[Git][security-tracker-team/security-tracker][master] Reserve DLA-3099-1 for qemu
Abhijith PA (@abhijith)
abhijith at debian.org
Mon Sep 5 04:22:50 BST 2022
Abhijith PA pushed to branch master at Debian Security Tracker / security-tracker
Commits:
0e2edf5f by Abhijith PA at 2022-09-05T08:52:16+05:30
Reserve DLA-3099-1 for qemu
- - - - -
3 changed files:
- data/CVE/list
- data/DLA/list
- data/dla-needed.txt
Changes:
=====================================
data/CVE/list
=====================================
@@ -36969,7 +36969,6 @@ CVE-2022-26355 (Citrix Federated Authentication Service (FAS) 7.17 - 10.6 causes
CVE-2022-26354 (A flaw was found in the vhost-vsock device of QEMU. In case of error, ...)
{DSA-5133-1 DLA-2970-1}
- qemu 1:7.0+dfsg-1
- [buster] - qemu <no-dsa> (Minor issue)
NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=2063257
NOTE: https://gitlab.com/qemu-project/qemu/-/commit/8d1b247f3748ac4078524130c6d7ae42b6140aaf
NOTE: vulnerable code in buster in vhost_vsock_send_transport_reset
@@ -60930,7 +60929,6 @@ CVE-2021-3930 (An off-by-one error was found in the SCSI device emulation in QEM
{DLA-2970-1}
- qemu 1:6.2+dfsg-1
[bullseye] - qemu <postponed> (Minor issue)
- [buster] - qemu <postponed> (Minor issue)
NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=2020588
NOTE: https://gitlab.com/qemu-project/qemu/-/issues/546
NOTE: Fixed by: https://gitlab.com/qemu-project/qemu/-/commit/b3af7fdf9cc537f8f0dd3e2423d83f5c99a457e8 (v6.2.0-rc0)
@@ -73898,7 +73896,6 @@ CVE-2021-39231 (In Apache Ozone versions prior to 1.2.0, Various internal server
CVE-2021-3713 (An out-of-bounds write flaw was found in the UAS (USB Attached SCSI) d ...)
{DSA-4980-1 DLA-2753-1}
- qemu 1:6.1+dfsg-2 (bug #992727)
- [buster] - qemu <no-dsa> (Minor issue)
NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=1994640
NOTE: https://gitlab.com/qemu-project/qemu/-/commit/13b250b12ad3c59114a6a17d59caf073ce45b33a
CVE-2021-39230 (Butter is a system usability utility. Due to a kernel error the JPNS k ...)
@@ -84736,13 +84733,11 @@ CVE-2021-34827 (This vulnerability allows network-adjacent attackers to execute
NOT-FOR-US: D-Link
CVE-2021-3608 (A flaw was found in the QEMU implementation of VMWare's paravirtual RD ...)
- qemu 1:5.2+dfsg-11 (bug #990563)
- [buster] - qemu <no-dsa> (Minor issue)
[stretch] - qemu <not-affected> (Vulnerable code introduced later)
NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=1973383
NOTE: https://git.qemu.org/?p=qemu.git;a=commit;h=66ae37d8cc313f89272e711174a846a229bcdbd3
CVE-2021-3607 (An integer overflow was found in the QEMU implementation of VMWare's p ...)
- qemu 1:5.2+dfsg-11 (bug #990564)
- [buster] - qemu <no-dsa> (Minor issue)
[stretch] - qemu <not-affected> (Vulnerable code introduced later)
NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=1973349
NOTE: upstream commit: https://git.qemu.org/?p=qemu.git;a=commit;h=32e5703cfea07c91e6e84bcb0313f633bb146534
@@ -86893,7 +86888,6 @@ CVE-2021-3587
REJECTED
CVE-2021-3582 (A flaw was found in the QEMU implementation of VMWare's paravirtual RD ...)
