[Git][security-tracker-team/security-tracker][master] CVE-2017-11334/qemu: clarify

Sylvain Beucler beuc at debian.org
Tue Sep 10 14:18:33 BST 2019



Sylvain Beucler pushed to branch master at Debian Security Tracker / security-tracker


Commits:
501f01fb by Sylvain Beucler at 2019-09-10T13:17:25Z
CVE-2017-11334/qemu: clarify

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -118101,13 +118101,14 @@ CVE-2017-11524 (The WriteBlob function in MagickCore/blob.c in ImageMagick befor
 CVE-2017-11334 (The address_space_write_continue function in exec.c in QEMU (aka Quick ...)
 	{DSA-3925-1}
 	- qemu 1:2.8+dfsg-7 (bug #869173)
-	[jessie] - qemu <no-dsa> (Minor issue. Backport caused regression in Ubuntu)
+	[jessie] - qemu <postponed> (Minor issue, root DoS, backport caused Xen regression in Ubuntu and was reverted)
 	[wheezy] - qemu <no-dsa> (Minor issue)
 	- qemu-kvm <removed>
 	[wheezy] - qemu-kvm <no-dsa> (Minor issue)
 	NOTE: https://lists.gnu.org/archive/html/qemu-devel/2017-07/msg03775.html
 	NOTE: https://git.qemu.org/gitweb.cgi?p=qemu.git;a=commit;h=f5aa69bdc3418773f26747ca282c291519626ece
 	NOTE: https://git.qemu.org/gitweb.cgi?p=qemu.git;a=commit;h=04bf2526ce87f21b32c9acba1c5518708c243ad0
+	NOTE: https://bugs.launchpad.net/ubuntu/+source/qemu/+bug/1752761
 CVE-2017-11333 (The vorbis_analysis_wrote function in lib/block.c in Xiph.Org libvorbi ...)
 	{DSA-4113-1 DLA-1368-1}
 	- libvorbis 1.3.5-4.1 (low; bug #870341)



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/501f01fb052c6b7aa412c679804b0c6b7b4659c5

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/501f01fb052c6b7aa412c679804b0c6b7b4659c5
You're receiving this email because of your account on salsa.debian.org.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20190910/02b496bc/attachment.html>


More information about the debian-security-tracker-commits mailing list