[Secure-testing-commits] r57069 - data/CVE

Salvatore Bonaccorso carnil at moszumanska.debian.org
Sat Oct 28 12:33:35 UTC 2017 

Author: carnil
Date: 2017-10-28 12:33:35 +0000 (Sat, 28 Oct 2017)
New Revision: 57069

Modified:
   data/CVE/list
Log:
Reorder some entries (only for readability)

Modified: data/CVE/list
===================================================================
--- data/CVE/list	2017-10-28 12:33:24 UTC (rev 57068)
+++ data/CVE/list	2017-10-28 12:33:35 UTC (rev 57069)
@@ -2481,8 +2481,8 @@
 CVE-2017-14971 (Infocus Mondopad 2.2.08 is vulnerable to a Hashed Credential Disclosure ...)
 	NOT-FOR-US: InFocus Mondopad
 CVE-2017-14970 (In lib/ofp-util.c in Open vSwitch (OvS) before 2.8.1, there are ...)
+	[experimental] - openvswitch 2.8.1+dfsg1-1
 	- openvswitch <unfixed> (unimportant; bug #877543)
-	[experimental] - openvswitch 2.8.1+dfsg1-1
 	NOTE: https://mail.openvswitch.org/pipermail/ovs-dev/2017-September/339085.html
 	NOTE: https://mail.openvswitch.org/pipermail/ovs-dev/2017-September/339086.html
 	NOTE: Not considered a security issue by upstream, see #877543
@@ -18945,22 +18945,22 @@
 CVE-2017-9266
 	RESERVED
 CVE-2017-9265 (In Open vSwitch (OvS) v2.7.0, there is a buffer over-read while parsing ...)
+	[experimental] - openvswitch 2.8.1+dfsg1-1
 	- openvswitch <unfixed> (unimportant; bug #863662)
-	[experimental] - openvswitch 2.8.1+dfsg1-1
 	[jessie] - openvswitch <not-affected> (Vulnerable code not present)
 	[wheezy] - openvswitch <not-affected> (Vulnerable code not present)
 	NOTE: https://mail.openvswitch.org/pipermail/ovs-dev/2017-May/332965.html
 	NOTE: OpenFlow 1.5 support still incomplete
 CVE-2017-9264 (In lib/conntrack.c in the firewall implementation in Open vSwitch (OvS) ...)
+	[experimental] - openvswitch 2.8.1+dfsg1-1
 	- openvswitch <unfixed> (unimportant; bug #863661)
-	[experimental] - openvswitch 2.8.1+dfsg1-1
 	[jessie] - openvswitch <not-affected> (Vulnerable code not present; connection tracking support introduced in 2.6.0)
 	[wheezy] - openvswitch <not-affected> (Vulnerable code not present; connection tracking support introduced in 2.6.0)
 	NOTE: https://mail.openvswitch.org/pipermail/ovs-dev/2017-March/329323.html
 	NOTE: Userspace data path not enabled in Debian packaging
 CVE-2017-9263 (In Open vSwitch (OvS) 2.7.0, while parsing an OpenFlow role status ...)
+	[experimental] - openvswitch 2.8.1+dfsg1-1
 	- openvswitch <unfixed> (unimportant; bug #863655)
-	[experimental] - openvswitch 2.8.1+dfsg1-1
 	[jessie] - openvswitch <not-affected> (No controllers implemented, cf. #863655)
 	[wheezy] - openvswitch <not-affected> (No controllers implemented, cf. #863655)
 	NOTE: https://mail.openvswitch.org/pipermail/ovs-dev/2017-May/332966.html
@@ -19181,8 +19181,8 @@
 CVE-2017-9215
 	RESERVED
 CVE-2017-9214 (In Open vSwitch (OvS) 2.7.0, while parsing an ...)
+	[experimental] - openvswitch 2.8.1+dfsg1-1
 	- openvswitch <unfixed> (bug #863228)
-	[experimental] - openvswitch 2.8.1+dfsg1-1
 	[stretch] - openvswitch <no-dsa> (Minor issue)
 	[jessie] - openvswitch <not-affected> (Vulnerable code not present)
 	[wheezy] - openvswitch <not-affected> (Vulnerable code not present)

More information about the Secure-testing-commits mailing list