[Git][security-tracker-team/security-tracker][master] Mark CVE-2021-3544,CVE-2021-3545,CVE-2021-3546 in Qemu/Stretch as not-affected

Markus Koschany (@apo) apo at debian.org
Tue Aug 31 23:11:15 BST 2021 


Markus Koschany pushed to branch master at Debian Security Tracker / security-tracker


Commits:
db95e31b by Markus Koschany at 2021-09-01T00:09:22+02:00
Mark CVE-2021-3544,CVE-2021-3545,CVE-2021-3546 in Qemu/Stretch as not-affected

The vulnerable code was introduced later in 2019.

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -17786,7 +17786,7 @@ CVE-2021-3545 (An information disclosure vulnerability was found in the virtio v
 	- qemu 1:6.1+dfsg-1 (bug #989042)
 	[bullseye] - qemu <no-dsa> (Minor issue)
 	[buster] - qemu <no-dsa> (Minor issue)
-	[stretch] - qemu <postponed> (Minor issue; can be fixed in next update)
+	[stretch] - qemu <not-affected> (The vulnerable code was introduced later)
 	NOTE: https://lists.nongnu.org/archive/html/qemu-devel/2021-05/msg01155.html
 	NOTE: https://lists.nongnu.org/archive/html/qemu-devel/2021-05/msg01153.html
 	NOTE: https://gitlab.com/qemu-project/qemu/-/commit/121841b2
@@ -17794,7 +17794,7 @@ CVE-2021-3544 (Several memory leaks were found in the virtio vhost-user GPU devi
 	- qemu 1:6.1+dfsg-1 (bug #989042)
 	[bullseye] - qemu <no-dsa> (Minor issue)
 	[buster] - qemu <no-dsa> (Minor issue)
-	[stretch] - qemu <postponed> (Minor issue; can be fixed in next update)
+	[stretch] - qemu <not-affected> (The vulnerable code was introduced later)
 	NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=1958935
 	NOTE: https://lists.nongnu.org/archive/html/qemu-devel/2021-05/msg01155.html
 	NOTE: https://lists.nongnu.org/archive/html/qemu-devel/2021-05/msg01151.html
@@ -18033,7 +18033,7 @@ CVE-2021-3546 (A flaw was found in vhost-user-gpu of QEMU in versions up to and
 	- qemu 1:6.1+dfsg-1 (bug #989042)
 	[bullseye] - qemu <no-dsa> (Minor issue)
 	[buster] - qemu <no-dsa> (Minor issue)
-	[stretch] - qemu <postponed> (Minor issue; can be fixed in next update)
+	[stretch] - qemu <not-affected> (The vulnerable code was introduced later)
 	NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=1958978
 	NOTE: https://lists.nongnu.org/archive/html/qemu-devel/2021-05/msg01155.html
 	NOTE: https://lists.nongnu.org/archive/html/qemu-devel/2021-05/msg01154.html



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/db95e31ba4ba21b130e7ded530d0edba7151720f

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/db95e31ba4ba21b130e7ded530d0edba7151720f
You're receiving this email because of your account on salsa.debian.org.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20210831/d6c289c9/attachment.htm>

More information about the debian-security-tracker-commits mailing list