[Secure-testing-commits] r51502 - data/CVE

[Salvatore Bonaccorso]

Author: carnil
Date: 2017-05-10 15:19:09 +0000 (Wed, 10 May 2017)
New Revision: 51502

Modified:
   data/CVE/list
Log:
Update CVE-2017-8380/qemu, add bug reference, #862282

Modified: data/CVE/list
===================================================================
--- data/CVE/list	2017-05-10 15:08:12 UTC (rev 51501)
+++ data/CVE/list	2017-05-10 15:19:09 UTC (rev 51502)
@@ -1184,9 +1184,12 @@
 	RESERVED
 CVE-2017-8380 [scsi: megasas: out-of-bounds read in  megasas_mmio_write]
 	RESERVED
-	- qemu <unfixed>
-	- qemu-kvm <removed>
+	- qemu <unfixed> (bug #862282)
+	[jessie] - qemu <not-affected> (Vulnerable code introduced later)
+	[wheezy] - qemu <not-affected> (Vulnerable code introduced later)
+	- qemu-kvm <not-affected> (Vulnerable code introduced later)
 	NOTE: https://lists.gnu.org/archive/html/qemu-devel/2017-04/msg04147.html
+	NOTE: Introduced by: http://git.qemu.org/?p=qemu.git;a=commit;h=e23d04984a78490d8aaa5c45724a3a334933331f (v2.2.0-rc0)
 CVE-2017-8379 [input: host memory lekage via keyboard]
 	RESERVED
 	- qemu <unfixed>