[Git][security-tracker-team/security-tracker][master] Add workaround entry for XSA-206 and remove no-dsa tagged entries with an update
Salvatore Bonaccorso
carnil at debian.org
Wed Sep 5 12:58:05 BST 2018
Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker
Commits:
73790b6f by Salvatore Bonaccorso at 2018-09-05T10:40:15Z
Add workaround entry for XSA-206 and remove no-dsa tagged entries with an update
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -79302,12 +79302,11 @@ CVE-2017-5995 (The NetApp ONTAP Select Deploy administration utility 2.0 through
NOT-FOR-US: NetApp ONTAP Select Deploy administration utility
CVE-2017-14431 (Memory leak in Xen 3.3 through 4.8.x allows guest OS users to cause a ...)
- xen 4.8.1-1 (bug #856229)
- [jessie] - xen <no-dsa> (Minor issue)
[wheezy] - xen <no-dsa> (Minor issue)
NOTE: https://xenbits.xen.org/xsa/advisory-207.html
CVE-2017-XXXX [XSA-206: xenstore denial of service via repeated update]
- xen 4.8.1-1 (bug #860565)
- [jessie] - xen <ignored> (Too intrusive to backport)
+ [jessie] - xen 4.4.4lts1-0+deb8u1
[wheezy] - xen <ignored> (Too intrusive to backport)
NOTE: https://xenbits.xen.org/xsa/advisory-206.html
CVE-2017-5994 (Heap-based buffer overflow in the vrend_create_vertex_elements_state ...)
@@ -111392,7 +111391,6 @@ CVE-2016-5026 (hs.py in OnionShare before 0.9.1 allows local users to modify the
NOTE: Neutralised by kernel hardening (also contrib and non-free not supported)
CVE-2016-4963 (The libxl device-handling in Xen through 4.6.x allows local guest OS ...)
- xen 4.8.0~rc3-1
- [jessie] - xen <ignored> (Minor issue, too intrusive to backport)
[wheezy] - xen <no-dsa> (Minor issue, too intrusive to backport, libvirt doesn't have libxl driver enabled)
NOTE: http://xenbits.xen.org/xsa/advisory-178.html
CVE-2016-4962 (The libxl device-handling in Xen 4.6.x and earlier allows local OS ...)
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/73790b6f0cc9ed7f3362476d0d08338af65f4784
--
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/73790b6f0cc9ed7f3362476d0d08338af65f4784
You're receiving this email because of your account on salsa.debian.org.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20180905/8b129b11/attachment.html>
More information about the debian-security-tracker-commits
mailing list