- qemu 1:5.2+dfsg-11 (bug #990565)
- [buster] - qemu <no-dsa> (Minor issue)
[stretch] - qemu <not-affected> (Vulnerable code introduced later)
NOTE: https://lists.nongnu.org/archive/html/qemu-devel/2021-06/msg04148.html
NOTE: Upstream commit: https://git.qemu.org/?p=qemu.git;a=commit;h=284f191b4abad213aed04cb0458e1600fd18d7c4
@@ -92138,7 +92132,6 @@ CVE-2021-3528 (A flaw was found in noobaa-operator in versions before 5.7.0, whe
CVE-2021-3527 (A flaw was found in the USB redirector device (usb-redir) of QEMU. Sma ...)
{DLA-2753-1}
- qemu 1:5.2+dfsg-11 (bug #988157)
- [buster] - qemu <no-dsa> (Minor issue)
NOTE: Initial patchset: https://lists.nongnu.org/archive/html/qemu-devel/2021-05/msg00564.html
NOTE: Revisited: https://lists.nongnu.org/archive/html/qemu-devel/2021-05/msg01372.html
NOTE: https://lists.nongnu.org/archive/html/qemu-devel/2021-05/msg01373.html
@@ -93339,7 +93332,6 @@ CVE-2021-3508 (A flaw was found in PDFResurrect in version 0.22b. There is an in
CVE-2021-3507 (A heap buffer overflow was found in the floppy disk emulator of QEMU u ...)
- qemu <unfixed> (bug #987410)
[bullseye] - qemu <no-dsa> (Minor issue)
- [buster] - qemu <no-dsa> (Minor issue)
[stretch] - qemu <no-dsa> (Minor issue)
NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=1951118
NOTE: https://gitlab.com/qemu-project/qemu/-/commit/defac5e2fbddf8423a354ff0454283a2115e1367
@@ -103199,7 +103191,6 @@ CVE-2021-3417 (An internal product security audit of LXCO, prior to version 1.2.
CVE-2021-3416 (A potential stack overflow via infinite loop issue was found in variou ...)
{DLA-2623-1}
- qemu 1:5.2+dfsg-9 (bug #984448)
- [buster] - qemu <postponed> (Minor issue)
NOTE: https://lists.gnu.org/archive/html/qemu-devel/2021-02/msg07431.html
NOTE: https://lists.gnu.org/archive/html/qemu-devel/2021-02/msg07484.html
NOTE: https://git.qemu.org/?p=qemu.git;a=commit;h=e73adfbeec9d4e008630c814759052ed945c3fed
@@ -105881,7 +105872,6 @@ CVE-2021-3393 (An information leak was discovered in postgresql in versions befo
CVE-2021-3392 (A use-after-free flaw was found in the MegaRAID emulator of QEMU. This ...)
{DLA-2623-1}
- qemu 1:5.2+dfsg-10 (bug #984449)
- [buster] - qemu <postponed> (Minor issue)
NOTE: https://lists.gnu.org/archive/html/qemu-devel/2021-02/msg00488.html
NOTE: https://bugs.launchpad.net/qemu/+bug/1914236
NOTE: https://git.qemu.org/?p=qemu.git;a=commit;h=3791642c8d60029adf9b00bcb4e34d7d8a1aea4d
@@ -122917,7 +122907,6 @@ CVE-2021-20257 (An infinite loop flaw was found in the e1000 NIC emulator of the
{DLA-2623-1}
- qemu 1:5.2+dfsg-9 (bug #984450)
[bullseye] - qemu <postponed> (Minor issue)
- [buster] - qemu <postponed> (Minor issue)
NOTE: https://lists.gnu.org/archive/html/qemu-devel/2021-02/msg03595.html
NOTE: https://git.qemu.org/?p=qemu.git;a=commit;h=3de46e6fc489c52c9431a8a832ad8170a7569bd8
CVE-2021-20256 (A flaw was found in Red Hat Satellite. The BMC interface exposes the p ...)
@@ -123112,7 +123101,6 @@ CVE-2021-20222 (A flaw was found in keycloak. The new account console in keycloa
CVE-2021-20221 (An out-of-bounds heap buffer access issue was found in the ARM Generic ...)
