[Secure-testing-commits] r52841 - data/CVE

[Guido Guenther]

Author: agx
Date: 2017-06-23 11:04:56 +0000 (Fri, 23 Jun 2017)
New Revision: 52841

Modified:
   data/CVE/list
Log:
lts: Mark hotplug related issues as no-dsa for qemu{,-kvm}

The hotplug code in wheezy has more issues so fixing DoS by leaks
is not worth the effort.

Modified: data/CVE/list
===================================================================
--- data/CVE/list	2017-06-23 11:04:46 UTC (rev 52840)
+++ data/CVE/list	2017-06-23 11:04:56 UTC (rev 52841)
@@ -2469,17 +2469,23 @@
 	RESERVED
 CVE-2017-9375 (QEMU (aka Quick Emulator), when built with USB xHCI controller ...)
 	- qemu <unfixed> (bug #864219)
+	[wheezy] - qemu <not-affected> (vulnerable code not present)
 	- qemu-kvm <removed>
+	[wheezy] - qemu-kvm <not-affected> (vulnerable code not present)
 	NOTE: Fixed by: http://git.qemu.org/?p=qemu.git;a=commitdiff;h=96d87bdda3919bb16f754b3d3fd1227e1f38f13c
 CVE-2017-9374 (Memory leak in QEMU (aka Quick Emulator), when built with USB EHCI ...)
 	- qemu <unfixed> (bug #864568)
 	[stretch] - qemu <no-dsa> (Minor issue)
 	[jessie] - qemu <no-dsa> (Minor issue)
+	[wheezy] - qemu <no-dsa> (Minor issue)
 	- qemu-kvm <removed>
+	[wheezy] - qemu-kvm <no-dsa> (Minor issue)
 	NOTE: Fixed by: http://git.qemu.org/?p=qemu.git;a=commitdiff;h=d710e1e7bd3d5bfc26b631f02ae87901ebe646b0
 CVE-2017-9373 (Memory leak in QEMU (aka Quick Emulator), when built with IDE AHCI ...)
 	- qemu <unfixed> (bug #864216)
+	[wheezy] - qemu <no-dsa> (Minor issue)
 	- qemu-kvm <removed>
+	[wheezy] - qemu-kvm <no-dsa> (Minor issue)
 	NOTE: Fixed by: http://git.qemu.org/?p=qemu.git;a=commitdiff;h=d68f0f778e7f4fbd674627274267f269e40f0b04
 CVE-2017-9371
 	RESERVED