[Git][security-tracker-team/security-tracker][master] CVE-2020-25707 rejected as duplicate of CVE-2020-28916

Tue Dec 15 06:16:36 GMT 2020


Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker


Commits:
a09a580b by Salvatore Bonaccorso at 2020-12-15T07:16:02+01:00
CVE-2020-25707 rejected as duplicate of CVE-2020-28916

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -4135,11 +4135,13 @@ CVE-2020-28918
 CVE-2020-28917 (An issue was discovered in the view_statistics (aka View frontend stat ...)
 	NOT-FOR-US: TYPO3 extension
 CVE-2020-28916 (hw/net/e1000e_core.c in QEMU 5.0.0 has an infinite loop via an RX desc ...)
-	- qemu 1:5.2+dfsg-1 (bug #976388)
+	- qemu 1:5.2+dfsg-1 (bug #976388; bug #974687)
 	[buster] - qemu <postponed> (Fix along in future DSA)
 	[stretch] - qemu <postponed> (Fix along in future DLA)
 	NOTE: https://www.openwall.com/lists/oss-security/2020/12/01/2
 	NOTE: https://lists.nongnu.org/archive/html/qemu-devel/2020-11/msg03185.html
+	NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=1893895
+	NOTE: https://lists.nongnu.org/archive/html/qemu-devel/2020-11/msg03552.html
 	NOTE: https://git.qemu.org/?p=qemu.git;a=commit;h=c2cb511634012344e3d0fe49a037a33b12d8a98a (v5.2.0-rc3)
 CVE-2020-28915 (A buffer over-read (at the framebuffer layer) in the fbcon code in the ...)
 	- linux 5.9.1-1
@@ -14645,14 +14647,8 @@ CVE-2020-25708 (A divide by zero issue was found to occur in libvncserver-0.9.12
 	- libvncserver 0.9.13+dfsg-1
 	NOTE: https://github.com/LibVNC/libvncserver/issues/409
 	NOTE: https://github.com/LibVNC/libvncserver/commit/673c07a75ed844d74676f3ccdcfdc706a7052dba
-CVE-2020-25707 [infinite loop in e1000e_write_packet_to_guest() in hw/net/e1000e_core.c]
-	RESERVED
-	- qemu 1:5.2+dfsg-1 (bug #974687)
-	[buster] - qemu <postponed> (Fix along in future DSA)
-	[stretch] - qemu <postponed> (Minor issue; reconsider when fixed upstream)
-	NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=1893895
-	NOTE: https://lists.nongnu.org/archive/html/qemu-devel/2020-11/msg03552.html
-	NOTE: https://git.qemu.org/?p=qemu.git;a=commit;h=c2cb511634012344e3d0fe49a037a33b12d8a98a
+CVE-2020-25707
+	REJECTED
 CVE-2020-25706 (A cross-site scripting (XSS) vulnerability exists in templates_import. ...)
 	- cacti 1.2.14+ds1-1
 	[buster] - cacti <no-dsa> (Minor issue)



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/a09a580b0d7abb8347828dd9e10db735c0d7b625

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/a09a580b0d7abb8347828dd9e10db735c0d7b625
You're receiving this email because of your account on salsa.debian.org.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20201215/5c70c6a8/attachment.html>
