[Secure-testing-commits] [Git][security-tracker-team/security-tracker][master] libvirt DSA
Moritz Muehlenhoff
jmm at debian.org
Wed Mar 14 21:42:27 UTC 2018
Moritz Muehlenhoff pushed to branch master at Debian Security Tracker / security-tracker
Commits:
798ebd97 by Moritz Muehlenhoff at 2018-03-14T22:42:05+01:00
libvirt DSA
- - - - -
2 changed files:
- data/CVE/list
- data/DSA/list
Changes:
=====================================
data/CVE/list
=====================================
--- a/data/CVE/list
+++ b/data/CVE/list
@@ -5080,6 +5080,7 @@ CVE-2018-6767 (A stack-based buffer over-read in the ParseRiffHeaderConfig funct
NOTE: https://github.com/dbry/WavPack/commit/d5bf76b5a88d044a1be1d5656698e3ba737167e5
CVE-2018-6764 (util/virlog.c in libvirt does not properly determine the hostname on ...)
- libvirt 4.0.0-2 (bug #889839)
+ [stretch] - libvirt 3.0.0-4+deb9u3
[jessie] - libvirt <not-affected> (Vulnerable code introduced later in 1.3.1)
[wheezy] - libvirt <not-affected> (Vulnerable code introduced later in 1.3.1)
NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=1541444
@@ -8122,6 +8123,7 @@ CVE-2018-5749 (install.php in Minecraft Servers List Lite before commit c1cd164
CVE-2018-5748 (qemu/qemu_monitor.c in libvirt allows attackers to cause a denial of ...)
- libvirt 4.0.0-1 (bug #887700)
[stretch] - libvirt 3.0.0-4+deb9u2
+ [jessie] - libvirt 1.2.9-9+deb8u5
[wheezy] - libvirt <postponed> (Can be fixed in a later update)
NOTE: https://www.redhat.com/archives/libvir-list/2017-December/msg00749.html
NOTE: https://libvirt.org/git/?p=libvirt.git;a=commit;h=bc251ea91bcfddd2622fce6bce701a438b2e7276
=====================================
data/DSA/list
=====================================
--- a/data/DSA/list
+++ b/data/DSA/list
@@ -1,3 +1,7 @@
+[14 Mar 2018] DSA-4137-1 libvirt - security update
+ {CVE-2018-1064}
+ [jessie] - libvirt 1.2.9-9+deb8u5
+ [stretch] - libvirt 3.0.0-4+deb9u3
[14 Mar 2018] DSA-4136-1 curl - security update
{CVE-2018-1000120 CVE-2018-1000121 CVE-2018-1000122}
[jessie] - curl 7.38.0-4+deb8u10
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/798ebd97234c4e887bf356556fc8f347dfaf66ae
---
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/798ebd97234c4e887bf356556fc8f347dfaf66ae
You're receiving this email because of your account on salsa.debian.org.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.alioth.debian.org/pipermail/secure-testing-commits/attachments/20180314/e73ecfc8/attachment-0001.html>
More information about the Secure-testing-commits
mailing list