[Secure-testing-commits] r39048 - data/CVE

Salvatore Bonaccorso carnil at moszumanska.debian.org
Wed Jan 20 16:49:09 UTC 2016 

Author: carnil
Date: 2016-01-20 16:49:09 +0000 (Wed, 20 Jan 2016)
New Revision: 39048

Modified:
   data/CVE/list
Log:
Add CVEs for virtualbox

Modified: data/CVE/list
===================================================================
--- data/CVE/list	2016-01-20 15:40:57 UTC (rev 39047)
+++ data/CVE/list	2016-01-20 16:49:09 UTC (rev 39048)
@@ -3889,6 +3889,8 @@
 	RESERVED
 CVE-2016-0602
 	RESERVED
+	- virtualbox <not-affected> (VirtualBox Windows Installer component)
+	NOTE: http://www.oracle.com/technetwork/topics/security/cpujan2016-2367955.html#AppendixOVIR
 CVE-2016-0601
 	RESERVED
 	- mysql-5.6 <not-affected> (Only affects MySQL 5.7)
@@ -3937,6 +3939,8 @@
 	RESERVED
 CVE-2016-0592
 	RESERVED
+	- virtualbox 5.0.14-dfsg-1
+	NOTE: http://www.oracle.com/technetwork/topics/security/cpujan2016-2367955.html#AppendixOVIR
 CVE-2016-0591
 	RESERVED
 CVE-2016-0590
@@ -4149,6 +4153,8 @@
 	RESERVED
 CVE-2016-0495
 	RESERVED
+	- virtualbox 5.0.14-dfsg-1
+	NOTE: http://www.oracle.com/technetwork/topics/security/cpujan2016-2367955.html#AppendixOVIR
 CVE-2016-0494
 	RESERVED
 CVE-2016-0493
@@ -6404,6 +6410,8 @@
 	NOTE: http://xenbits.xen.org/xsa/advisory-156.html
 	NOTE: Upstream patch: https://lkml.org/lkml/2015/11/10/218
 	NOTE: https://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=cbdb967af3d54993f5814f1cee0ed311a055377d
+	- virtualbox 5.0.10-dfsg-1
+	NOTE: http://www.oracle.com/technetwork/topics/security/cpujan2016-2367955.html#AppendixOVIR
 CVE-2015-8100 (The net-snmp package in OpenBSD through 5.8 uses 0644 permissions for ...)
 	- net-snmp <not-affected> (Specific to packaging in OpenBSD)
 CVE-2015-8089
@@ -9076,6 +9084,7 @@
 	- virtualbox 5.0.10-dfsg-1
 	[jessie] - virtualbox <no-dsa> (Minor issue, will be fixed when included in next CPU)
 	[wheezy] - virtualbox <no-dsa> (Minor issue, will be fixed when included in next CPU)
+	NOTE: VirtualBox fixed: 4.0.36, 4.1.44, 4.2.36, 4.3.34,  5.0.10
 	NOTE: http://hg.mozilla.org/projects/nspr/rev/c9c965b2b19c
 	NOTE: http://hg.mozilla.org/projects/nspr/rev/bd8fb4498fa6
 	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2015-133/
@@ -14078,6 +14087,8 @@
 	[squeeze] - linux-2.6 <no-dsa> (KVM not supported in Squeeze LTS)
 	[squeeze] - xen <end-of-life> (Not supported in Squeeze LTS)
 	NOTE: http://xenbits.xen.org/xsa/advisory-156.html
+	- virtualbox 5.0.10-dfsg-1
+	NOTE: http://www.oracle.com/technetwork/topics/security/cpujan2016-2367955.html#AppendixOVIR
 CVE-2015-5306 (OpenStack Ironic Inspector (aka ironic-inspector or ironic-discoverd), ...)
 	TODO: check
 CVE-2015-5305 (Directory traversal vulnerability in Kubernetes, as used in Red Hat ...)

More information about the Secure-testing-commits mailing list