[Secure-testing-commits] r52837 - data/CVE
Guido Guenther
agx at moszumanska.debian.org
Fri Jun 23 10:03:32 UTC 2017
Author: agx
Date: 2017-06-23 10:03:32 +0000 (Fri, 23 Jun 2017)
New Revision: 52837
Modified:
data/CVE/list
Log:
lts: mark qemu{,-kvm} as not affected by CVE-2017-9330
ohci_read_iso_td calls into get_dwords which in wheezy always
returns 1 so the branch is never taken.
Modified: data/CVE/list
===================================================================
--- data/CVE/list 2017-06-23 09:10:13 UTC (rev 52836)
+++ data/CVE/list 2017-06-23 10:03:32 UTC (rev 52837)
@@ -2621,7 +2621,9 @@
- qemu <unfixed> (bug #863943)
[stretch] - qemu <no-dsa> (Minor issue)
[jessie] - qemu <no-dsa> (Minor issue)
+ [wheezy] - qemu <not-affected> (Vulnerable code no present)
- qemu-kvm <removed>
+ [wheezy] - qemu-kvm <not-affected> (Vulnerable code no present)
NOTE: http://git.qemu.org/?p=qemu.git;a=commitdiff;h=26f670a244982335cc08943fb1ec099a2c81e42d
CVE-2017-9324 (In Open Ticket Request System (OTRS) 3.3.x through 3.3.16, 4.x through ...)
{DSA-3876-1}
More information about the Secure-testing-commits
mailing list