[Git][security-tracker-team/security-tracker][master] Several qemu issues fixed in unstable

Wed Dec 9 08:02:31 GMT 2020


Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker


Commits:
e8c0b501 by Salvatore Bonaccorso at 2020-12-09T09:02:06+01:00
Several qemu issues fixed in unstable

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -1744,7 +1744,7 @@ CVE-2020-28918
 CVE-2020-28917 (An issue was discovered in the view_statistics (aka View frontend stat ...)
 	NOT-FOR-US: TYPO3 extension
 CVE-2020-28916 (hw/net/e1000e_core.c in QEMU 5.0.0 has an infinite loop via an RX desc ...)
-	- qemu <unfixed> (bug #976388)
+	- qemu 1:5.2+dfsg-1 (bug #976388)
 	[buster] - qemu <postponed> (Fix along in future DSA)
 	[stretch] - qemu <postponed> (Fix along in future DLA)
 	NOTE: https://www.openwall.com/lists/oss-security/2020/12/01/2
@@ -6949,7 +6949,7 @@ CVE-2020-27822 (A flaw was found in Wildfly affecting versions 19.0.0.Final, 19.
 	- wildfly <itp> (bug #752018)
 CVE-2020-27821 [heap buffer overflow in msix_table_mmio_write() in hw/pci/msix.c]
 	RESERVED
-	- qemu <unfixed>
+	- qemu 1:5.2+dfsg-1
 	[stretch] - qemu <postponed> (Fix along in future DLA)
 	NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=1902651
 CVE-2020-27820 [use-after-free in nouveau kernel module]
@@ -7873,7 +7873,7 @@ CVE-2020-27662 (In GLPI before 9.5.3, ajax/comments.php has an Insecure Direct O
 	- glpi <removed>
 CVE-2020-27661 [divide by zero in dwc2_handle_packet() in hw/usb/hcd-dwc2.c]
 	RESERVED
-	- qemu <unfixed> (bug #972864)
+	- qemu 1:5.2+dfsg-1 (bug #972864)
 	[buster] - qemu <postponed> (Fix along in future DSA)
 	[stretch] - qemu <not-affected> (Vulnerable code introduced later)
 	NOTE: https://lists.nongnu.org/archive/html/qemu-devel/2020-10/msg04263.html
@@ -7979,12 +7979,12 @@ CVE-2020-27618 [iconv when processing invalid multi-byte input sequences fails t
 	NOTE: https://sourceware.org/git/?p=glibc.git;a=commit;h=9a99c682144bdbd40792ebf822fe9264e0376fb5
 CVE-2020-27617 (eth_get_gso_type in net/eth.c in QEMU 4.2.1 allows guest OS users to t ...)
 	{DLA-2469-1}
-	- qemu <unfixed> (bug #973324)
+	- qemu 1:5.2+dfsg-1 (bug #973324)
 	[buster] - qemu <postponed> (Fix along in future DSA)
 	NOTE: https://lists.nongnu.org/archive/html/qemu-devel/2020-10/msg06023.html
 	NOTE: Fixed by: https://git.qemu.org/?p=qemu.git;a=commit;h=7564bf7701f00214cdc8a678a9f7df765244def1 (v5.2.0-rc2)
 CVE-2020-27616 (ati_2d_blt in hw/display/ati_2d.c in QEMU 4.2.1 can encounter an outsi ...)
-	- qemu <unfixed> (bug #975265)
+	- qemu 1:5.2+dfsg-1 (bug #975265)
 	[buster] - qemu <not-affected> (Vulnerable code introduced in ATI VGA device emulation added later)
 	[stretch] - qemu <not-affected> (Vulnerable code introduced in ATI VGA device emulation added later)
 	NOTE: https://lists.nongnu.org/archive/html/qemu-devel/2020-10/msg06080.html
@@ -12207,7 +12207,7 @@ CVE-2020-25724
 	NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=1899354 (lacks details ATM)
 CVE-2020-25723 (A reachable assertion issue was found in the USB EHCI emulation code o ...)
 	{DLA-2469-1}
-	- qemu <unfixed> (bug #975276)
+	- qemu 1:5.2+dfsg-1 (bug #975276)
 	[buster] - qemu <postponed> (Fix along in future DSA)
 	NOTE: https://git.qemu.org/?p=qemu.git;a=commit;h=2fdb42d840400d58f2e706ecca82c142b97bcbd6 (v5.2.0-rc0)
 CVE-2020-25722
@@ -12250,7 +12250,7 @@ CVE-2020-25708 (A divide by zero issue was found to occur in libvncserver-0.9.12
 	NOTE: https://github.com/LibVNC/libvncserver/commit/673c07a75ed844d74676f3ccdcfdc706a7052dba
