Author: derevko-guest
Date: 2009-12-22 20:26:39 +0000 (Tue, 22 Dec 2009)
New Revision: 13625
Modified:
data/CVE/list
Log:
kvm issues triage
Modified: data/CVE/list
==================================================================---
data/CVE/list 2009-12-22 13:28:40 UTC (rev 13624)
+++ data/CVE/list 2009-12-22 20:26:39 UTC (rev 13625)
@@ -1157,6 +1157,7 @@
[lenny] - linux-2.6 <not-affected> (vulnerable code not present)
- linux-2.6.24 <not-affected> (kvm introduced in 2.6.25)
- kvm 88+dfsg-2 (medium; bug #557736)
+ [lenny] - kvm <not-affected> (vulnerable code not present)
NOTE:
http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git;a=commitdiff;h=a9e38c3e01ad242fe2a625354cf065c34b01e3aa
CVE-2009-3937 (Memory leak in Solaris TCP sockets in Sun OpenSolaris snv_106
through ...)
NOT-FOR-US: Sun OpenSolaris
@@ -31313,13 +31314,13 @@
CVE-2007-5730 (Heap-based buffer overflow in QEMU 0.8.2, as used in Xen and
possibly ...)
{DSA-1284-1}
- qemu 0.9.0-2 (bug #424070)
- - kvm 72+dfsg-5
+ - kvm 72+dfsg-1
- linux-2.6 <not-affected> (vulnerability does not affected kernel
module)
- linux-2.6.24 <not-affected> (vulnerability does not affected kernel
module)
CVE-2007-5729 (The NE2000 emulator in QEMU 0.8.2 allows local users to execute
...)
{DSA-1284-1}
- qemu 0.9.0-2 (bug #424070)
- - kvm 72+dfsg-5
+ - kvm 72+dfsg-1
- linux-2.6 <not-affected> (vulnerability does not affected kernel
module)
- linux-2.6.24 <not-affected> (vulnerability does not affected kernel
module)
CVE-2007-5728 (Cross-site scripting (XSS) vulnerability in phpPgAdmin 3.5 to
4.1.1, ...)