[Secure-testing-commits] r44028 - data/CVE
Salvatore Bonaccorso
carnil at moszumanska.debian.org
Thu Aug 18 04:44:15 UTC 2016
Author: carnil
Date: 2016-08-18 04:44:15 +0000 (Thu, 18 Aug 2016)
New Revision: 44028
Modified:
data/CVE/list
Log:
CVE-2016-6833/qemu assigned
Modified: data/CVE/list
===================================================================
--- data/CVE/list 2016-08-18 04:42:30 UTC (rev 44027)
+++ data/CVE/list 2016-08-18 04:44:15 UTC (rev 44028)
@@ -324,14 +324,14 @@
CVE-2016-XXXX [Double free]
- imagemagick <unfixed> (bug #834183)
NOTE: https://www.imagemagick.org/discourse-server/viewtopic.php?f=3&t=30245
-CVE-2016-XXXX [net: vmxnet3: use after free while writing]
+CVE-2016-6833 [net: vmxnet3: use after free while writing]
- qemu <unfixed>
[wheezy] - qemu <not-affected> (Vulnerable code not present, vmxnet3 introduced in 1.5)
- qemu-kvm <removed>
[wheezy] - qemu-kvm <not-affected> (Vulnerable code not present, vmxnet3 introduced in 1.5)
+ NOTE: http://git.qemu.org/?p=qemu.git;a=commit;h=6c352ca9b4ee3e1e286ea9e8434bd8e69ac7d0d8
NOTE: Upstream patch: https://lists.gnu.org/archive/html/qemu-devel/2016-08/msg01602.html
- NOTE: CVE Request: http://www.openwall.com/lists/oss-security/2016/08/12/1
- TODO: check
+ NOTE: http://www.openwall.com/lists/oss-security/2016/08/12/1
CVE-2016-XXXX [an infinite loop during packet fragmentation]
- qemu <unfixed>
[wheezy] - qemu <not-affected> (Vulnerable code not present, packet abstraction introduced in 1.5)
More information about the Secure-testing-commits
mailing list