[Git][security-tracker-team/security-tracker][master] 4 commits: CVE-2020-25723: Add upstream tag information

Fri Dec 4 13:21:29 GMT 2020


Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker


Commits:
da5152cc by Salvatore Bonaccorso at 2020-12-04T14:19:10+01:00
CVE-2020-25723: Add upstream tag information

- - - - -
c8af33ca by Salvatore Bonaccorso at 2020-12-04T14:19:39+01:00
CVE-2020-25625: reference git commit URL

- - - - -
952876db by Salvatore Bonaccorso at 2020-12-04T14:20:00+01:00
CVE-2020-25624: Add tag information for upstream commit

- - - - -
81fd0214 by Salvatore Bonaccorso at 2020-12-04T14:20:32+01:00
CVE-2020-25085: Add tag information to upstrema commit

Use commit action for referenced URL.

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -12065,7 +12065,7 @@ CVE-2020-25723 (A reachable assertion issue was found in the USB EHCI emulation
 	{DLA-2469-1}
 	- qemu <unfixed> (bug #975276)
 	[buster] - qemu <postponed> (Fix along in future DSA)
-	NOTE: https://git.qemu.org/?p=qemu.git;a=commit;h=2fdb42d840400d58f2e706ecca82c142b97bcbd6
+	NOTE: https://git.qemu.org/?p=qemu.git;a=commit;h=2fdb42d840400d58f2e706ecca82c142b97bcbd6 (v5.2.0-rc0)
 CVE-2020-25722
 	RESERVED
 CVE-2020-25721
@@ -12448,13 +12448,13 @@ CVE-2020-25625 (hw/usb/hcd-ohci.c in QEMU 5.0.0 has an infinite loop when a TD l
 	[buster] - qemu <postponed> (Can be fixed along in next qemu DSA)
 	NOTE: https://lists.nongnu.org/archive/html/qemu-devel/2020-09/msg05905.html
 	NOTE: https://www.openwall.com/lists/oss-security/2020/09/17/1
-	NOTE: Fixed by: https://git.qemu.org/?p=qemu.git;a=patch;h=1be90ebecc95b09a2ee5af3f60c412b45a766c4f (v5.2.0-rc0)
+	NOTE: Fixed by: https://git.qemu.org/?p=qemu.git;a=commit;h=1be90ebecc95b09a2ee5af3f60c412b45a766c4f (v5.2.0-rc0)
 CVE-2020-25624 (hw/usb/hcd-ohci.c in QEMU 5.0.0 has a stack-based buffer over-read via ...)
 	{DLA-2469-1}
 	- qemu <unfixed> (bug #970541)
 	[buster] - qemu <postponed> (Can be fixed along in next qemu DSA)
 	NOTE: https://lists.nongnu.org/archive/html/qemu-devel/2020-09/msg05492.html
-	NOTE: Fixed by: https://git.qemu.org/?p=qemu.git;a=commit;h=1328fe0c32d5474604105b8105310e944976b058
+	NOTE: Fixed by: https://git.qemu.org/?p=qemu.git;a=commit;h=1328fe0c32d5474604105b8105310e944976b058 (v5.2.0-rc0)
 CVE-2020-25623 (Erlang/OTP 22.3.x before 22.3.4.6 and 23.x before 23.1 allows Director ...)
 	- erlang 1:23.1+dfsg-1
 	[buster] - erlang <not-affected> (Vulnerable code introduced later)
@@ -13669,7 +13669,7 @@ CVE-2020-25085 (QEMU 5.0.0 has a heap-based Buffer Overflow in flatview_read_con
 	NOTE: https://lists.nongnu.org/archive/html/qemu-devel/2020-09/msg00733.html
 	NOTE: https://lists.nongnu.org/archive/html/qemu-devel/2020-09/msg01439.html
 	NOTE: https://www.openwall.com/lists/oss-security/2020/09/16/6
-	NOTE: Fixed by: https://git.qemu.org/?p=qemu.git;a=patch;h=dfba99f17feb6d4a129da19d38df1bcd8579d1c3
+	NOTE: Fixed by: https://git.qemu.org/?p=qemu.git;a=commit;h=dfba99f17feb6d4a129da19d38df1bcd8579d1c3 (v5.2.0-rc0)
 CVE-2020-25084 (QEMU 5.0.0 has a use-after-free in hw/usb/hcd-xhci.c because the usb_p ...)
 	- qemu <unfixed> (bug #970539)
 	[buster] - qemu <postponed> (Can be fixed along in next qemu DSA)



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/compare/8116340cb5dd0652e22b0857951e77e9ca582fa8...81fd0214991fed7f650d337a95647ddf47bcf2e4

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/compare/8116340cb5dd0652e22b0857951e77e9ca582fa8...81fd0214991fed7f650d337a95647ddf47bcf2e4
You're receiving this email because of your account on salsa.debian.org.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20201204/d88afc31/attachment.html>
