[Secure-testing-commits] [Git][security-tracker-team/security-tracker][master] Add CVE-2017-18030/qemu

Mon Jan 15 19:52:53 UTC 2018

Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker


Commits:
73420769 by Salvatore Bonaccorso at 2018-01-15T20:52:32+01:00
Add CVE-2017-18030/qemu

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================

--- a/data/CVE/list
+++ b/data/CVE/list
@@ -47,8 +47,11 @@ CVE-2018-5684 (In Libav through 12.2, there is an invalid memcpy call in the ...
 	TODO: check
 CVE-2018-5683
 	RESERVED
-CVE-2017-18030
+CVE-2017-18030 [Out-of-bounds access in cirrus_invalidate_region routine]
 	RESERVED
+	- qemu <unfixed>
+	- qemu-kvm <removed>
+	NOTE: https://git.qemu.org/?p=qemu.git;a=commitdiff;h=f153b563f8cf121aebf5a2fff5f0110faf58ccb3
 CVE-2018-5682 (PrestaShop 1.7.2.4 allows user enumeration via the Reset Password ...)
 	NOT-FOR-US: PrestaShop
 CVE-2018-5681 (PrestaShop 1.7.2.4 has XSS via source-code editing on the "Pages > Edit ...)



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/7342076989d0e86ad8476769275a15b5f84e6074

---
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/7342076989d0e86ad8476769275a15b5f84e6074
You're receiving this email because of your account on salsa.debian.org.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.alioth.debian.org/pipermail/secure-testing-commits/attachments/20180115/924545b2/attachment-0001.html>
