[Secure-testing-commits] r38875 - data/CVE
Salvatore Bonaccorso
carnil at moszumanska.debian.org
Tue Jan 12 20:04:07 UTC 2016
Author: carnil
Date: 2016-01-12 20:04:06 +0000 (Tue, 12 Jan 2016)
New Revision: 38875
Modified:
data/CVE/list
Log:
Correct information for CVE-2016-1714/qemu
Modified: data/CVE/list
===================================================================
--- data/CVE/list 2016-01-12 19:56:15 UTC (rev 38874)
+++ data/CVE/list 2016-01-12 20:04:06 UTC (rev 38875)
@@ -32,14 +32,14 @@
CVE-2015-8752
RESERVED
CVE-2016-1714 [nvram: OOB r/w access in processing firmware configurations]
- - qemu 1:2.4+dfsg-1a
+ - qemu <unfixed>
[squeeze] - qemu <end-of-life> (Not supported in Squeeze LTS)
- qemu-kvm <removed>
[squeeze] - qemu-kvm <end-of-life> (Not supported in Squeeze LTS)
NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=1296060
NOTE: Upstream fix: https://lists.gnu.org/archive/html/qemu-devel/2016-01/msg00428.html
NOTE: http://www.openwall.com/lists/oss-security/2016/01/11/7
- NOTE: fw_cfg support for guest-side data writes removed in 2.4:
+ NOTE: fw_cfg support for guest-side data writes removed in 2.4 (1:2.4+dfsg-1a)
NOTE: http://git.qemu.org/?p=qemu.git;a=commit;h=023e3148567ac898c7258138f8e86c3c2bb40d07 (v2.4.0-rc0)
CVE-2015-8767 [SCTP denial of service during heartbeat timeout functions]
- linux 4.3.1-1
More information about the Secure-testing-commits
mailing list