[Secure-testing-commits] r45324 - data/CVE
Salvatore Bonaccorso
carnil at moszumanska.debian.org
Fri Oct 14 20:18:34 UTC 2016
Author: carnil
Date: 2016-10-14 20:18:33 +0000 (Fri, 14 Oct 2016)
New Revision: 45324
Modified:
data/CVE/list
Log:
Add fixed version for four CVEs for qemu with unstable upload
Modified: data/CVE/list
===================================================================
--- data/CVE/list 2016-10-14 19:41:40 UTC (rev 45323)
+++ data/CVE/list 2016-10-14 20:18:33 UTC (rev 45324)
@@ -962,7 +962,7 @@
CVE-2016-8221
RESERVED
CVE-2016-7423 (The mptsas_process_scsi_io_request function in QEMU (aka Quick ...)
- - qemu <unfixed> (bug #838145)
+ - qemu 1:2.7+dfsg-1 (bug #838145)
[jessie] - qemu <not-affected> (Vulnerable code introduced later)
[wheezy] - qemu <not-affected> (Vulnerable code introduced later)
- qemu-kvm <not-affected> (Vulnerable code introduced later)
@@ -974,7 +974,7 @@
NOTE: Fixed by: http://git.qemu.org/?p=qemu.git;a=commit;h=670e56d3ed2918b3861d9216f2c0540d9e9ae0d5
CVE-2016-7422 [virtio: null pointer dereference in virtqueue_map_desc]
RESERVED
- - qemu <unfixed> (bug #838146)
+ - qemu 1:2.7+dfsg-1 (bug #838146)
[jessie] - qemu <not-affected> (Vulnerable code introduced later)
[wheezy] - qemu <not-affected> (Vulnerable code introduced later)
- qemu-kvm <not-affected> (Vulnerable code introduced later)
@@ -984,7 +984,7 @@
NOTE: http://www.openwall.com/lists/oss-security/2016/09/16/4
CVE-2016-7421 [scsi: pvscsi: infinite loop when processing IO requests]
RESERVED
- - qemu <unfixed> (bug #838147)
+ - qemu 1:2.7+dfsg-1 (bug #838147)
[wheezy] - qemu <not-affected> (Vulnerable code not present, introduced after 1.5)
- qemu-kvm <not-affected> (Vulnerable code not present, introduced after 1.5)
NOTE: https://lists.gnu.org/archive/html/qemu-devel/2016-09/msg03609.html
@@ -4083,9 +4083,9 @@
NOTE: Fixed by: https://git.gnome.org/browse/file-roller/commit/?id=f70be1f41688859ec8dbe266df35a1839ceb96c5 (3.20.3)
CVE-2016-7161 (Heap-based buffer overflow in the .receive callback of ...)
{DLA-653-1 DLA-652-1}
- - qemu <unfixed> (bug #838850)
+ - qemu 1:2.7+dfsg-1 (bug #838850)
- qemu-kvm <removed>
- NOTE: http://git.qemu.org/?p=qemu.git;a=commit;h=a0d1cbdacff5df4ded16b753b38fdd9da6092968
+ NOTE: http://git.qemu.org/?p=qemu.git;a=commit;h=a0d1cbdacff5df4ded16b753b38fdd9da6092968 (2.7.0-rc3)
NOTE: http://patchwork.ozlabs.org/patch/657076/
CVE-2016-7160
RESERVED
More information about the Secure-testing-commits
mailing list