[Secure-testing-commits] r56516 - data/CVE

Salvatore Bonaccorso carnil at moszumanska.debian.org
Sun Oct 8 14:17:21 UTC 2017


Author: carnil
Date: 2017-10-08 14:17:20 +0000 (Sun, 08 Oct 2017)
New Revision: 56516

Modified:
   data/CVE/list
Log:
CVE-2017-13673/qemu fixed in unstable

Modified: data/CVE/list
===================================================================
--- data/CVE/list	2017-10-08 14:11:27 UTC (rev 56515)
+++ data/CVE/list	2017-10-08 14:17:20 UTC (rev 56516)
@@ -3995,7 +3995,7 @@
 CVE-2017-13674 (Symantec ProxyClient 3.4 for Windows is susceptible to a privilege ...)
 	NOT-FOR-US: Symantec ProxyClient
 CVE-2017-13673 (The vga display update in mis-calculated the region for the dirty ...)
-	- qemu <unfixed>
+	- qemu 1:2.10.0+dfsg-2
 	[stretch] - qemu <not-affected> (Vulnerable code introduced later)
 	[jessie] - qemu <not-affected> (Vulnerable code introduced later)
 	[wheezy] - qemu <not-affected> (Vulnerable code introduced later)
@@ -4003,6 +4003,7 @@
 	NOTE: https://lists.gnu.org/archive/html/qemu-devel/2017-08/msg04685.html
 	NOTE: Fixed by: https://git.qemu.org/gitweb.cgi?p=qemu.git;a=commit;h=d6f7f3b0cf4b6c5e7cdff9dfa6d20545e1051375 (v2.10.1)
 	NOTE: Introduced by: https://git.qemu.org/gitweb.cgi?p=qemu.git;a=commit;h=fec5e8c92becad223df9d972770522f64aafdb72
+	NOTE: In the unstable upload the fix is integrated in debian/patches/qemu-2.10.1.diff
 CVE-2017-13672 (QEMU (aka Quick Emulator), when built with the VGA display emulator ...)
 	{DSA-3991-1}
 	- qemu 1:2.10.0-1 (low; bug #873851)




More information about the Secure-testing-commits mailing list