 through 8.1.1; ...)
-	- cinder <unfixed>
+	- cinder 2:8.0.0-1
 	[jessie] - cinder <no-dsa> (Minor issue)
-	- glance <unfixed> (low)
+	- glance 2:12.0.0-1 (low)
 	[jessie] - glance <no-dsa> (Minor issue)
 	[wheezy] - glance <end-of-life> (not supported in Wheezy)
-	- nova <unfixed> (low)
+	- nova 2:13.0.0-1 (low)
 	[jessie] - nova <no-dsa> (Minor issue)
 	[wheezy] - nova <no-dsa> (Minor issue)
 	NOTE: Patches: http://www.openwall.com/lists/oss-security/2016/10/06/8

More information about the Secure-testing-commits mailing list