Author: carnil
Date: 2016-05-28 07:55:20 +0000 (Sat, 28 May 2016)
New Revision: 42095
Modified:
data/CVE/list
Log:
Add bug references for qemu
Modified: data/CVE/list
===================================================================
--- data/CVE/list 2016-05-28 07:37:53 UTC (rev 42094)
+++ data/CVE/list 2016-05-28 07:55:20 UTC (rev 42095)
@@ -222,7 +222,7 @@
[wheezy] - asterisk <not-affected> (Only affects 13.x)
NOTE: http://downloads.asterisk.org/pub/security/AST-2016-005.html
CVE-2016-5107 [scsi: megasas: out-of-bounds read in megasas_lookup_frame()
function]
- - qemu <unfixed>
+ - qemu <unfixed> (bug #825616)
[jessie] - qemu <no-dsa> (Minor issue)
[wheezy] - qemu <not-affected> (Vulnerable code not present)
- qemu-kvm <not-affected> (Vulnerable code not present)
@@ -230,14 +230,14 @@
NOTE: Introduced after:
http://git.qemu.org/?p=qemu.git;a=commit;h=e8f943c3bcc2a578bfd30b825f2ebaf345c63a09
(v1.2.0-rc0)
NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=1336461
CVE-2016-5106 [scsi: megasas: out-of-bounds write while setting controller
properties]
- - qemu <unfixed>
+ - qemu <unfixed> (bug #825615)
[jessie] - qemu <no-dsa> (Minor issue)
[wheezy] - qemu <not-affected> (Vulnerable code not present)
- qemu-kvm <not-affected> (Vulnerable code not present)
NOTE: Introduced after:
http://git.qemu.org/?p=qemu.git;a=commit;h=e8f943c3bcc2a578bfd30b825f2ebaf345c63a09
(v1.2.0-rc0)
NOTE:
https://lists.gnu.org/archive/html/qemu-devel/2016-05/msg04340.html
CVE-2016-5105 [scsi: megasas: stack information leakage while reading
configuration]
- - qemu <unfixed>
+ - qemu <unfixed> (bug #825614)
[jessie] - qemu <no-dsa> (Minor issue)
[wheezy] - qemu <not-affected> (Vulnerable code not present)
- qemu-kvm <not-affected> (Vulnerable code not present)
_______________________________________________
Secure-testing-commits mailing list
Secure-testing-commits@lists.alioth.debian.org
http://lists.alioth.debian.org/cgi-bin/mailman/listinfo/secure-testing-commits
