[Secure-testing-commits] r48982 - data/CVE
Salvatore Bonaccorso
carnil at moszumanska.debian.org
Thu Feb 16 04:53:46 UTC 2017
Author: carnil
Date: 2017-02-16 04:53:46 +0000 (Thu, 16 Feb 2017)
New Revision: 48982
Modified:
data/CVE/list
Log:
Add CVE-2017-6000/qemu
Modified: data/CVE/list
===================================================================
--- data/CVE/list 2017-02-16 04:34:11 UTC (rev 48981)
+++ data/CVE/list 2017-02-16 04:53:46 UTC (rev 48982)
@@ -1,8 +1,13 @@
CVE-2017-6001 [Incomplete fix for CVE-2016-6786]
- linux <unfixed>
NOTE: Fixed by: https://git.kernel.org/linus/321027c1fe77f892f4ea07846aeae08cefbbb290
-CVE-2017-6000
+CVE-2017-6000 [crypto: memory leakage in qcrypto_ivgen_essiv_init]
RESERVED
+ - qemu <unfixed>
+ - qemu-kvm <removed>
+ NOTE: https://lists.gnu.org/archive/html/qemu-devel/2017-01/msg00295.html
+ NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=1422656#c3
+ TODO: check versions, and as well original analysis by Red Hat was incomplete
CVE-2017-5999
RESERVED
CVE-2017-5998
More information about the Secure-testing-commits
mailing list