[Secure-testing-commits] r29810 - data/CVE
Salvatore Bonaccorso
carnil at moszumanska.debian.org
Mon Nov 3 15:45:01 UTC 2014
Author: carnil
Date: 2014-11-03 15:45:01 +0000 (Mon, 03 Nov 2014)
New Revision: 29810
Modified:
data/CVE/list
Log:
Add fixed version for CVE-2014-3689/qemu
Modified: data/CVE/list
===================================================================
--- data/CVE/list 2014-11-03 15:14:08 UTC (rev 29809)
+++ data/CVE/list 2014-11-03 15:45:01 UTC (rev 29810)
@@ -11232,7 +11232,7 @@
NOTE: Upstream fix: https://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=d974baa398f34393db76be45f7d4d04fbdbb4a0a (v3.18-rc1)
CVE-2014-3689 [vmware_vga: insufficient parameter validation in rectangle functions]
RESERVED
- - qemu <unfixed> (bug #765496)
+ - qemu 2.1+dfsg-6 (bug #765496)
- qemu-kvm <removed>
[squeeze] - qemu-kvm <end-of-life>
NOTE: Upstream's quick and easy stopgap for this issue: compile out the hardware acceleration functions which lack sanity checks.
More information about the Secure-testing-commits
mailing list