Author: carnil
Date: 2015-07-30 06:57:55 +0000 (Thu, 30 Jul 2015)
New Revision: 35789
Modified:
data/CVE/list
Log:
Three more CVEs for openafs
Modified: data/CVE/list
===================================================================
--- data/CVE/list 2015-07-30 06:54:58 UTC (rev 35788)
+++ data/CVE/list 2015-07-30 06:57:55 UTC (rev 35789)
@@ -6163,12 +6163,18 @@
[wheezy] - glance <not-affected> (Vulnerable code introduced later)
CVE-2015-3288
RESERVED
-CVE-2015-3287
+CVE-2015-3287 [Buffer overflow in OpenAFS vlserver]
RESERVED
-CVE-2015-3286
+ - openafs <unfixed>
+ NOTE: http://www.openafs.org/pages/security/OPENAFS-SA-2015-006.txt
+CVE-2015-3286 [Solaris grouplist modifications for PAGs can panic or overwrite
memory]
RESERVED
-CVE-2015-3285
+ - openafs <not-affected> (The Solaris kernel extension in versions
through 1.6.12)
+ NOTE: http://www.openafs.org/pages/security/OPENAFS-SA-2015-005.txt
+CVE-2015-3285 [kernel pioctl support for OSD command passing can trigger a
panic]
RESERVED
+ - openafs <unfixed>
+ NOTE: http://www.openafs.org/pages/security/OPENAFS-SA-2015-004.txt
CVE-2015-3284 [pioctls leak kernel memory contents]
RESERVED
- openafs <unfixed>
_______________________________________________
Secure-testing-commits mailing list
Secure-testing-commits@lists.alioth.debian.org
http://lists.alioth.debian.org/cgi-bin/mailman/listinfo/secure-testing-commits
