[Git][security-tracker-team/security-tracker][master] dla-needed: update qemu entry

[Hugo Lefeuvre]

Hugo Lefeuvre pushed to branch master at Debian Security Tracker / security-tracker


Commits:
c20f6971 by Hugo Lefeuvre at 2019-01-24T09:11:05Z
dla-needed: update qemu entry

- - - - -


1 changed file:

- data/dla-needed.txt


Changes:

=====================================
data/dla-needed.txt
=====================================
@@ -108,11 +108,9 @@ python3.4 (Brian May)
   NOTE: 20190120: Have patched all known vulnerabilies, now testing.
 --
 qemu (Hugo Lefeuvre)
-  NOTE: CVE-2018-19665: no practical exploit at the moment + patch quite big (but easy to review, though)
-  NOTE: CVE-2018-19665: this is a good candidate for no-dsa
-  NOTE: CVE-2018-19665: well I might be able to come up with a highly trimmed down version of the patch so
-  NOTE: CVE-2018-19665: it might still be worth it.
-  NOTE: 20190122: otherwise still working on the next upload, will address 9p race conditions as well.
+  NOTE: CVE-2018-19665: working on a highly trimmed down version of the patch which contains unnecessary refactoring for us
+  NOTE: CVE-2018-19665: will need backport of https://git.qemu.org/?p=qemu.git;a=commit;f=hw/bt/hci-csr.c;h=141af038dd1e73ed32e473046adeb822537c1152
+  NOTE: 20190124: next upload will address 9p race conditions as well.
 --
 symfony (Roberto C. Sánchez)
   NOTE: 20181217: Patches are all backported but package FTBFS (unit tests failures).



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/c20f6971cf1de78ff14c843c8eccb1a686bce533

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/c20f6971cf1de78ff14c843c8eccb1a686bce533
You're receiving this email because of your account on salsa.debian.org.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20190124/a546e8b2/attachment-0001.html>