diff options
| author | Moritz Muehlenhoff <jmm@debian.org> | 2016-11-08 11:40:58 +0000 |
|---|---|---|
| committer | Moritz Muehlenhoff <jmm@debian.org> | 2016-11-08 11:40:58 +0000 |
| commit | 6597b5d1afe973f0c7d1a28526b0d54de04f8da2 (patch) | |
| tree | 4b5b79b37d63f71979a40bcaa7e90c1659085767 | |
| parent | 3150a9f8452317a343645e71d4db3e11bdaac9a6 (diff) | |
initial set of xen fixed in sid
sudo no-dsa
git-svn-id: svn+ssh://svn.debian.org/svn/secure-testing@46060 e39458fd-73e7-0310-bf30-c45bca0a0e42
| -rw-r--r-- | data/CVE/list | 8 |
1 files changed, 5 insertions, 3 deletions
diff --git a/data/CVE/list b/data/CVE/list index 370440ef78..9a0cad2663 100644 --- a/data/CVE/list +++ b/data/CVE/list @@ -4624,7 +4624,7 @@ CVE-2016-7778 RESERVED CVE-2016-7777 (Xen 4.7.x and earlier does not properly honor CR0.TS and CR0.EM, which ...) {DLA-699-1} - - xen <unfixed> + - xen 4.8.0~rc3-1 NOTE: http://xenbits.xen.org/xsa/advisory-190.html CVE-2016-7776 RESERVED @@ -6462,7 +6462,7 @@ CVE-2016-7093 (Xen 4.5.3, 4.6.3, and 4.7.x allow local HVM guest OS administrato NOTE: http://xenbits.xen.org/xsa/advisory-186.html CVE-2016-7092 (The get_page_from_l3e function in arch/x86/mm.c in Xen allows local ...) {DSA-3663-1 DLA-614-1} - - xen <unfixed> + - xen 4.8.0~rc3-1 NOTE: http://xenbits.xen.org/xsa/advisory-185.html CVE-2016-7090 (The integrated web server on Siemens SCALANCE M-800 and S615 modules ...) NOT-FOR-US: Siemens @@ -6520,6 +6520,7 @@ CVE-2016-7077 CVE-2016-7076 [noexec bypass via wordexp()] RESERVED - sudo <unfixed> (bug #842507) + [jessie] - sudo <no-dsa> (Minor issue) NOTE: https://www.sudo.ws/alerts/noexec_wordexp.html NOTE: https://www.sudo.ws/repos/sudo/rev/e7d09243e51b NOTE: https://www.sudo.ws/repos/sudo/rev/7b8357b0a358 @@ -6648,6 +6649,7 @@ CVE-2016-7033 (Multiple cross-site scripting (XSS) vulnerabilities in the admin CVE-2016-7032 [noexec bypass via system() and popen()] RESERVED - sudo 1.8.15-1 + [jessie] - sudo <no-dsa> (Minor issue) NOTE: https://www.sudo.ws/alerts/noexec_bypass.html NOTE: This CVE is for the bypass via system() and popen(). The wordpexp() bypass NOTE: is tracked under CVE-2016-7076. @@ -9163,7 +9165,7 @@ CVE-2016-6266 CVE-2016-6260 RESERVED CVE-2016-6259 (Xen 4.5.x through 4.7.x do not implement Supervisor Mode Access ...) - - xen <unfixed> + - xen 4.8.0~rc3-1 [jessie] - xen <not-affected> (Only affects 4.5 and later) [wheezy] - xen <not-affected> (Only affects 4.5 and later) NOTE: http://xenbits.xen.org/xsa/advisory-183.html |