[Secure-testing-commits] r56069 - data/CVE
Salvatore Bonaccorso
carnil at moszumanska.debian.org
Sat Sep 23 20:50:22 UTC 2017
Author: carnil
Date: 2017-09-23 20:50:22 +0000 (Sat, 23 Sep 2017)
New Revision: 56069
Modified:
data/CVE/list
Log:
Fix first version which contains the fixes for qemu
Modified: data/CVE/list
===================================================================
--- data/CVE/list 2017-09-23 20:33:19 UTC (rev 56068)
+++ data/CVE/list 2017-09-23 20:50:22 UTC (rev 56069)
@@ -1435,7 +1435,7 @@
CVE-2017-14168
RESERVED
CVE-2017-14167 (Integer overflow in the load_multiboot function in hw/i386/multiboot.c ...)
- - qemu 1:2.10.0+dfsg-1 (bug #874606)
+ - qemu 1:2.10.0-1 (bug #874606)
- qemu-kvm <removed>
NOTE: https://lists.nongnu.org/archive/html/qemu-devel/2017-09/msg01483.html
NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=1489375
@@ -2713,7 +2713,7 @@
[jessie] - lame <no-dsa> (Minor issue)
NOTE: https://sourceforge.net/p/lame/bugs/472/
CVE-2017-13711 (Use-after-free vulnerability in the sofree function in slirp/socket.c ...)
- - qemu 1:2.10.0+dfsg-1 (bug #873875)
+ - qemu 1:2.10.0-1 (bug #873875)
[stretch] - qemu <no-dsa> (Minor issue)
[jessie] - qemu <not-affected> (Vulnerable code introduced later)
[wheezy] - qemu <not-affected> (Vulnerable code introduced later)
@@ -2856,7 +2856,7 @@
NOTE: Fixed by: https://git.qemu.org/gitweb.cgi?p=qemu.git;a=commit;h=bfc56535f793c557aa754c50213fc5f882e6482d
NOTE: Introduced by: https://git.qemu.org/gitweb.cgi?p=qemu.git;a=commit;h=fec5e8c92becad223df9d972770522f64aafdb72
CVE-2017-13672 (QEMU (aka Quick Emulator), when built with the VGA display emulator ...)
- - qemu 1:2.10.0+dfsg-1 (low; bug #873851)
+ - qemu 1:2.10.0-1 (low; bug #873851)
[stretch] - qemu <postponed> (Can be fixed along in a future DSA)
[jessie] - qemu <postponed> (Can be fixed along in a future DSA)
- qemu-kvm <removed>
More information about the Secure-testing-commits
mailing list