[Secure-testing-commits] r45764 - data/CVE
Guido Guenther
agx at moszumanska.debian.org
Sun Oct 30 11:23:41 UTC 2016
Author: agx
Date: 2016-10-30 11:23:41 +0000 (Sun, 30 Oct 2016)
New Revision: 45764
Modified:
data/CVE/list
Log:
Add Xen as possible affected by recent QEMU CVEs
so we can triage these
Modified: data/CVE/list
===================================================================
--- data/CVE/list 2016-10-30 10:07:19 UTC (rev 45763)
+++ data/CVE/list 2016-10-30 11:23:41 UTC (rev 45764)
@@ -5,32 +5,39 @@
CVE-2016-XXXX [9pfs: memory leakage in v9fs_write]
- qemu <unfixed> (bug #842463)
- qemu-kvm <removed>
+ - xen 4.4.0-1
+ NOTE: Xen switched to qemu-system in 4.4.0-1
NOTE: https://lists.gnu.org/archive/html/qemu-devel/2016-10/msg02623.html
NOTE: CVE Request: http://www.openwall.com/lists/oss-security/2016/10/28/4
CVE-2016-XXXX [memory leakage in v9fs_link]
- qemu <unfixed> (bug #842463)
- qemu-kvm <removed>
+ - xen 4.4.0-1
NOTE: https://lists.gnu.org/archive/html/qemu-devel/2016-10/msg02608.html
NOTE: CVE Request: http://www.openwall.com/lists/oss-security/2016/10/28/3
CVE-2016-XXXX [9pfs: integer overflow leading to OOB access]
- qemu <unfixed> (bug #842463)
- qemu-kvm <removed>
+ - xen 4.4.0-1
NOTE: https://lists.gnu.org/archive/html/qemu-devel/2016-10/msg02942.html
NOTE: CVE Request: http://www.openwall.com/lists/oss-security/2016/10/28/2
CVE-2016-XXXX [9pfs: information leakage via xattribute]
- qemu <unfixed> (bug #842463)
- qemu-kvm <removed>
+ - xen 4.4.0-1
NOTE: https://lists.gnu.org/archive/html/qemu-devel/2016-10/msg01790.html
NOTE: CVE Request: http://www.openwall.com/lists/oss-security/2016/10/28/1
CVE-2016-XXXX [memory leakage when creating extended attribute]
- qemu <unfixed> (bug #842463)
- qemu-kvm <removed>
+ - xen 4.4.0-1
NOTE: https://lists.gnu.org/archive/html/qemu-devel/2016-10/msg01861.html
NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=1389550
NOTE: CVE Request: http://www.openwall.com/lists/oss-security/2016/10/27/15
CVE-2016-XXXX [net: eepro100 memory leakage at device unplug]
- qemu <unfixed> (bug #842455)
- qemu-kvm <removed>
+ - xen 4.4.0-1
NOTE: https://lists.gnu.org/archive/html/qemu-devel/2016-10/msg03024.html
NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=1389538
NOTE: CVE Request: http://www.openwall.com/lists/oss-security/2016/10/27/14
More information about the Secure-testing-commits
mailing list