[Secure-testing-commits] r24083 - data/CVE

Salvatore Bonaccorso Sun, 20 Oct 2013 13:32:05 -0700

Author: carnil
Date: 2013-10-20 20:31:09 +0000 (Sun, 20 Oct 2013)
New Revision: 24083


Modified:
   data/CVE/list
Log:
Add fixed version for linux/3.11.5-1 upload to unstable

Modified: data/CVE/list
===================================================================
--- data/CVE/list       2013-10-20 20:19:24 UTC (rev 24082)
+++ data/CVE/list       2013-10-20 20:31:09 UTC (rev 24083)
@@ -3922,7 +3922,7 @@
        NOTE: 
http://git.videolan.org/?p=vlc.git;a=commitdiff;h=9794ec1cd268c04c8bca13a5fae15df6594dff3e
 CVE-2013-4387 (net/ipv6/ip6_output.c in the Linux kernel through 3.11.4 does 
not ...)
        - linux-2.6 <removed>
-       - linux <unfixed>
+       - linux 3.11.5-1
 CVE-2013-4386
        RESERVED
 CVE-2013-4385 (Buffer overflow in the &quot;read-string!&quot; procedure in 
the &quot;extras&quot; unit ...)
@@ -4056,7 +4056,7 @@
        - gnupg2 2.0.22-1 (low; bug #722724)
 CVE-2013-4350 (The IPv6 SCTP implementation in net/sctp/ipv6.c in the Linux 
kernel ...)
        - linux-2.6 <removed>
-       - linux <unfixed>
+       - linux 3.11.5-1
        NOTE: http://www.openwall.com/lists/oss-security/2013/09/13/2
        NOTE: 
http://git.kernel.org/cgit/linux/kernel/git/davem/net.git/commit/?id=95ee62083cb6453e056562d91f597552021e6ae7
 CVE-2013-4349 [IcedTeaScriptableJavaObject::invoke off-by-one heap-based 
buffer overflow]
@@ -4081,7 +4081,7 @@
        NOTE: https://github.com/simplegeo/python-oauth2/issues/129
 CVE-2013-4345 (Off-by-one error in the get_prng_bytes function in 
crypto/ansi_cprng.c ...)
        - linux-2.6 <removed>
-       - linux <unfixed>
+       - linux 3.11.5-1
 CVE-2013-4344 (Buffer overflow in the SCSI implementation in QEMU, as used in 
Xen, ...)
        - xen 4.2-1
        - qemu 1.6.0+dfsg-2 (unimportant; bug #725944)
@@ -4092,7 +4092,7 @@
        NOTE: Xen in Wheezy includes qemu
        NOTE: Xen after Wheezy uses qemu-system-x86 from qemu, marking 4.2 as 
pseudo fixed
 CVE-2013-4343 (Use-after-free vulnerability in drivers/net/tun.c in the Linux 
kernel ...)
-       - linux <unfixed>
+       - linux 3.11.5-1
        [wheezy] - linux <not-affected> (Introduced in 3.8)
        - linux-2.6 <not-affected> (Introduced in 3.8)
 CVE-2013-4342 (xinetd does not enforce the user and group configuration 
directives ...)
@@ -7658,21 +7658,21 @@
        [wheezy] - linux <not-affected> (driver introduced in 3.7)
        - linux-2.6 <not-affected> (driver introduced in 3.7)
 CVE-2013-2897 (Multiple array index errors in drivers/hid/hid-multitouch.c in 
the ...)
-       - linux <unfixed> (low)
+       - linux 3.11.5-1 (low)
        - linux-2.6 <not-affected> (driver introduced in 2.6.38)
 CVE-2013-2896 (drivers/hid/hid-ntrig.c in the Human Interface Device (HID) 
subsystem ...)
        - linux 3.10.11-1 (low)
        [wheezy] - linux 3.2.51-1
        - linux-2.6 <not-affected> (Vulnerable feature probing code not present)
 CVE-2013-2895 (drivers/hid/hid-logitech-dj.c in the Human Interface Device 
(HID) ...)
-       - linux <unfixed> (low)
+       - linux 3.11.5-1 (low)
        - linux-2.6 <not-affected> (driver introduced in 3.2)
 CVE-2013-2894 (drivers/hid/hid-lenovo-tpkbd.c in the Human Interface Device 
(HID) ...)
-       - linux <unfixed> (low)
+       - linux 3.11.5-1 (low)
        [wheezy] - linux <not-affected> (driver introduced in 3.6)
        - linux-2.6 <not-affected> (driver introduced in 3.6)
 CVE-2013-2893 (The Human Interface Device (HID) subsystem in the Linux kernel 
through ...)
-       - linux <unfixed> (low)
+       - linux 3.11.5-1 (low)
        - linux-2.6 <removed> (low)
 CVE-2013-2892 (drivers/hid/hid-pl.c in the Human Interface Device (HID) 
subsystem in ...)
        {DSA-2766-1}
@@ -7680,14 +7680,14 @@
        [wheezy] - linux 3.2.51-1
        - linux-2.6 <removed> (low)
 CVE-2013-2891 (drivers/hid/hid-steelseries.c in the Human Interface Device 
(HID) ...)
-       - linux <unfixed> (low)
+       - linux 3.11.5-1 (low)
        [wheezy] - linux <not-affected> (steelseries driver introduced in 3.9)
        - linux-2.6 <not-affected> (steelseries driver introduced in 3.9)
 CVE-2013-2890 (drivers/hid/hid-sony.c in the Human Interface Device (HID) 
subsystem ...)
        - linux <not-affected> (buzz driver introduced in 3.11 cycle, only in 
experimental)
        - linux-2.6 <not-affected> (buzz driver introduced in 3.11 cycle)
 CVE-2013-2889 (drivers/hid/hid-zpff.c in the Human Interface Device (HID) 
subsystem ...)
-       - linux <unfixed> (low)
+       - linux 3.11.5-1 (low)
        - linux-2.6 <removed> (low)
 CVE-2013-2888 (Multiple array index errors in drivers/hid/hid-core.c in the 
Human ...)
        {DSA-2766-1}
@@ -9760,7 +9760,7 @@
        - linux 3.9.8-1 (low)
 CVE-2013-2147 (The HP Smart Array controller disk-array driver and Compaq 
SMART2 ...)
        - linux-2.6 <removed> (low)
-       - linux <unfixed> (low)
+       - linux 3.11.5-1 (low)
 CVE-2013-2146 (arch/x86/kernel/cpu/perf_event_intel.c in the Linux kernel 
before ...)
        - linux-2.6 <not-affected> (Introduced in 3.1)
        - linux 3.9.4-1


_______________________________________________
Secure-testing-commits mailing list
Secure-testing-commits@lists.alioth.debian.org
http://lists.alioth.debian.org/cgi-bin/mailman/listinfo/secure-testing-commits

[Secure-testing-commits] r24083 - data/CVE

Reply via email to