[Git][security-tracker-team/security-tracker][master] 2 commits: Ignore CVE-2021-3592,qemu for now because of a regression.

Sat Sep 11 21:58:54 BST 2021


Markus Koschany pushed to branch master at Debian Security Tracker / security-tracker


Commits:
95baca24 by Markus Koschany at 2021-09-11T22:51:09+02:00
Ignore CVE-2021-3592,qemu for now because of a regression.

- - - - -
5f977316 by Markus Koschany at 2021-09-11T22:58:40+02:00
Reserve DLA-2753-2 for qemu

- - - - -


2 changed files:

- data/CVE/list
- data/DLA/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -14435,6 +14435,7 @@ CVE-2021-3592 (An invalid pointer initialization issue was found in the SLiRP ne
 	[bullseye] - libslirp <no-dsa> (Minor issue)
 	- qemu 1:4.1-2
 	[buster] - qemu <no-dsa> (Minor issue)
+	[stretch] - qemu <ignored> (Introduces a regression. See Debian bug #994080)
 	NOTE: https://gitlab.freedesktop.org/slirp/libslirp/-/commit/93e645e72a056ec0b2c16e0299fc5c6b94e4ca17 (v4.6.0)
 	NOTE: https://gitlab.freedesktop.org/slirp/libslirp/-/commit/f13cad45b25d92760bb0ad67bec0300a4d7d5275 (v4.6.0)
 	NOTE: https://gitlab.freedesktop.org/slirp/libslirp/-/commit/2eca0838eee1da96204545e22cdaed860d9d7c6c (v4.6.0)


=====================================
data/DLA/list
=====================================
@@ -1,3 +1,5 @@
+[11 Sep 2021] DLA-2753-2 qemu - regression update
+	[stretch] - qemu 1:2.8+dfsg-6+deb9u16
 [10 Sep 2021] DLA-2756-1 firefox-esr - security update
 	{CVE-2021-38493}
 	[stretch] - firefox-esr 78.14.0esr-1~deb9u1
@@ -8,7 +10,7 @@
 	{CVE-2021-39371}
 	[stretch] - pywps 4.0.0-3+deb9u1
 [01 Sep 2021] DLA-2753-1 qemu - security update
-	{CVE-2021-3527 CVE-2021-3592 CVE-2021-3594 CVE-2021-3595 CVE-2021-3682 CVE-2021-3713}
+	{CVE-2021-3527 CVE-2021-3594 CVE-2021-3595 CVE-2021-3682 CVE-2021-3713}
 	[stretch] - qemu 1:2.8+dfsg-6+deb9u15
 [31 Aug 2021] DLA-2752-1 squashfs-tools - security update
 	{CVE-2021-40153}



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/compare/25d3c84d2a7b0e8644b9090382af07082e347921...5f97731686d16bdfd14b1fd04a23413485a3a830

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/compare/25d3c84d2a7b0e8644b9090382af07082e347921...5f97731686d16bdfd14b1fd04a23413485a3a830
You're receiving this email because of your account on salsa.debian.org.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20210911/154f52dc/attachment.htm>
