[Secure-testing-commits] r46633 - data/CVE

Tue, 29 Nov 2016 00:47:38 -0800 

Author: hle
Date: 2016-11-29 08:47:12 +0000 (Tue, 29 Nov 2016)
New Revision: 46633

Modified:
   data/CVE/list
Log:
CVE triage for Xen in wheezy.

Modified: data/CVE/list
===================================================================
--- data/CVE/list       2016-11-29 07:30:50 UTC (rev 46632)
+++ data/CVE/list       2016-11-29 08:47:12 UTC (rev 46633)
@@ -82866,6 +82866,8 @@
        - qemu-kvm <removed>
        [squeeze] - qemu <end-of-life> (Unsupported in squeeze-lts)
        [squeeze] - qemu-kvm <end-of-life> (Unsupported in squeeze-lts)
+       - xen 4.4.0-1
+       NOTE: Xen switched to qemu-system in 4.4.0-1
        NOTE: 
https://lists.gnu.org/archive/html/qemu-devel/2014-05/msg02156.html
 CVE-2014-0222 (Integer overflow in the qcow_open function in block/qcow.c in 
QEMU ...)
        {DSA-3045-1 DSA-3044-1}
@@ -82873,6 +82875,8 @@
        - qemu-kvm <removed>
        [squeeze] - qemu <end-of-life> (Unsupported in squeeze-lts)
        [squeeze] - qemu-kvm <end-of-life> (Unsupported in squeeze-lts)
+       - xen 4.4.0-1
+       NOTE: Xen switched to qemu-system in 4.4.0-1
        NOTE: 
https://lists.gnu.org/archive/html/qemu-devel/2014-05/msg02155.html
 CVE-2014-0221 (The dtls1_get_message_fragment function in d1_both.c in OpenSSL 
before ...)
        {DSA-2950-1 DLA-0003-1}
@@ -83150,6 +83154,9 @@
        - qemu-kvm <removed>
        [squeeze] - qemu <end-of-life> (Unsupported in squeeze-lts)
        [squeeze] - qemu-kvm <end-of-life> (Unsupported in squeeze-lts)
+       - xen 4.4.0-1
+       NOTE: Xen switched to qemu-system in 4.4.0-1
+        NOTE: Upstream commit: 
http://git.qemu.org/?p=qemu.git;a=commit;h=11b128f4062dd7f89b14abc8877ff20d41b28be9
 CVE-2014-0145
        RESERVED
        {DSA-3045-1 DSA-3044-1}
@@ -89805,6 +89812,8 @@
        [wheezy] - qemu-kvm <no-dsa> (Minor issue, hardly exploitable in 
practice)
        - qemu-kvm <removed> (low)
        [squeeze] - qemu-kvm <no-dsa> (Minor issue, hardly exploitable in 
practice)
+       - xen 4.4.0-1
+       NOTE: Xen switched to qemu-system in 4.4.0-1
 CVE-2013-4531 (Buffer overflow in target-arm/machine.c in QEMU before 1.7.2 
allows ...)
        - qemu 2.1+dfsg-1 (low; bug #739589)
        [wheezy] - qemu <no-dsa> (Minor issue, hardly exploitable in practice)


_______________________________________________
Secure-testing-commits mailing list
Secure-testing-commits@lists.alioth.debian.org
http://lists.alioth.debian.org/cgi-bin/mailman/listinfo/secure-testing-commits

Reply via email to