[Secure-testing-commits] r46932 - data/CVE
Salvatore Bonaccorso
carnil at moszumanska.debian.org
Fri Dec 9 09:57:47 UTC 2016
Author: carnil
Date: 2016-12-09 09:57:47 +0000 (Fri, 09 Dec 2016)
New Revision: 46932
Modified:
data/CVE/list
Log:
Add CVE-2016-9921 and CVE-2016-9922
Modified: data/CVE/list
===================================================================
--- data/CVE/list 2016-12-09 09:52:02 UTC (rev 46931)
+++ data/CVE/list 2016-12-09 09:57:47 UTC (rev 46932)
@@ -3,6 +3,20 @@
- qemu-kvm <removed>
NOTE: https://lists.gnu.org/archive/html/qemu-devel/2016-10/msg05597.html
NOTE: Fixed by: http://git.qemu.org/?p=qemu.git;a=commit;h=a4afa548fc6dd9842ed86639b4d37d4d1c4ad480 (v2.8.0-rc0)
+CVE-2016-9922 [display: cirrus_vga: a divide by zero in cirrus_do_copy]
+ - qemu <unfixed>
+ - qemu-kvm <removed>
+ NOTE: https://lists.gnu.org/archive/html/qemu-devel/2016-12/msg00442.html
+ NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=1334398
+ NOTE: Fixed by: http://git.qemu.org/?p=qemu.git;a=commit;h=4299b90e9ba9ce5ca9024572804ba751aa1a7e70 (v2.8.0-rc3)
+ NOTE: CVE for the "blit pitch values" issue.
+CVE-2016-9921 [display: cirrus_vga: a divide by zero in cirrus_do_copy]
+ - qemu <unfixed>
+ - qemu-kvm <removed>
+ NOTE: https://lists.gnu.org/archive/html/qemu-devel/2016-12/msg00442.html
+ NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=1334398
+ NOTE: Fixed by: http://git.qemu.org/?p=qemu.git;a=commit;h=4299b90e9ba9ce5ca9024572804ba751aa1a7e70 (v2.8.0-rc3)
+ NOTE: CVE for the "'cirrus_get_bpp' returns zero(0), which could lead to a divide by zero" issue.
CVE-2016-9918 (In BlueZ 5.42, an out-of-bounds read was identified in "packet_hexdump" ...)
- bluez <unfixed>
NOTE: https://www.spinics.net/lists/linux-bluetooth/msg68898.html
More information about the Secure-testing-commits
mailing list