[Secure-testing-commits] r56977 - data/CVE

Moritz Muehlenhoff jmm at moszumanska.debian.org
Thu Oct 26 09:46:47 UTC 2017 

Author: jmm
Date: 2017-10-26 09:46:47 +0000 (Thu, 26 Oct 2017)
New Revision: 56977

Modified:
   data/CVE/list
Log:
openvswitch fixed in experimental


Modified: data/CVE/list
===================================================================
--- data/CVE/list	2017-10-26 09:45:04 UTC (rev 56976)
+++ data/CVE/list	2017-10-26 09:46:47 UTC (rev 56977)
@@ -2356,6 +2356,7 @@
 	NOT-FOR-US: InFocus Mondopad
 CVE-2017-14970 (In lib/ofp-util.c in Open vSwitch (OvS) before 2.8.1, there are ...)
 	- openvswitch <unfixed> (unimportant; bug #877543)
+	[experimental] - openvswitch 2.8.1+dfsg1-1
 	NOTE: https://mail.openvswitch.org/pipermail/ovs-dev/2017-September/339085.html
 	NOTE: https://mail.openvswitch.org/pipermail/ovs-dev/2017-September/339086.html
 	NOTE: Not considered a security issue by upstream, see #877543
@@ -18795,18 +18796,21 @@
 	RESERVED
 CVE-2017-9265 (In Open vSwitch (OvS) v2.7.0, there is a buffer over-read while parsing ...)
 	- openvswitch <unfixed> (unimportant; bug #863662)
+	[experimental] - openvswitch 2.8.1+dfsg1-1
 	[jessie] - openvswitch <not-affected> (Vulnerable code not present)
 	[wheezy] - openvswitch <not-affected> (Vulnerable code not present)
 	NOTE: https://mail.openvswitch.org/pipermail/ovs-dev/2017-May/332965.html
 	NOTE: OpenFlow 1.5 support still incomplete
 CVE-2017-9264 (In lib/conntrack.c in the firewall implementation in Open vSwitch (OvS) ...)
 	- openvswitch <unfixed> (unimportant; bug #863661)
+	[experimental] - openvswitch 2.8.1+dfsg1-1
 	[jessie] - openvswitch <not-affected> (Vulnerable code not present; connection tracking support introduced in 2.6.0)
 	[wheezy] - openvswitch <not-affected> (Vulnerable code not present; connection tracking support introduced in 2.6.0)
 	NOTE: https://mail.openvswitch.org/pipermail/ovs-dev/2017-March/329323.html
 	NOTE: Userspace data path not enabled in Debian packaging
 CVE-2017-9263 (In Open vSwitch (OvS) 2.7.0, while parsing an OpenFlow role status ...)
 	- openvswitch <unfixed> (unimportant; bug #863655)
+	[experimental] - openvswitch 2.8.1+dfsg1-1
 	[jessie] - openvswitch <not-affected> (No controllers implemented, cf. #863655)
 	[wheezy] - openvswitch <not-affected> (No controllers implemented, cf. #863655)
 	NOTE: https://mail.openvswitch.org/pipermail/ovs-dev/2017-May/332966.html
@@ -19028,6 +19032,7 @@
 	RESERVED
 CVE-2017-9214 (In Open vSwitch (OvS) 2.7.0, while parsing an ...)
 	- openvswitch <unfixed> (bug #863228)
+	[experimental] - openvswitch 2.8.1+dfsg1-1
 	[stretch] - openvswitch <no-dsa> (Minor issue)
 	[jessie] - openvswitch <not-affected> (Vulnerable code not present)
 	[wheezy] - openvswitch <not-affected> (Vulnerable code not present)

More information about the Secure-testing-commits mailing list