[Git][security-tracker-team/security-tracker][master] qemu: Annotate some upstream commits
Salvatore Bonaccorso
carnil at debian.org
Tue Nov 24 19:58:27 GMT 2020
Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker
Commits:
a60b105b by Salvatore Bonaccorso at 2020-11-24T20:55:39+01:00
qemu: Annotate some upstream commits
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -6150,7 +6150,7 @@ CVE-2020-27661 [divide by zero in dwc2_handle_packet() in hw/usb/hcd-dwc2.c]
[buster] - qemu <postponed> (Fix along in future DSA)
[stretch] - qemu <not-affected> (Vulnerable code introduced later)
NOTE: https://lists.nongnu.org/archive/html/qemu-devel/2020-10/msg04263.html
- NOTE: Fixed by: https://git.qemu.org/?p=qemu.git;a=commit;h=bea2a9e3e00b275dc40cfa09c760c715b8753e03
+ NOTE: Fixed by: https://git.qemu.org/?p=qemu.git;a=commit;h=bea2a9e3e00b275dc40cfa09c760c715b8753e03 (v5.2.0-rc0)
CVE-2020-27660
RESERVED
CVE-2020-27659
@@ -6255,7 +6255,7 @@ CVE-2020-27617 (eth_get_gso_type in net/eth.c in QEMU 4.2.1 allows guest OS user
[buster] - qemu <postponed> (Fix along in future DSA)
[stretch] - qemu <postponed> (Minor issue, fix along in future DLA)
NOTE: https://lists.nongnu.org/archive/html/qemu-devel/2020-10/msg06023.html
- NOTE: fixed by: https://git.qemu.org/?p=qemu.git;a=commit;h=7564bf7701f00214cdc8a678a9f7df765244def1
+ NOTE: Fixed by: https://git.qemu.org/?p=qemu.git;a=commit;h=7564bf7701f00214cdc8a678a9f7df765244def1 (v5.2.0-rc2)
CVE-2020-27616 (ati_2d_blt in hw/display/ati_2d.c in QEMU 4.2.1 can encounter an outsi ...)
- qemu <unfixed> (bug #975265)
[buster] - qemu <not-affected> (Vulnerable code introduced in ATI VGA device emulation added later)
@@ -10782,7 +10782,7 @@ CVE-2020-25625 (hw/usb/hcd-ohci.c in QEMU 5.0.0 has an infinite loop when a TD l
[stretch] - qemu <postponed> (Fix along in future DLA)
NOTE: https://lists.nongnu.org/archive/html/qemu-devel/2020-09/msg05905.html
NOTE: https://www.openwall.com/lists/oss-security/2020/09/17/1
- NOTE: fixed by: https://git.qemu.org/?p=qemu.git;a=patch;h=1be90ebecc95b09a2ee5af3f60c412b45a766c4f
+ NOTE: Fixed by: https://git.qemu.org/?p=qemu.git;a=patch;h=1be90ebecc95b09a2ee5af3f60c412b45a766c4f (v5.2.0-rc0)
CVE-2020-25624 [hcd-ohci: out-of-bound access issue while processing transfer descriptors]
RESERVED
- qemu <unfixed> (bug #970541)
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/a60b105b36a1d80215173a3537f1505288fff27f
--
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/a60b105b36a1d80215173a3537f1505288fff27f
You're receiving this email because of your account on salsa.debian.org.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20201124/e0874541/attachment.html>
More information about the debian-security-tracker-commits
mailing list