Author: jmm
Date: 2014-11-13 12:34:58 +0000 (Thu, 13 Nov 2014)
New Revision: 30025
Modified:
data/CVE/list
Log:
workaround for jessie and older kfreebsd releases
Modified: data/CVE/list
===================================================================
--- data/CVE/list 2014-11-13 11:46:50 UTC (rev 30024)
+++ data/CVE/list 2014-11-13 12:34:58 UTC (rev 30025)
@@ -17,27 +17,22 @@
- wireshark <unfixed>
NOTE: https://www.wireshark.org/security/wnpa-sec-2014-23.html
NOTE: Versions 1.12.0 to 1.12.1, and 1.10.0 to 1.10.10. It is fixed in
versions 1.12.2 and 1.10.11.
- TODO: check
CVE-2014-8713 [NCP dissector crashes]
- wireshark <unfixed>
NOTE: https://www.wireshark.org/security/wnpa-sec-2014-22.html
NOTE: Versions 1.12.0 to 1.12.1, and 1.10.0 to 1.10.10. It is fixed in
versions 1.12.2 and 1.10.11.
- TODO: check
CVE-2014-8712 [NCP dissector crashes]
- wireshark <unfixed>
NOTE: https://www.wireshark.org/security/wnpa-sec-2014-22.html
NOTE: Versions 1.12.0 to 1.12.1, and 1.10.0 to 1.10.10. It is fixed in
versions 1.12.2 and 1.10.11.
- TODO: check
CVE-2014-8711 [AMQP dissector crash]
- wireshark <unfixed>
NOTE: https://www.wireshark.org/security/wnpa-sec-2014-21.html
NOTE: Versions 1.12.0 to 1.12.1, and 1.10.0 to 1.10.10. It is fixed in
versions 1.12.2 and 1.10.11.
- TODO: check
CVE-2014-8710 [SigComp dissector crash]
- wireshark <unfixed>
NOTE: https://www.wireshark.org/security/wnpa-sec-2014-20.html
NOTE: Versions 1.10.0 to 1.10.10. It is fixed in versions 1.12.2 and
1.10.11.
- TODO: check
CVE-2014-8709 [mac80211 plain text leak]
- linux 3.14.2-1
[wheezy] - linux 3.2.57-1
@@ -372,6 +367,8 @@
- kfreebsd-10 <unfixed> (bug #768108)
- kfreebsd-9 <removed> (bug #768104)
- kfreebsd-8 <removed> (bug #768106)
+ [jessie] - kfreebsd-9 <not-affected> (Kfreebsd 8/9 not present in
jessie, workaround for #769128)
+ [jessie] - kfreebsd-8 <not-affected> (Kfreebsd 8/9 not present in
jessie, workaround for #769128)
[wheezy] - kfreebsd-8 <no-dsa> (kfreebsd-8 only a test kernel, can be
fixed in a point release)
[squeeze] - kfreebsd-8 <end-of-life> (Unsupported in squeeze-lts)
NOTE:
http://security.FreeBSD.org/advisories/FreeBSD-SA-14:25.setlogin.asc
@@ -10826,6 +10823,8 @@
- kfreebsd-8 <removed>
[wheezy] - kfreebsd-8 <no-dsa> (kfreebsd-8 only a test kernel, will be
fixed in a point update)
[squeeze] - kfreebsd-8 <end-of-life> (Unsupported in squeeze-lts)
+ [jessie] - kfreebsd-9 <not-affected> (Kfreebsd 8/9 not present in
jessie, workaround for #769128)
+ [jessie] - kfreebsd-8 <not-affected> (Kfreebsd 8/9 not present in
jessie, workaround for #769128)
- kfreebsd-9 <removed> (bug #754237)
- kfreebsd-10 10.1~svn272463-1
CVE-2014-3952 (FreeBSD 8.4 before p14, 9.1 before p17, 9.2 before p10, and
10.0 ...)
@@ -10833,6 +10832,8 @@
- kfreebsd-8 <removed>
[squeeze] - kfreebsd-8 <end-of-life> (Unsupported in squeeze-lts)
[wheezy] - kfreebsd-8 <no-dsa> (kfreebsd-8 only a test kernel, will be
fixed in a point update)
+ [jessie] - kfreebsd-9 <not-affected> (Kfreebsd 8/9 not present in
jessie, workaround for #769128)
+ [jessie] - kfreebsd-8 <not-affected> (Kfreebsd 8/9 not present in
jessie, workaround for #769128)
- kfreebsd-9 <removed> (bug #754236)
- kfreebsd-10 10.1~svn272463-1
CVE-2014-3951 (The HZ module in the iconv implementation in FreeBSD 10.0
before p6 ...)
