[Git][security-tracker-team/security-tracker][master] reserve DLA-1646-1 for qemu update
Hugo Lefeuvre
hle at debian.org
Tue Jan 29 16:00:49 GMT 2019
Hugo Lefeuvre pushed to branch master at Debian Security Tracker / security-tracker
Commits:
f6e3ab74 by Salvatore Bonaccorso at 2019-01-29T16:00:12Z
reserve DLA-1646-1 for qemu update
- - - - -
2 changed files:
- data/DLA/list
- data/dla-needed.txt
Changes:
=====================================
data/DLA/list
=====================================
@@ -1,3 +1,6 @@
+[29 Jan 2019] DLA-1646-1 qemu - security update
+ {CVE-2018-17958 CVE-2018-19364 CVE-2018-19489}
+ [jessie] - qemu 1:2.1+dfsg-12+deb8u9
[28 Jan 2019] DLA-1645-1 wireshark - security update
{CVE-2019-5716 CVE-2019-5717 CVE-2019-5719}
[jessie] - wireshark 1.12.1+g01b65bf-4+deb8u17
=====================================
data/dla-needed.txt
=====================================
@@ -114,9 +114,10 @@ python3.4 (Brian May)
NOTE: 20190120: Have patched all known vulnerabilies, now testing.
--
qemu (Hugo Lefeuvre)
- NOTE: CVE-2018-19665: working on a highly trimmed down version of the patch which contains unnecessary refactoring for us
- NOTE: CVE-2018-19665: will need backport of https://git.qemu.org/?p=qemu.git;a=commit;f=hw/bt/hci-csr.c;h=141af038dd1e73ed32e473046adeb822537c1152
- NOTE: 20190124: next upload will address 9p race conditions as well.
+ NOTE: CVE-2018-19665: working on a highly trimmed down version of upstream patch
+ NOTE: CVE-2018-19665: also, current patch will not be merged by upstream, wait for updated version
+ NOTE: CVE-2018-19665: see https://lists.debian.org/debian-lts/2019/01/msg00073.html
+ NOTE: 20190129: working on a second upload addressing latest cves
--
symfony (Roberto C. Sánchez)
NOTE: 20190128: Working on resolving FTFBS with feedback received from mailing list (roberto)
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/f6e3ab74ad140f75e31d8c7c4bd0c381753585e6
--
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/f6e3ab74ad140f75e31d8c7c4bd0c381753585e6
You're receiving this email because of your account on salsa.debian.org.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20190129/3ed93db1/attachment-0001.html>
More information about the debian-security-tracker-commits
mailing list