[Secure-testing-commits] r45308 - data/CVE

Salvatore Bonaccorso Fri, 14 Oct 2016 08:11:23 -0700

Author: carnil
Date: 2016-10-14 15:10:55 +0000 (Fri, 14 Oct 2016)
New Revision: 45308


Modified:
   data/CVE/list
Log:
Update status for CVE-2016-7466 as confirmed by maintainer

Modified: data/CVE/list
===================================================================
--- data/CVE/list       2016-10-14 13:51:29 UTC (rev 45307)
+++ data/CVE/list       2016-10-14 15:10:55 UTC (rev 45308)
@@ -833,13 +833,14 @@
 CVE-2016-7466 [usb: xhci memory leakage during device unplug]
        RESERVED
        - qemu <unfixed> (bug #838687)
-       - qemu-kvm <removed>
+       [jessie] - qemu <not-affected> (Introduced in v2.2.0-rc0)
+       [wheezy] - qemu <not-affected> (Introduced in v2.2.0-rc0)
+       - qemu-kvm <not-affected> (Introduced in v2.2.0-rc0)
        NOTE: 
https://lists.gnu.org/archive/html/qemu-devel/2016-09/msg02773.html
        NOTE: Fixed by: 
http://git.qemu.org/?p=qemu.git;a=commit;h=b53dd4495ced2432a0b652ea895e651d07336f7e
        NOTE: The usb_xhci_exit and thus the patched code was introduced in:
        NOTE: 
http://git.qemu.org/?p=qemu.git;a=commit;h=53c30545fb34c43c84d62ea1c2b0dc6b53303c34
 (v2.2.0-rc0)
        NOTE: http://www.openwall.com/lists/oss-security/2016/09/19/8
-       TODO: check if older versions are affected even due to lack of 
usb_xhci_exit
 CVE-2016-8280 (Directory traversal vulnerability in Huawei eSight before ...)
        TODO: check
 CVE-2016-8279 (The video driver in Huawei Mate S smartphones with software 
CRR-TL00 ...)


_______________________________________________
Secure-testing-commits mailing list
Secure-testing-commits@lists.alioth.debian.org
http://lists.alioth.debian.org/cgi-bin/mailman/listinfo/secure-testing-commits

[Secure-testing-commits] r45308 - data/CVE

Reply via email to