[Secure-testing-commits] r42095 - data/CVE

Salvatore Bonaccorso carnil at moszumanska.debian.org
Sat May 28 07:55:20 UTC 2016


Author: carnil
Date: 2016-05-28 07:55:20 +0000 (Sat, 28 May 2016)
New Revision: 42095

Modified:
   data/CVE/list
Log:
Add bug references for qemu

Modified: data/CVE/list
===================================================================
--- data/CVE/list	2016-05-28 07:37:53 UTC (rev 42094)
+++ data/CVE/list	2016-05-28 07:55:20 UTC (rev 42095)
@@ -222,7 +222,7 @@
 	[wheezy] - asterisk <not-affected> (Only affects 13.x)
 	NOTE: http://downloads.asterisk.org/pub/security/AST-2016-005.html
 CVE-2016-5107 [scsi: megasas: out-of-bounds read in megasas_lookup_frame() function]
-	- qemu <unfixed>
+	- qemu <unfixed> (bug #825616)
 	[jessie] - qemu <no-dsa> (Minor issue)
 	[wheezy] - qemu <not-affected> (Vulnerable code not present)
 	- qemu-kvm <not-affected> (Vulnerable code not present)
@@ -230,14 +230,14 @@
 	NOTE: Introduced after: http://git.qemu.org/?p=qemu.git;a=commit;h=e8f943c3bcc2a578bfd30b825f2ebaf345c63a09 (v1.2.0-rc0)
 	NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=1336461
 CVE-2016-5106 [scsi: megasas: out-of-bounds write while setting controller properties]
-	- qemu <unfixed>
+	- qemu <unfixed> (bug #825615)
 	[jessie] - qemu <no-dsa> (Minor issue)
 	[wheezy] - qemu <not-affected> (Vulnerable code not present)
 	- qemu-kvm <not-affected> (Vulnerable code not present)
 	NOTE: Introduced after: http://git.qemu.org/?p=qemu.git;a=commit;h=e8f943c3bcc2a578bfd30b825f2ebaf345c63a09 (v1.2.0-rc0)
 	NOTE: https://lists.gnu.org/archive/html/qemu-devel/2016-05/msg04340.html
 CVE-2016-5105 [scsi: megasas: stack information leakage while reading configuration]
-	- qemu <unfixed>
+	- qemu <unfixed> (bug #825614)
 	[jessie] - qemu <no-dsa> (Minor issue)
 	[wheezy] - qemu <not-affected> (Vulnerable code not present)
 	- qemu-kvm <not-affected> (Vulnerable code not present)




More information about the Secure-testing-commits mailing list