@@ -11006,6 +11007,8 @@
- kfreebsd-8 <removed>
[wheezy] - kfreebsd-8 <no-dsa> (Will be fixed in a point update)
[squeeze] - kfreebsd-8 <end-of-life> (Unsupported in squeeze-lts)
+ [jessie] - kfreebsd-9 <not-affected> (Kfreebsd 8/9 not present in
jessie, workaround for #769128)
+ [jessie] - kfreebsd-8 <not-affected> (Kfreebsd 8/9 not present in
jessie, workaround for #769128)
- kfreebsd-9 <removed>
- kfreebsd-10 10.0-6
CVE-2014-3879
@@ -11033,6 +11036,8 @@
CVE-2014-3873 (The ktrace utility in the FreeBSD kernel 8.4 before p11, 9.1
before ...)
- kfreebsd-8 <removed>
- kfreebsd-9 <removed> (bug #750493)
+ [jessie] - kfreebsd-9 <not-affected> (Kfreebsd 8/9 not present in
jessie, workaround for #769128)
+ [jessie] - kfreebsd-8 <not-affected> (Kfreebsd 8/9 not present in
jessie, workaround for #769128)
[squeeze] - kfreebsd-8 <end-of-life> (Unsupported in squeeze-lts)
[wheezy] - kfreebsd-9 <not-affected> (introduced by the merge of
r237663)
[wheezy] - kfreebsd-8 <no-dsa> (Non standard kernel, will be fixed in a
point update)
@@ -13598,6 +13603,8 @@
- kfreebsd-10 10.0-5 (bug #746949)
- kfreebsd-9 <removed> (bug #746951)
- kfreebsd-8 <removed> (bug #746952)
+ [jessie] - kfreebsd-9 <not-affected> (Kfreebsd 8/9 not present in
jessie, workaround for #769128)
+ [jessie] - kfreebsd-8 <not-affected> (Kfreebsd 8/9 not present in
jessie, workaround for #769128)
[wheezy] - kfreebsd-8 <no-dsa> (Non standard kernel, will be fixed in a
point update)
[squeeze] - kfreebsd-8 <end-of-life> (Unsupported in squeeze-lts)
CVE-2014-2999
@@ -18250,6 +18257,8 @@
CVE-2014-1453 (The NFS server (nfsserver) in FreeBSD 8.3 through 10.0 does not
...)
{DSA-2952-1}
- kfreebsd-8 <removed>
+ [jessie] - kfreebsd-9 <not-affected> (Kfreebsd 8/9 not present in
jessie, workaround for #769128)
+ [jessie] - kfreebsd-8 <not-affected> (Kfreebsd 8/9 not present in
jessie, workaround for #769128)
[wheezy] - kfreebsd-8 <no-dsa> (Non standard kernel, will be fixed in a
point update)
[squeeze] - kfreebsd-8 <end-of-life> (Unsupported in squeeze-lts)
- kfreebsd-9 <removed> (bug #743984)
@@ -25652,6 +25661,7 @@
{DSA-2769-1}
- kfreebsd-9 9.2~svn255465-1 (bug #722337)
- kfreebsd-8 <removed>
+ [jessie] - kfreebsd-8 <not-affected> (Kfreebsd 8/9 not present in
jessie, workaround for #769128)
[squeeze] - kfreebsd-8 <end-of-life> (Unsupported in squeeze-lts)
[wheezy] - kfreebsd-8 8.3-6+deb7u1
CVE-2013-5709 (The authentication implementation in the web server on Siemens
...)
@@ -25704,6 +25714,7 @@
CVE-2013-5691 (The (1) IPv6 and (2) ATM ioctl request handlers in the kernel
in ...)
{DSA-2769-1}
- kfreebsd-9 9.2~svn255465-1 (bug #722338)
+ [jessie] - kfreebsd-8 <not-affected> (Kfreebsd 8/9 not present in
jessie, workaround for #769128)
- kfreebsd-8 <removed>
[squeeze] - kfreebsd-8 <end-of-life> (Unsupported in squeeze-lts)
[wheezy] - kfreebsd-8 8.3-6+deb7u1
_______________________________________________
Secure-testing-commits mailing list
[email protected]
http://lists.alioth.debian.org/cgi-bin/mailman/listinfo/secure-testing-commits
