[Secure-testing-commits] r39048 - data/CVE
Salvatore Bonaccorso
carnil at moszumanska.debian.org
Wed Jan 20 16:49:09 UTC 2016
Author: carnil
Date: 2016-01-20 16:49:09 +0000 (Wed, 20 Jan 2016)
New Revision: 39048
Modified:
data/CVE/list
Log:
Add CVEs for virtualbox
Modified: data/CVE/list
===================================================================
--- data/CVE/list 2016-01-20 15:40:57 UTC (rev 39047)
+++ data/CVE/list 2016-01-20 16:49:09 UTC (rev 39048)
@@ -3889,6 +3889,8 @@
RESERVED
CVE-2016-0602
RESERVED
+ - virtualbox <not-affected> (VirtualBox Windows Installer component)
+ NOTE: http://www.oracle.com/technetwork/topics/security/cpujan2016-2367955.html#AppendixOVIR
CVE-2016-0601
RESERVED
- mysql-5.6 <not-affected> (Only affects MySQL 5.7)
@@ -3937,6 +3939,8 @@
RESERVED
CVE-2016-0592
RESERVED
+ - virtualbox 5.0.14-dfsg-1
+ NOTE: http://www.oracle.com/technetwork/topics/security/cpujan2016-2367955.html#AppendixOVIR
CVE-2016-0591
RESERVED
CVE-2016-0590
@@ -4149,6 +4153,8 @@
RESERVED
CVE-2016-0495
RESERVED
+ - virtualbox 5.0.14-dfsg-1
+ NOTE: http://www.oracle.com/technetwork/topics/security/cpujan2016-2367955.html#AppendixOVIR
CVE-2016-0494
RESERVED
CVE-2016-0493
@@ -6404,6 +6410,8 @@
NOTE: http://xenbits.xen.org/xsa/advisory-156.html
NOTE: Upstream patch: https://lkml.org/lkml/2015/11/10/218
NOTE: https://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=cbdb967af3d54993f5814f1cee0ed311a055377d
+ - virtualbox 5.0.10-dfsg-1
+ NOTE: http://www.oracle.com/technetwork/topics/security/cpujan2016-2367955.html#AppendixOVIR
CVE-2015-8100 (The net-snmp package in OpenBSD through 5.8 uses 0644 permissions for ...)
- net-snmp <not-affected> (Specific to packaging in OpenBSD)
CVE-2015-8089
@@ -9076,6 +9084,7 @@
- virtualbox 5.0.10-dfsg-1
[jessie] - virtualbox <no-dsa> (Minor issue, will be fixed when included in next CPU)
[wheezy] - virtualbox <no-dsa> (Minor issue, will be fixed when included in next CPU)
+ NOTE: VirtualBox fixed: 4.0.36, 4.1.44, 4.2.36, 4.3.34, 5.0.10
NOTE: http://hg.mozilla.org/projects/nspr/rev/c9c965b2b19c
NOTE: http://hg.mozilla.org/projects/nspr/rev/bd8fb4498fa6
NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2015-133/
@@ -14078,6 +14087,8 @@
[squeeze] - linux-2.6 <no-dsa> (KVM not supported in Squeeze LTS)
[squeeze] - xen <end-of-life> (Not supported in Squeeze LTS)
NOTE: http://xenbits.xen.org/xsa/advisory-156.html
+ - virtualbox 5.0.10-dfsg-1
+ NOTE: http://www.oracle.com/technetwork/topics/security/cpujan2016-2367955.html#AppendixOVIR
CVE-2015-5306 (OpenStack Ironic Inspector (aka ironic-inspector or ironic-discoverd), ...)
TODO: check
CVE-2015-5305 (Directory traversal vulnerability in Kubernetes, as used in Red Hat ...)
More information about the Secure-testing-commits
mailing list