[Secure-testing-commits] r46060 - data/CVE

Moritz Muehlenhoff jmm at moszumanska.debian.org
Tue Nov 8 11:40:58 UTC 2016 

Author: jmm
Date: 2016-11-08 11:40:58 +0000 (Tue, 08 Nov 2016)
New Revision: 46060

Modified:
   data/CVE/list
Log:
initial set of xen fixed in sid
sudo no-dsa


Modified: data/CVE/list
===================================================================
--- data/CVE/list	2016-11-08 10:33:41 UTC (rev 46059)
+++ data/CVE/list	2016-11-08 11:40:58 UTC (rev 46060)
@@ -4624,7 +4624,7 @@
 	RESERVED
 CVE-2016-7777 (Xen 4.7.x and earlier does not properly honor CR0.TS and CR0.EM, which ...)
 	{DLA-699-1}
-	- xen <unfixed>
+	- xen 4.8.0~rc3-1
 	NOTE: http://xenbits.xen.org/xsa/advisory-190.html
 CVE-2016-7776
 	RESERVED
@@ -6462,7 +6462,7 @@
 	NOTE: http://xenbits.xen.org/xsa/advisory-186.html
 CVE-2016-7092 (The get_page_from_l3e function in arch/x86/mm.c in Xen allows local ...)
 	{DSA-3663-1 DLA-614-1}
-	- xen <unfixed>
+	- xen 4.8.0~rc3-1
 	NOTE: http://xenbits.xen.org/xsa/advisory-185.html
 CVE-2016-7090 (The integrated web server on Siemens SCALANCE M-800 and S615 modules ...)
 	NOT-FOR-US: Siemens
@@ -6520,6 +6520,7 @@
 CVE-2016-7076 [noexec bypass via wordexp()]
 	RESERVED
 	- sudo <unfixed> (bug #842507)
+	[jessie] - sudo <no-dsa> (Minor issue)
 	NOTE: https://www.sudo.ws/alerts/noexec_wordexp.html
 	NOTE: https://www.sudo.ws/repos/sudo/rev/e7d09243e51b
 	NOTE: https://www.sudo.ws/repos/sudo/rev/7b8357b0a358
@@ -6648,6 +6649,7 @@
 CVE-2016-7032 [noexec bypass via system() and popen()]
 	RESERVED
 	- sudo 1.8.15-1
+	[jessie] - sudo <no-dsa> (Minor issue)
 	NOTE: https://www.sudo.ws/alerts/noexec_bypass.html
 	NOTE: This CVE is for the bypass via system() and popen(). The wordpexp() bypass
 	NOTE: is tracked under CVE-2016-7076.
@@ -9163,7 +9165,7 @@
 CVE-2016-6260
 	RESERVED
 CVE-2016-6259 (Xen 4.5.x through 4.7.x do not implement Supervisor Mode Access ...)
-	- xen <unfixed>
+	- xen 4.8.0~rc3-1
 	[jessie] - xen <not-affected> (Only affects 4.5 and later)
 	[wheezy] - xen <not-affected> (Only affects 4.5 and later)
 	NOTE: http://xenbits.xen.org/xsa/advisory-183.html

More information about the Secure-testing-commits mailing list