[Git][security-tracker-team/security-tracker][master] Add CVE-2020-10761/qemu
Salvatore Bonaccorso
carnil at debian.org
Tue Jun 9 06:33:47 BST 2020
Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker
Commits:
d33ba3a6 by Salvatore Bonaccorso at 2020-06-09T07:33:13+02:00
Add CVE-2020-10761/qemu
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -9197,8 +9197,15 @@ CVE-2020-10763
RESERVED
CVE-2020-10762
RESERVED
-CVE-2020-10761
+CVE-2020-10761 [nbd: reachable assertion failure innbd_negotiate_send_rep_verr via remote client]
RESERVED
+ - qemu <unfixed>
+ [buster] - qemu <not-affected> (Vulnerable code introduced later)
+ [stretch] - qemu <not-affected> (Vulnerable code introduced later)
+ [jessie] - qemu <not-affected> (Vulnerable code introduced later)
+ NOTE: https://www.openwall.com/lists/oss-security/2020/06/09/1
+ NOTE: Proposed upstream patch: https://lists.gnu.org/archive/html/qemu-devel/2020-06/msg02031.html
+ NOTE: Introduced in: https://git.qemu.org/?p=qemu.git;a=commit;h=93676c88d7a5cd5971de94f9091eff8e9773b1af
CVE-2020-10760
RESERVED
CVE-2020-10759 [Possible bypass in signature verification]
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/d33ba3a6f959bb5baa2c213b859d0f853e78b5b4
--
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/d33ba3a6f959bb5baa2c213b859d0f853e78b5b4
You're receiving this email because of your account on salsa.debian.org.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20200609/6c4e44f6/attachment.html>
More information about the debian-security-tracker-commits
mailing list