 CVE-2020-25707 [infinite loop in e1000e_write_packet_to_guest() in hw/net/e1000e_core.c]
 	RESERVED
-	- qemu <unfixed> (bug #974687)
+	- qemu 1:5.2+dfsg-1 (bug #974687)
 	[buster] - qemu <postponed> (Fix along in future DSA)
 	[stretch] - qemu <postponed> (Minor issue; reconsider when fixed upstream)
 	NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=1893895
@@ -12599,14 +12599,14 @@ CVE-2020-25626 (A flaw was found in Django REST Framework versions before 3.12.0
 	NOTE: Fixed upstream in 3.12.0 and 3.11.2
 CVE-2020-25625 (hw/usb/hcd-ohci.c in QEMU 5.0.0 has an infinite loop when a TD list ha ...)
 	{DLA-2469-1}
-	- qemu <unfixed> (bug #970542)
+	- qemu 1:5.2+dfsg-1 (bug #970542)
 	[buster] - qemu <postponed> (Can be fixed along in next qemu DSA)
 	NOTE: https://lists.nongnu.org/archive/html/qemu-devel/2020-09/msg05905.html
 	NOTE: https://www.openwall.com/lists/oss-security/2020/09/17/1
 	NOTE: Fixed by: https://git.qemu.org/?p=qemu.git;a=commit;h=1be90ebecc95b09a2ee5af3f60c412b45a766c4f (v5.2.0-rc0)
 CVE-2020-25624 (hw/usb/hcd-ohci.c in QEMU 5.0.0 has a stack-based buffer over-read via ...)
 	{DLA-2469-1}
-	- qemu <unfixed> (bug #970541)
+	- qemu 1:5.2+dfsg-1 (bug #970541)
 	[buster] - qemu <postponed> (Can be fixed along in next qemu DSA)
 	NOTE: https://lists.nongnu.org/archive/html/qemu-devel/2020-09/msg05492.html
 	NOTE: Fixed by: https://git.qemu.org/?p=qemu.git;a=commit;h=1328fe0c32d5474604105b8105310e944976b058 (v5.2.0-rc0)
@@ -13820,14 +13820,14 @@ CVE-2020-25086 (Ecommerce-CodeIgniter-Bootstrap before 2020-08-03 allows XSS in
 	NOT-FOR-US: Ecommerce-CodeIgniter-Bootstrap
 CVE-2020-25085 (QEMU 5.0.0 has a heap-based Buffer Overflow in flatview_read_continue  ...)
 	{DLA-2469-1}
-	- qemu <unfixed> (bug #970540)
+	- qemu 1:5.2+dfsg-1 (bug #970540)
 	[buster] - qemu <postponed> (Can be fixed along in next qemu DSA)
 	NOTE: https://lists.nongnu.org/archive/html/qemu-devel/2020-09/msg00733.html
 	NOTE: https://lists.nongnu.org/archive/html/qemu-devel/2020-09/msg01439.html
 	NOTE: https://www.openwall.com/lists/oss-security/2020/09/16/6
 	NOTE: Fixed by: https://git.qemu.org/?p=qemu.git;a=commit;h=dfba99f17feb6d4a129da19d38df1bcd8579d1c3 (v5.2.0-rc0)
 CVE-2020-25084 (QEMU 5.0.0 has a use-after-free in hw/usb/hcd-xhci.c because the usb_p ...)
-	- qemu <unfixed> (bug #970539)
+	- qemu 1:5.2+dfsg-1 (bug #970539)
 	[buster] - qemu <postponed> (Can be fixed along in next qemu DSA)
 	[stretch] - qemu <postponed> (Fix along in future DLA)
 	NOTE: https://lists.nongnu.org/archive/html/qemu-devel/2020-08/msg08050.html
@@ -32890,7 +32890,7 @@ CVE-2020-15861 (Net-SNMP through 5.7.3 allows Escalation of Privileges because o
 CVE-2020-15860 (Parallels Remote Application Server (RAS) 17.1.1 has a Business Logic  ...)
 	NOT-FOR-US: Parallels
 CVE-2020-15859 (QEMU 4.2.0 has a use-after-free in hw/net/e1000e_core.c because a gues ...)
-	- qemu <unfixed> (bug #965978)
+	- qemu 1:5.2+dfsg-1 (bug #965978)
 	[buster] - qemu <postponed> (Minor issue, can be fixed along in next DSA)
 	[stretch] - qemu <postponed> (Minor issue, can be fixed along in next DLA)
 	NOTE: Proposed patch: https://lists.gnu.org/archive/html/qemu-devel/2020-07/msg05895.html



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/e8c0b5010e28c5abcfed3f0febc25ce750e3563b

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/e8c0b5010e28c5abcfed3f0febc25ce750e3563b
You're receiving this email because of your account on salsa.debian.org.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20201209/bc99a9db/attachment.html>
