<!DOCTYPE html PUBLIC "-//W3C//DTD HTML 4.0 Transitional//EN" "http://www.w3.org/TR/REC-html40/loose.dtd">

<html lang="en">

<head>

<meta content="text/html; charset=US-ASCII" http-equiv="Content-Type">

<title>

GitLab

</title>

<style>img {

max-width: 100%; height: auto;

}

</style>

</head>

<body>

<div class="content">

<h3>

Salvatore Bonaccorso pushed to branch master

at <a href="https://salsa.debian.org/security-tracker-team/security-tracker">Debian Security Tracker / security-tracker</a>

</h3>

<h4>

Commits:

</h4>

<ul>

<li>

<strong><a href="https://salsa.debian.org/security-tracker-team/security-tracker/commit/5559c92f2977146a521229efd97eb68de08a7eca">5559c92f</a></strong>

<div>

<span>by Salvatore Bonaccorso</span>

<i>at 2019-07-01T20:14:46Z</i>

</div>

<pre class="commit-message" style="white-space: pre-wrap; margin: 0;">Add CVE-2019-1292{8,9}/qemu

Mark the issue as no-dsa, as "The QEMU machine protocol (QMP) should not

be exposed to unprivileged users, and is only intended for

administrative control of QEMU instances.". Given that there might be an

argument to actually mark those as <ignored> ore consider it at

negligible security impact. To be on safe side mark it for now only as

no-dsa.

</pre>

</li>

</ul>

<h4>1 changed file:</h4>

<ul>

<li class="file-stats">

<a href="#4716ef5aa8f2742228ba3b3633215c8b808565e3">

data/CVE/list

</a>

</li>

</ul>

<h4>Changes:</h4>

<li id="4716ef5aa8f2742228ba3b3633215c8b808565e3">

<a href="https://salsa.debian.org/security-tracker-team/security-tracker/commit/5559c92f2977146a521229efd97eb68de08a7eca#4716ef5aa8f2742228ba3b3633215c8b808565e3"><strong>data/CVE/list</strong></a>

<hr>

No preview for this file type

<br>

</li>

</div>

<div class="footer" style="margin-top: 10px;">

<p style="font-size: small; color: #777;">

—

<br>

<a href="https://salsa.debian.org/security-tracker-team/security-tracker/commit/5559c92f2977146a521229efd97eb68de08a7eca">View it on GitLab</a>.

<br>

You're receiving this email because of your account on salsa.debian.org.

If you'd like to receive fewer emails, you can

adjust your notification settings.

<script type="application/ld+json">{"@context":"http://schema.org","@type":"EmailMessage","action":{"@type":"ViewAction","name":"View Commit","url":"https://salsa.debian.org/security-tracker-team/security-tracker/commit/5559c92f2977146a521229efd97eb68de08a7eca"}}</script>

</p>

</div>

</body>

</html>