[Secure-testing-commits] r39266 - data/CVE

Salvatore Bonaccorso carnil at moszumanska.debian.org
Thu Jan 28 17:57:05 UTC 2016


Author: carnil
Date: 2016-01-28 17:57:05 +0000 (Thu, 28 Jan 2016)
New Revision: 39266

Modified:
   data/CVE/list
Log:
Update status for CVE-2015-8619

Modified: data/CVE/list
===================================================================
--- data/CVE/list	2016-01-28 17:56:56 UTC (rev 39265)
+++ data/CVE/list	2016-01-28 17:57:05 UTC (rev 39266)
@@ -3451,13 +3451,15 @@
 	NOTE: http://xenbits.xen.org/xsa/advisory-169.html
 CVE-2015-8619 [hmp: stack based OOB write in hmp_sendkey routine]
 	RESERVED
-	- qemu <unfixed> (bug #809237)
+	- qemu 1:2.5+dfsg-5 (bug #809237)
+	[wheezy] - qemu <not-affected> (Issue introduced afer 1.2)
+	[squeeze] - qemu <not-affected> (Issue introduced afer 1.2)
 	[squeeze] - qemu <end-of-life> (Unsupported in squeeze-lts)
 	- qemu-kvm <removed>
-	[squeeze] - qemu-kvm <end-of-life> (Unsupported in squeeze-lts)
+	- qemu-kvm <not-affected> (Introduced after 1.2)
+	NOTE: According maintainer in https://bugs.debian.org/809237#17 introduced after 1.2
 	NOTE: https://lists.gnu.org/archive/html/qemu-devel/2015-12/msg02930.html
 	NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=1283926
-	TODO: check affected versions
 CVE-2016-1922 [i386: null pointer dereference in vapic_write()]
 	RESERVED
 	- qemu 1:2.5+dfsg-4 (bug #811201)




More information about the Secure-testing-commits mailing list