[Secure-testing-commits] r46633 - data/CVE
Hugo Lefeuvre
hle at moszumanska.debian.org
Tue Nov 29 08:47:12 UTC 2016
Author: hle
Date: 2016-11-29 08:47:12 +0000 (Tue, 29 Nov 2016)
New Revision: 46633
Modified:
data/CVE/list
Log:
CVE triage for Xen in wheezy.
Modified: data/CVE/list
===================================================================
--- data/CVE/list 2016-11-29 07:30:50 UTC (rev 46632)
+++ data/CVE/list 2016-11-29 08:47:12 UTC (rev 46633)
@@ -82866,6 +82866,8 @@
- qemu-kvm <removed>
[squeeze] - qemu <end-of-life> (Unsupported in squeeze-lts)
[squeeze] - qemu-kvm <end-of-life> (Unsupported in squeeze-lts)
+ - xen 4.4.0-1
+ NOTE: Xen switched to qemu-system in 4.4.0-1
NOTE: https://lists.gnu.org/archive/html/qemu-devel/2014-05/msg02156.html
CVE-2014-0222 (Integer overflow in the qcow_open function in block/qcow.c in QEMU ...)
{DSA-3045-1 DSA-3044-1}
@@ -82873,6 +82875,8 @@
- qemu-kvm <removed>
[squeeze] - qemu <end-of-life> (Unsupported in squeeze-lts)
[squeeze] - qemu-kvm <end-of-life> (Unsupported in squeeze-lts)
+ - xen 4.4.0-1
+ NOTE: Xen switched to qemu-system in 4.4.0-1
NOTE: https://lists.gnu.org/archive/html/qemu-devel/2014-05/msg02155.html
CVE-2014-0221 (The dtls1_get_message_fragment function in d1_both.c in OpenSSL before ...)
{DSA-2950-1 DLA-0003-1}
@@ -83150,6 +83154,9 @@
- qemu-kvm <removed>
[squeeze] - qemu <end-of-life> (Unsupported in squeeze-lts)
[squeeze] - qemu-kvm <end-of-life> (Unsupported in squeeze-lts)
+ - xen 4.4.0-1
+ NOTE: Xen switched to qemu-system in 4.4.0-1
+ NOTE: Upstream commit: http://git.qemu.org/?p=qemu.git;a=commit;h=11b128f4062dd7f89b14abc8877ff20d41b28be9
CVE-2014-0145
RESERVED
{DSA-3045-1 DSA-3044-1}
@@ -89805,6 +89812,8 @@
[wheezy] - qemu-kvm <no-dsa> (Minor issue, hardly exploitable in practice)
- qemu-kvm <removed> (low)
[squeeze] - qemu-kvm <no-dsa> (Minor issue, hardly exploitable in practice)
+ - xen 4.4.0-1
+ NOTE: Xen switched to qemu-system in 4.4.0-1
CVE-2013-4531 (Buffer overflow in target-arm/machine.c in QEMU before 1.7.2 allows ...)
- qemu 2.1+dfsg-1 (low; bug #739589)
[wheezy] - qemu <no-dsa> (Minor issue, hardly exploitable in practice)
More information about the Secure-testing-commits
mailing list