[Secure-testing-commits] r48301 - data/CVE

Salvatore Bonaccorso carnil at moszumanska.debian.org
Mon Jan 23 14:46:21 UTC 2017 

Author: carnil
Date: 2017-01-23 14:46:21 +0000 (Mon, 23 Jan 2017)
New Revision: 48301

Modified:
   data/CVE/list
Log:
Record qemu fixes

Modified: data/CVE/list
===================================================================
--- data/CVE/list	2017-01-23 09:14:43 UTC (rev 48300)
+++ data/CVE/list	2017-01-23 14:46:21 UTC (rev 48301)
@@ -11,7 +11,7 @@
 	- cgiemail <unfixed> (bug #852031)
 	NOTE: CVE Request: http://www.openwall.com/lists/oss-security/2017/01/20/6
 CVE-2016-10155 [watchdog: memory leakage in virtual hardware watchdog wdt_i6300esb; CVE for the memory consumption issue, not an information disclosure issue]
-	- qemu <unfixed> (bug #852232)
+	- qemu 1:2.8+dfsg-2 (bug #852232)
 	- qemu-kvm <removed>
 	NOTE: https://lists.nongnu.org/archive/html/qemu-devel/2016-12/msg03104.html
 	NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=1415199
@@ -47,7 +47,7 @@
 	NOTE: https://core.trac.wordpress.org/ticket/37490
 	NOTE: https://core.trac.wordpress.org/changeset/38168
 CVE-2017-5552 [display: virtio-gpu-3d: memory leakage in virgl_resource_attach_backing; CVE for the memory consumption issue, not an information disclosure issue]
-	- qemu <unfixed> (bug #852119)
+	- qemu 1:2.8+dfsg-2 (bug #852119)
 	[jessie] - qemu <not-affected> (Vulnerable code not present)
 	[wheezy] - qemu <not-affected> (Vulnerable code not present)
 	- qemu-kvm <not-affected> (Vulnerable code not present)
@@ -84,7 +84,7 @@
 	NOTE: http://www.openwall.com/lists/oss-security/2017/01/18/11
 CVE-2017-5526 [audio: memory leakage in es1370 device; CVE for the memory consumption issue]
 	RESERVED
-	- qemu <unfixed> (bug #851910)
+	- qemu 1:2.8+dfsg-2 (bug #851910)
 	- qemu-kvm <removed>
 	NOTE: https://lists.nongnu.org/archive/html/qemu-devel/2017-01/msg01742.html
 	NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=1414209
@@ -92,7 +92,7 @@
 	TODO: check affected versions
 CVE-2017-5525 [audio: memory leakage in ac97 device; CVE for the memory consumption issue]
 	RESERVED
-	- qemu <unfixed> (bug #852021)
+	- qemu 1:2.8+dfsg-2 (bug #852021)
 	- qemu-kvm <removed>
 	NOTE: https://lists.nongnu.org/archive/html/qemu-devel/2017-01/msg01740.html
 	NOTE: http://git.qemu.org/?p=qemu.git;a=commit;h=12351a91da97b414eec8cdb09f1d9f41e535a401
@@ -4117,7 +4117,7 @@
 	NOTE: https://xenbits.xen.org/xsa/advisory-202.html
 CVE-2016-10028 [display: virtio-gpu-3d: OOB access while reading virgl capabilities]
 	RESERVED
-	- qemu <unfixed> (bug #849798)
+	- qemu 1:2.8+dfsg-2 (bug #849798)
 	[jessie] - qemu <not-affected> (Vulnerable code not present)
 	[wheezy] - qemu <not-affected> (Vulnerable code not present)
 	- qemu-kvm <not-affected> (Vulnerable code not present)

More information about the Secure-testing-commits mailing list