<!DOCTYPE html PUBLIC "-//W3C//DTD HTML 4.0 Transitional//EN" "http://www.w3.org/TR/REC-html40/loose.dtd">

<html lang="en">

<head>

<meta content="text/html; charset=utf-8" http-equiv="Content-Type">

<title>

GitLab

</title>

<style>img {

max-width: 100%; height: auto;

}

</style>

</head>

<body>

<div class="content">

<h3>

Salvatore Bonaccorso pushed to branch master

at <a href="https://salsa.debian.org/security-tracker-team/security-tracker">Debian Security Tracker / security-tracker</a>

</h3>

<h4>

Commits:

</h4>

<ul>

<li>

<strong><a href="https://salsa.debian.org/security-tracker-team/security-tracker/commit/b2e0d89aea1a61457e911c42ba530606a4b19389">b2e0d89a</a></strong>

<div>

<span>by Salvatore Bonaccorso</span>

<i>at 2019-02-16T14:00:43Z</i>

</div>

<pre class="commit-message" style="white-space: pre-wrap; margin: 0;">Demote CVE-2018-20124/qemu to unimportant

The state for PVRDMA and RDMA is quite confusing, but for this

particular issue hw/rdma/rdma_backend.c is build when pvrdma support is

enabled.

In 1:3.1+dfsg-4 --enable-rdma was left, while disabling --enable-pvrdma,

making the issue only affecting the source but not anymore the build

packages.

--enable-rdma is about RDMA migration and outside the quest, it is what qemu

does when communicate with another qemu during migration. (The option might

have been actually been called more something like --enable-rdma-migration

instead).

--enable-pvrdma: pvrdma is a specialized guest-visible device (the same

interface as vmware implements) to give rdma capabilities to the guest.

Both are are not related to each other, but pvrdma can't function without rdma

libs on the host.

Thanks: Michael Tokarev

</pre>

</li>

</ul>

<h4>1 changed file:</h4>

<ul>

<li class="file-stats">

<a href="#4716ef5aa8f2742228ba3b3633215c8b808565e3">

data/CVE/list

</a>

</li>

</ul>

<h4>Changes:</h4>

<li id="4716ef5aa8f2742228ba3b3633215c8b808565e3">

<a href="https://salsa.debian.org/security-tracker-team/security-tracker/commit/b2e0d89aea1a61457e911c42ba530606a4b19389#4716ef5aa8f2742228ba3b3633215c8b808565e3"><strong>data/CVE/list</strong></a>

<hr>

No preview for this file type

<br>

</li>

</div>

<div class="footer" style="margin-top: 10px;">

<p style="font-size: small; color: #777777;">

—

<br>

<a href="https://salsa.debian.org/security-tracker-team/security-tracker/commit/b2e0d89aea1a61457e911c42ba530606a4b19389">View it on GitLab</a>.

<br>

You're receiving this email because of your account on salsa.debian.org.

If you'd like to receive fewer emails, you can

adjust your notification settings.

<script type="application/ld+json">{"@context":"http://schema.org","@type":"EmailMessage","action":{"@type":"ViewAction","name":"View Commit","url":"https://salsa.debian.org/security-tracker-team/security-tracker/commit/b2e0d89aea1a61457e911c42ba530606a4b19389"}}</script>

</p>

</div>

</body>

</html>