[Secure-testing-commits] r38814 - data/CVE

Salvatore Bonaccorso carnil at moszumanska.debian.org
Sun Jan 10 09:38:24 UTC 2016 

Author: carnil
Date: 2016-01-10 09:38:24 +0000 (Sun, 10 Jan 2016)
New Revision: 38814

Modified:
   data/CVE/list
Log:
Four more CVEs addressed in qemu upload to unstable

Modified: data/CVE/list
===================================================================
--- data/CVE/list	2016-01-10 09:10:12 UTC (rev 38813)
+++ data/CVE/list	2016-01-10 09:38:24 UTC (rev 38814)
@@ -976,7 +976,7 @@
 	NOTE: http://www.inspircd.org/2015/04/16/v2019-released.html
 CVE-2015-8701 [net: rocker: fix an incorrect array bounds check]
 	RESERVED
-	- qemu <unfixed> (bug #809313)
+	- qemu 1:2.5+dfsg-3 (bug #809313)
 	[jessie] - qemu <not-affected> (Vulnerable code introduced after qemu 2.3)
 	[wheezy] - qemu <not-affected> (Vulnerable code introduced after qemu 2.3)
 	[squeeze] - qemu <not-affected> (Vulnerable code introduced after qemu 2.3)
@@ -1903,7 +1903,7 @@
 	RESERVED
 CVE-2015-8613 [scsi: stack based buffer overflow in megasas_ctrl_get_info]
 	RESERVED
-	- qemu <unfixed> (bug #809232)
+	- qemu 1:2.5+dfsg-3 (bug #809232)
 	[wheezy] - qemu <not-affected> (Vulnerable code not present)
 	[squeeze] - qemu <not-affected> (Vulnerable code not present)
 	- qemu-kvm <not-affected> (Vulnerable code not present)
@@ -2601,7 +2601,7 @@
 	NOTE: https://lkml.org/lkml/2015/12/14/252
 CVE-2015-8568 [net: vmxnet3: host memory leakage -- did not free the transmit & receive buffers while deactivating]
 	RESERVED
-	- qemu <unfixed> (bug #808145)
+	- qemu 1:2.5+dfsg-3 (bug #808145)
 	[wheezy] - qemu <not-affected> (Vulnerable code not present)
 	[squeeze] - qemu <not-affected> (Vulnerable code not present)
 	- qemu-kvm <not-affected> (Vulnerable code not present)
@@ -2609,7 +2609,7 @@
 	NOTE: http://www.openwall.com/lists/oss-security/2015/12/15/4
 CVE-2015-8567 [net: vmxnet3: host memory leakage -- does not check if the device is active before activating it]
 	RESERVED
-	- qemu <unfixed> (bug #808145)
+	- qemu 1:2.5+dfsg-3 (bug #808145)
 	[wheezy] - qemu <not-affected> (Vulnerable code not present)
 	[squeeze] - qemu <not-affected> (Vulnerable code not present)
 	- qemu-kvm <not-affected> (Vulnerable code not present)

More information about the Secure-testing-commits mailing list