[Secure-testing-commits] r56060 - data/CVE
Salvatore Bonaccorso
carnil at moszumanska.debian.org
Sat Sep 23 16:57:19 UTC 2017
Author: carnil
Date: 2017-09-23 16:57:19 +0000 (Sat, 23 Sep 2017)
New Revision: 56060
Modified:
data/CVE/list
Log:
Three CVEs fixed for qemu in unstable
Modified: data/CVE/list
===================================================================
--- data/CVE/list 2017-09-23 16:25:26 UTC (rev 56059)
+++ data/CVE/list 2017-09-23 16:57:19 UTC (rev 56060)
@@ -1430,7 +1430,7 @@
CVE-2017-14168
RESERVED
CVE-2017-14167 (Integer overflow in the load_multiboot function in hw/i386/multiboot.c ...)
- - qemu <unfixed> (bug #874606)
+ - qemu 1:2.10.0+dfsg-1 (bug #874606)
- qemu-kvm <removed>
NOTE: https://lists.nongnu.org/archive/html/qemu-devel/2017-09/msg01483.html
NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=1489375
@@ -2706,7 +2706,7 @@
[jessie] - lame <no-dsa> (Minor issue)
NOTE: https://sourceforge.net/p/lame/bugs/472/
CVE-2017-13711 (Use-after-free vulnerability in the sofree function in slirp/socket.c ...)
- - qemu <unfixed> (bug #873875)
+ - qemu 1:2.10.0+dfsg-1 (bug #873875)
[stretch] - qemu <no-dsa> (Minor issue)
[jessie] - qemu <not-affected> (Vulnerable code introduced later)
[wheezy] - qemu <not-affected> (Vulnerable code introduced later)
@@ -2849,7 +2849,7 @@
NOTE: Fixed by: https://git.qemu.org/gitweb.cgi?p=qemu.git;a=commit;h=bfc56535f793c557aa754c50213fc5f882e6482d
NOTE: Introduced by: https://git.qemu.org/gitweb.cgi?p=qemu.git;a=commit;h=fec5e8c92becad223df9d972770522f64aafdb72
CVE-2017-13672 (QEMU (aka Quick Emulator), when built with the VGA display emulator ...)
- - qemu <unfixed> (low; bug #873851)
+ - qemu 1:2.10.0+dfsg-1 (low; bug #873851)
[stretch] - qemu <postponed> (Can be fixed along in a future DSA)
[jessie] - qemu <postponed> (Can be fixed along in a future DSA)
- qemu-kvm <removed>
More information about the Secure-testing-commits
mailing list