[Secure-testing-commits] r56977 - data/CVE

Thu, 26 Oct 2017 02:47:04 -0700 

Author: jmm
Date: 2017-10-26 09:46:47 +0000 (Thu, 26 Oct 2017)
New Revision: 56977

Modified:
   data/CVE/list
Log:
openvswitch fixed in experimental


Modified: data/CVE/list
===================================================================
--- data/CVE/list       2017-10-26 09:45:04 UTC (rev 56976)
+++ data/CVE/list       2017-10-26 09:46:47 UTC (rev 56977)
@@ -2356,6 +2356,7 @@
        NOT-FOR-US: InFocus Mondopad
 CVE-2017-14970 (In lib/ofp-util.c in Open vSwitch (OvS) before 2.8.1, there 
are ...)
        - openvswitch <unfixed> (unimportant; bug #877543)
+       [experimental] - openvswitch 2.8.1+dfsg1-1
        NOTE: 
https://mail.openvswitch.org/pipermail/ovs-dev/2017-September/339085.html
        NOTE: 
https://mail.openvswitch.org/pipermail/ovs-dev/2017-September/339086.html
        NOTE: Not considered a security issue by upstream, see #877543
@@ -18795,18 +18796,21 @@
        RESERVED
 CVE-2017-9265 (In Open vSwitch (OvS) v2.7.0, there is a buffer over-read while 
parsing ...)
        - openvswitch <unfixed> (unimportant; bug #863662)
+       [experimental] - openvswitch 2.8.1+dfsg1-1
        [jessie] - openvswitch <not-affected> (Vulnerable code not present)
        [wheezy] - openvswitch <not-affected> (Vulnerable code not present)
        NOTE: 
https://mail.openvswitch.org/pipermail/ovs-dev/2017-May/332965.html
        NOTE: OpenFlow 1.5 support still incomplete
 CVE-2017-9264 (In lib/conntrack.c in the firewall implementation in Open 
vSwitch (OvS) ...)
        - openvswitch <unfixed> (unimportant; bug #863661)
+       [experimental] - openvswitch 2.8.1+dfsg1-1
        [jessie] - openvswitch <not-affected> (Vulnerable code not present; 
connection tracking support introduced in 2.6.0)
        [wheezy] - openvswitch <not-affected> (Vulnerable code not present; 
connection tracking support introduced in 2.6.0)
        NOTE: 
https://mail.openvswitch.org/pipermail/ovs-dev/2017-March/329323.html
        NOTE: Userspace data path not enabled in Debian packaging
 CVE-2017-9263 (In Open vSwitch (OvS) 2.7.0, while parsing an OpenFlow role 
status ...)
        - openvswitch <unfixed> (unimportant; bug #863655)
+       [experimental] - openvswitch 2.8.1+dfsg1-1
        [jessie] - openvswitch <not-affected> (No controllers implemented, cf. 
#863655)
        [wheezy] - openvswitch <not-affected> (No controllers implemented, cf. 
#863655)
        NOTE: 
https://mail.openvswitch.org/pipermail/ovs-dev/2017-May/332966.html
@@ -19028,6 +19032,7 @@
        RESERVED
 CVE-2017-9214 (In Open vSwitch (OvS) 2.7.0, while parsing an ...)
        - openvswitch <unfixed> (bug #863228)
+       [experimental] - openvswitch 2.8.1+dfsg1-1
        [stretch] - openvswitch <no-dsa> (Minor issue)
        [jessie] - openvswitch <not-affected> (Vulnerable code not present)
        [wheezy] - openvswitch <not-affected> (Vulnerable code not present)


_______________________________________________
Secure-testing-commits mailing list
Secure-testing-commits@lists.alioth.debian.org
http://lists.alioth.debian.org/cgi-bin/mailman/listinfo/secure-testing-commits

Reply via email to