[Git][security-tracker-team/security-tracker][master] qemu fixed in sid

Moritz Muehlenhoff jmm at debian.org
Sun Feb 14 16:09:36 GMT 2021 


Moritz Muehlenhoff pushed to branch master at Debian Security Tracker / security-tracker


Commits:
27983b61 by Moritz Muehlenhoff at 2021-02-14T17:08:52+01:00
qemu fixed in sid

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -16796,7 +16796,7 @@ CVE-2021-20222
 	RESERVED
 CVE-2021-20221 [GIC: out-of-bound heap buffer access via an interrupt ID field]
 	RESERVED
-	- qemu <unfixed>
+	- qemu 1:5.2+dfsg-4
 	NOTE: https://www.openwall.com/lists/oss-security/2021/02/05/1
 	NOTE: https://gitlab.com/qemu-project/qemu/-/commit/edfe2eb4360cde4ed5d95bda7777edcb3510f76a
 CVE-2021-20220
@@ -16979,7 +16979,7 @@ CVE-2021-20182
 	NOT-FOR-US: OpenShift
 CVE-2021-20181 [9pfs: Fully restart unreclaim loop]
 	RESERVED
-	- qemu <unfixed>
+	- qemu 1:5.2+dfsg-4
 	NOTE: https://git.qemu.org/?p=qemu.git;a=commit;h=89fbea8737e8f7b954745a1ffc4238d377055305
 CVE-2021-20180
 	RESERVED
@@ -17303,7 +17303,7 @@ CVE-2020-35518 [Information disclosure during the binding of a DN]
 	NOTE: https://github.com/389ds/389-ds-base/commit/38b97faef8a6421a7a638ecdbf0b341e2b3f9ab3 (1.4.4.10)
 	NOTE: Introduced as side-effect of https://github.com/389ds/389-ds-base/issues/2535
 CVE-2020-35517 (A flaw was found in qemu. A host privilege escalation issue was found  ...)
-	- qemu <unfixed> (bug #980814)
+	- qemu 1:5.2+dfsg-5 (bug #980814)
 	[buster] - qemu <not-affected> (Vulnerable code introduced later)
 	[stretch] - qemu <not-affected> (Vulnerable code introduced later)
 	NOTE: https://lists.gnu.org/archive/html/qemu-devel/2021-01/msg05461.html



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/27983b61239988ea316805d70759bd101e072821

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/27983b61239988ea316805d70759bd101e072821
You're receiving this email because of your account on salsa.debian.org.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20210214/67b5f05c/attachment.html>

More information about the debian-security-tracker-commits mailing list