Author: jmm
Date: 2017-01-14 15:56:00 +0000 (Sat, 14 Jan 2017)
New Revision: 48048
Modified:
data/CVE/list
Log:
drop qemu entry
glance issue mostly a shoot-your-self-in-the-foot scenario
Modified: data/CVE/list
===================================================================
--- data/CVE/list 2017-01-14 15:45:55 UTC (rev 48047)
+++ data/CVE/list 2017-01-14 15:56:00 UTC (rev 48048)
@@ -15494,8 +15494,7 @@
- libapache2-mod-cluster <itp> (bug #731410)
CVE-2016-8611 [Glance Image service v1 and v2 api image-create vulnerability]
RESERVED
- - glance <unfixed>
- [jessie] - glance <no-dsa> (Minor issue)
+ - glance <unfixed> (unimportant)
NOTE: http://www.openwall.com/lists/oss-security/2016/10/27/16
CVE-2016-8610 [SSL/TLS SSL3_AL_WARNING undefined alert DoS]
RESERVED
@@ -84518,15 +84517,11 @@
NOTE: Upstream commit:
https://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=9de7922bc709eee2f609cd01d98aaedc4cf5ea74
(v3.18-rc1)
CVE-2014-3672 (The qemu implementation in libvirt before 1.3.0 and Xen allows
local ...)
{DLA-571-1}
- - qemu <unfixed>
- [jessie] - qemu <no-dsa> (Minor issue)
- [wheezy] - qemu <no-dsa> (Minor issue)
- - qemu-kvm <removed>
- [wheezy] - qemu-kvm <no-dsa> (Minor issue)
- xen 4.4.0-1
NOTE: Xen switched to qemu-system in 4.4.0-1
NOTE: http://xenbits.xen.org/xsa/advisory-180.html
NOTE: Related hardening for libvirt:
https://libvirt.org/git/?p=libvirt.git;a=commit;h=0d968ad715475a1660779bcdd2c5b38ad63db4cf
+ NOTE: This is hardly a vulnerability in qemu per se, but rather a
problem of integrating qemu
CVE-2014-3671
REJECTED
CVE-2014-3670 (The exif_ifd_make_value function in exif.c in the EXIF
extension in ...)
_______________________________________________
Secure-testing-commits mailing list
Secure-testing-commits@lists.alioth.debian.org
http://lists.alioth.debian.org/cgi-bin/mailman/listinfo/secure-testing-commits
