[Secure-testing-commits] r47791 - data/CVE

Salvatore Bonaccorso carnil at moszumanska.debian.org
Fri Jan 6 18:22:34 UTC 2017


Author: carnil
Date: 2017-01-06 18:22:34 +0000 (Fri, 06 Jan 2017)
New Revision: 47791

Modified:
   data/CVE/list
Log:
Cleanup some entries which are not for src:xen

Modified: data/CVE/list
===================================================================
--- data/CVE/list	2017-01-06 16:20:45 UTC (rev 47790)
+++ data/CVE/list	2017-01-06 18:22:34 UTC (rev 47791)
@@ -25431,9 +25431,6 @@
 	- qemu 1:2.6+dfsg-3.1 (bug #832619)
 	[jessie] - qemu <no-dsa> (Minor issue; can be fixed in future DSA or point release)
 	- qemu-kvm <removed>
-	- xen 4.4.0-1
-	[wheezy] - xen <not-affected> (Vulnerable code irrelevant in Xen)
-	NOTE: Xen switched to qemu-system in 4.4.0-1
 CVE-2016-5402
 	RESERVED
 	NOT-FOR-US: Red Hat CloudForms
@@ -47624,9 +47621,6 @@
 	- qemu-kvm <removed>
 	[wheezy] - qemu-kvm <no-dsa> (Minor issue; can be fixed along in a later DSA)
 	[squeeze] - qemu-kvm <end-of-life> (Not supported in Squeeze LTS)
-	- xen 4.4.0-1
-	[wheezy] - xen <not-affected> (Vulnerable code irrelevant in Xen)
-	NOTE: Xen switched to qemu-system in 4.4.0-1
 	NOTE: http://www.openwall.com/lists/oss-security/2015/09/18/5
 	NOTE: https://lists.gnu.org/archive/html/qemu-devel/2015-09/msg04729.html
 	NOTE: https://lists.gnu.org/archive/html/qemu-devel/2015-09/msg04730.html
@@ -94571,22 +94565,16 @@
 CVE-2014-0223 (Integer overflow in the qcow_open function in block/qcow.c in QEMU ...)
 	{DSA-3045-1 DSA-3044-1}
 	- qemu 2.0.0+dfsg-6 (bug #742730)
-	- qemu-kvm <removed>
 	[squeeze] - qemu <end-of-life> (Unsupported in squeeze-lts)
+	- qemu-kvm <removed>
 	[squeeze] - qemu-kvm <end-of-life> (Unsupported in squeeze-lts)
-	- xen 4.4.0-1
-	[wheezy] - xen <not-affected> (Vulnerable code irrelevant in Xen)
-	NOTE: Xen switched to qemu-system in 4.4.0-1
 	NOTE: https://lists.gnu.org/archive/html/qemu-devel/2014-05/msg02156.html
 CVE-2014-0222 (Integer overflow in the qcow_open function in block/qcow.c in QEMU ...)
 	{DSA-3045-1 DSA-3044-1}
 	- qemu 2.0.0+dfsg-6 (bug #742730)
-	- qemu-kvm <removed>
 	[squeeze] - qemu <end-of-life> (Unsupported in squeeze-lts)
+	- qemu-kvm <removed>
 	[squeeze] - qemu-kvm <end-of-life> (Unsupported in squeeze-lts)
-	- xen 4.4.0-1
-	[wheezy] - xen <not-affected> (Vulnerable code irrelevant in Xen)
-	NOTE: Xen switched to qemu-system in 4.4.0-1
 	NOTE: https://lists.gnu.org/archive/html/qemu-devel/2014-05/msg02155.html
 CVE-2014-0221 (The dtls1_get_message_fragment function in d1_both.c in OpenSSL before ...)
 	{DSA-2950-1 DLA-0003-1}
@@ -96906,9 +96894,6 @@
 	[wheezy] - qemu-kvm <no-dsa> (Minor issue, hardly exploitable in practice)
 	- qemu-kvm <removed> (low)
 	[squeeze] - qemu-kvm <no-dsa> (Minor issue, hardly exploitable in practice)
-	- xen 4.4.0-1
-	[wheezy] - xen <not-affected> (Vulnerable code irrelevant in Xen)
-	NOTE: Xen switched to qemu-system in 4.4.0-1
 CVE-2013-6398 (The virtual router in Apache CloudStack before 4.2.1 does not preserve ...)
 	NOT-FOR-US: Apache CloudStack
 CVE-2013-6397 (Directory traversal vulnerability in SolrResourceLoader in Apache Solr ...)
@@ -102916,13 +102901,10 @@
 CVE-2013-4151 (The virtio_load function in virtio/virtio.c in QEMU 1.x before 1.7.2 ...)
 	- qemu 2.1+dfsg-1 (low; bug #739589)
 	[wheezy] - qemu <no-dsa> (Minor issue, hardly exploitable in practice)
-	[wheezy] - qemu-kvm <no-dsa> (Minor issue, hardly exploitable in practice)
 	[squeeze] - qemu <no-dsa> (Minor issue, hardly exploitable in practice)
 	- qemu-kvm <removed> (low)
+	[wheezy] - qemu-kvm <no-dsa> (Minor issue, hardly exploitable in practice)
 	[squeeze] - qemu-kvm <no-dsa> (Minor issue, hardly exploitable in practice)
-	- xen 4.4.0-1
-	[wheezy] - xen <not-affected> (Vulnerable code irrelevant in Xen)
-	NOTE: Xen switched to qemu-system in 4.4.0-1
 CVE-2013-4150 (The virtio_net_load function in hw/net/virtio-net.c in QEMU 1.5.0 ...)
 	- qemu 2.1+dfsg-1 (low; bug #739589)
 	[wheezy] - qemu <no-dsa> (Minor issue, hardly exploitable in practice)




More information about the Secure-testing-commits mailing list