[Git][security-tracker-team/security-tracker][master] qemu fixed
Moritz Muehlenhoff
jmm at debian.org
Fri Nov 29 15:52:18 GMT 2019
Moritz Muehlenhoff pushed to branch master at Debian Security Tracker / security-tracker
Commits:
43c058e4 by Moritz Muehlenhoff at 2019-11-29T15:51:57Z
qemu fixed
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -12223,12 +12223,13 @@ CVE-2019-15890 (libslirp 4.0.0, as used in QEMU 4.1.0, has a use-after-free in i
{DLA-1927-1}
- slirp4netns 0.4.1-1 (bug #939868)
[buster] - slirp4netns <no-dsa> (Minor issue)
- - qemu <unfixed> (bug #939869)
+ - qemu 1:4.1-2 (bug #939869)
[buster] - qemu <postponed> (Minor issue, can be fixed along in future update)
[stretch] - qemu <postponed> (Minor issue, can be fixed along in future update)
- qemu-kvm <removed>
NOTE: https://www.openwall.com/lists/oss-security/2019/09/06/3
NOTE: https://gitlab.freedesktop.org/slirp/libslirp/commit/c59279437eda91841b9d26079c70b8a540d41204
+ NOTE: 1:4.1-2 switched to system libslirp, marking that version as fixed
CVE-2019-15889 (The download-manager plugin before 2.9.94 for WordPress has XSS via th ...)
NOT-FOR-US: download-manager plugin for WordPress
CVE-2019-15888
@@ -24595,7 +24596,7 @@ CVE-2019-12069
RESERVED
CVE-2019-12068 (In QEMU 1:4.1-1, 1:2.1+dfsg-12+deb8u6, 1:2.8+dfsg-6+deb9u8, 1:3.1+dfsg ...)
{DLA-1927-1}
- - qemu <unfixed> (low)
+ - qemu 1:4.1-2 (low)
[buster] - qemu <postponed> (Minor issue, can be fixed along in future update)
[stretch] - qemu <postponed> (Minor issue, can be fixed along in future update)
- qemu-kvm <removed>
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/43c058e4e56b0347866e373b13ef8c80f7b9ca28
--
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/43c058e4e56b0347866e373b13ef8c80f7b9ca28
You're receiving this email because of your account on salsa.debian.org.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20191129/e66fbaae/attachment.html>
More information about the debian-security-tracker-commits
mailing list