[Secure-testing-commits] r48245 - data/CVE
Salvatore Bonaccorso
carnil at moszumanska.debian.org
Sat Jan 21 07:15:49 UTC 2017
Author: carnil
Date: 2017-01-21 07:15:49 +0000 (Sat, 21 Jan 2017)
New Revision: 48245
Modified:
data/CVE/list
Log:
Add CVE-2016-10155/qemu
Modified: data/CVE/list
===================================================================
--- data/CVE/list 2017-01-21 07:14:19 UTC (rev 48244)
+++ data/CVE/list 2017-01-21 07:15:49 UTC (rev 48245)
@@ -10,6 +10,13 @@
CVE-2017-XXXX [SEC-212 Format string injection]
- cgiemail <unfixed> (bug #852031)
NOTE: CVE Request: http://www.openwall.com/lists/oss-security/2017/01/20/6
+CVE-2016-10155 [watchdog: memory leakage in virtual hardware watchdog wdt_i6300esb; CVE for the memory consumption issue, not an information disclosure issue]
+ - qemu <unfixed>
+ - qemu-kvm <removed>
+ NOTE: https://lists.nongnu.org/archive/html/qemu-devel/2016-12/msg03104.html
+ NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=1415199
+ NOTE: Fixed by: http://git.qemu.org/?p=qemu.git;a=commit;h=eb7a20a3616085d46aa6b4b4224e15587ec67e6e
+ TODO: check affected versions
CVE-2016-10152 [Use of hard-coded DNS domain if configuration file cannot be read]
- hesiod <unfixed>
NOTE: https://github.com/achernya/hesiod/pull/10
More information about the Secure-testing-commits
mailing list