[Secure-testing-commits] r54319 - data/CVE

Sat Aug 5 13:57:29 UTC 2017

Author: carnil
Date: 2017-08-05 13:57:29 +0000 (Sat, 05 Aug 2017)
New Revision: 54319

Modified:
   data/CVE/list
Log:
Add fixed version for unstable upload for qemu

Modified: data/CVE/list
===================================================================

--- data/CVE/list	2017-08-05 13:39:03 UTC (rev 54318)
+++ data/CVE/list	2017-08-05 13:57:29 UTC (rev 54319)
@@ -2539,7 +2539,7 @@
 	NOT-FOR-US: Humax Wi-Fi Router model HG100R-*
 CVE-2017-11434 (The dhcp_decode function in slirp/bootp.c in QEMU (aka Quick Emulator) ...)
 	{DSA-3925-1}
-	- qemu <unfixed> (bug #869171)
+	- qemu 1:2.8+dfsg-7 (bug #869171)
 	- qemu-kvm <removed>
 	NOTE: https://lists.gnu.org/archive/html/qemu-devel/2017-07/msg05001.html
 CVE-2017-11433
@@ -2857,7 +2857,7 @@
 	NOTE: https://github.com/ImageMagick/ImageMagick/issues/506
 CVE-2017-11334 (The address_space_write_continue function in exec.c in QEMU (aka Quick ...)
 	{DSA-3925-1}
-	- qemu <unfixed> (bug #869173)
+	- qemu 1:2.8+dfsg-7 (bug #869173)
 	- qemu-kvm <removed>
 	NOTE: https://lists.gnu.org/archive/html/qemu-devel/2017-07/msg03775.html
 CVE-2017-11333 (The vorbis_analysis_wrote function in lib/block.c in Xiph.Org libvorbis ...)
@@ -4388,7 +4388,7 @@
 	RESERVED
 CVE-2017-10806 (Stack-based buffer overflow in hw/usb/redirect.c in QEMU (aka Quick ...)
 	{DSA-3925-1}
-	- qemu <unfixed> (bug #867751)
+	- qemu 1:2.8+dfsg-7 (bug #867751)
 	[jessie] - qemu <no-dsa> (Minor issue)
 	[wheezy] - qemu <no-dsa> (Minor issue)
 	- qemu-kvm <removed>
@@ -4762,7 +4762,7 @@
 	RESERVED
 CVE-2017-10664 (qemu-nbd in QEMU (aka Quick Emulator) does not ignore SIGPIPE, which ...)
 	{DSA-3920-1}
-	- qemu <unfixed> (bug #866674)
+	- qemu 1:2.8+dfsg-7 (bug #866674)
 	[jessie] - qemu <no-dsa> (Minor issue)
 	- qemu-kvm <removed>
 	[wheezy] - qemu-kvm <not-affected> (qemu-nbd shipped from qemu package)
@@ -6942,7 +6942,7 @@
 CVE-2017-10911 (The make_response function in drivers/block/xen-blkback/blkback.c in ...)
 	{DSA-3920-1}
 	- linux 4.11.11-1
-	- qemu <unfixed> (bug #869706)
+	- qemu 1:2.8+dfsg-7 (bug #869706)
 	NOTE: https://xenbits.xen.org/xsa/advisory-216.html
 CVE-2017-1000381 (The c-ares function `ares_parse_naptr_reply()`, which is used for ...)
 	{DLA-998-1}
@@ -7671,7 +7671,7 @@
 	NOTE: and following refactorings.
 CVE-2017-9524 (The qemu-nbd server in QEMU (aka Quick Emulator), when built with the ...)
 	{DSA-3925-1}
-	- qemu <unfixed> (bug #865755)
+	- qemu 1:2.8+dfsg-7 (bug #865755)
 	[jessie] - qemu <not-affected> (Vulnerable code not present)
 	[wheezy] - qemu <not-affected> (Vulnerable code not present)
 	- qemu-kvm <removed>
@@ -8124,7 +8124,7 @@
 	NOTE: Fixed by: http://git.qemu.org/?p=qemu.git;a=commitdiff;h=96d87bdda3919bb16f754b3d3fd1227e1f38f13c
 CVE-2017-9374 (Memory leak in QEMU (aka Quick Emulator), when built with USB EHCI ...)
 	{DSA-3920-1}
-	- qemu <unfixed> (bug #864568)
+	- qemu 1:2.8+dfsg-7 (bug #864568)
 	[jessie] - qemu <no-dsa> (Minor issue)
 	[wheezy] - qemu <no-dsa> (Minor issue)
 	- qemu-kvm <removed>
@@ -8132,7 +8132,7 @@
 	NOTE: Fixed by: http://git.qemu.org/?p=qemu.git;a=commitdiff;h=d710e1e7bd3d5bfc26b631f02ae87901ebe646b0
 CVE-2017-9373 (Memory leak in QEMU (aka Quick Emulator), when built with IDE AHCI ...)
 	{DSA-3920-1}
-	- qemu <unfixed> (bug #864216)
+	- qemu 1:2.8+dfsg-7 (bug #864216)
 	[wheezy] - qemu <no-dsa> (Minor issue)
 	- qemu-kvm <removed>
 	[wheezy] - qemu-kvm <no-dsa> (Minor issue)
@@ -8278,7 +8278,7 @@
 	NOTE: Patch: http://lists.nongnu.org/archive/html/chicken-hackers/2017-05/msg00099.html
 CVE-2017-9330 (QEMU (aka Quick Emulator), when built with the USB OHCI Emulation ...)
 	{DSA-3920-1}
-	- qemu <unfixed> (bug #863943)
+	- qemu 1:2.8+dfsg-7 (bug #863943)
 	[jessie] - qemu <no-dsa> (Minor issue)
 	[wheezy] - qemu <not-affected> (Vulnerable code no present)
 	- qemu-kvm <removed>
@@ -8488,7 +8488,7 @@
 	NOTE: https://www.sudo.ws/repos/sudo/raw-rev/b5460cbbb11b
 CVE-2017-9310 (QEMU (aka Quick Emulator), when built with the e1000e NIC emulation ...)
 	{DSA-3920-1}
-	- qemu <unfixed> (bug #863840)
+	- qemu 1:2.8+dfsg-7 (bug #863840)
 	[jessie] - qemu <not-affected> (Vulnerable code not present; e1000e introduced in 2.7.0-rc0)
 	[wheezy] - qemu <not-affected> (Vulnerable code not present)
 	- qemu-kvm <removed>