{DLA-2560-1}
- qemu 1:5.2+dfsg-4
- [buster] - qemu <postponed> (Minor issue)
NOTE: https://www.openwall.com/lists/oss-security/2021/02/05/1
NOTE: https://gitlab.com/qemu-project/qemu/-/commit/edfe2eb4360cde4ed5d95bda7777edcb3510f76a (v6.0.0-rc0)
CVE-2021-20220 (A flaw was found in Undertow. A regression in the fix for CVE-2020-106 ...)
@@ -123211,7 +123199,6 @@ CVE-2021-20203 (An integer overflow issue was found in the vmxnet3 NIC emulator
{DLA-2623-1}
- qemu 1:6.2+dfsg-1 (bug #984452)
[bullseye] - qemu <postponed> (Minor issue)
- [buster] - qemu <postponed> (Minor issue)
NOTE: https://bugs.launchpad.net/qemu/+bug/1913873
NOTE: https://gitlab.com/qemu-project/qemu/-/issues/308
NOTE: https://bugs.launchpad.net/qemu/+bug/1890152
@@ -123252,7 +123239,6 @@ CVE-2021-20196 (A NULL pointer dereference flaw was found in the floppy disk emu
{DLA-2970-1}
- qemu 1:6.2+dfsg-1 (bug #984453)
[bullseye] - qemu <postponed> (Minor issue, revisit when fixed upstream)
- [buster] - qemu <postponed> (Fix along in future DSA)
NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=1919210
NOTE: https://bugs.launchpad.net/qemu/+bug/1912780
NOTE: https://gitlab.com/qemu-project/qemu/-/issues/338
@@ -123312,7 +123298,6 @@ CVE-2021-20182 (A privilege escalation flaw was found in openshift4/ose-docker-b
CVE-2021-20181 (A race condition flaw was found in the 9pfs server implementation of Q ...)
{DLA-2560-1}
- qemu 1:5.2+dfsg-4
- [buster] - qemu <postponed> (Minor issue)
NOTE: https://git.qemu.org/?p=qemu.git;a=commit;h=89fbea8737e8f7b954745a1ffc4238d377055305
CVE-2021-20180 (A flaw was found in ansible module where credentials are disclosed in ...)
- ansible 5.4.0-1 (bug #985753)
@@ -123733,7 +123718,6 @@ CVE-2020-35505 (A NULL pointer dereference flaw was found in the am53c974 SCSI h
[experimental] - qemu 1:6.0+dfsg-1~exp0
- qemu 1:6.0+dfsg-3 (bug #984455)
[bullseye] - qemu <postponed> (Minor issue, revisit when fixed upstream)
- [buster] - qemu <postponed> (Fix along in future DSA)
[stretch] - qemu <postponed> (Fix along in future DLA)
NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=1909769
NOTE: https://bugs.launchpad.net/qemu/+bug/1910723 (reproducer)
@@ -123752,7 +123736,6 @@ CVE-2020-35504 (A NULL pointer dereference flaw was found in the SCSI emulation
[experimental] - qemu 1:6.0+dfsg-1~exp0
- qemu 1:6.0+dfsg-3 (bug #979679)
[bullseye] - qemu <postponed> (Minor issue, revisit when fixed upstream)
- [buster] - qemu <postponed> (Fix along in future DSA)
[stretch] - qemu <postponed> (Fix along in future DLA)
NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=1909766
NOTE: https://bugs.launchpad.net/qemu/+bug/1910723 (reproducer)
@@ -127315,7 +127298,6 @@ CVE-2020-29444 (Affected versions of Team Calendar in Confluence Server before 7
CVE-2020-29443 (ide_atapi_cmd_reply_end in hw/ide/atapi.c in QEMU 5.1.0 allows out-of- ...)
{DLA-2560-1}
- qemu 1:5.2+dfsg-11 (bug #983575)
- [buster] - qemu <postponed> (Fix along in future DSA)
NOTE: https://lists.gnu.org/archive/html/qemu-devel/2021-01/msg04255.html
NOTE: https://git.qemu.org/?p=qemu.git;a=commit;h=813212288970c39b1800f63e83ac6e96588095c6
NOTE: https://git.qemu.org/?p=qemu.git;a=commit;h=b8d7f1bc59276fec85e4d09f1567613a3e14d31e
@@ -128014,7 +127996,6 @@ CVE-2020-29130 (slirp.c in libslirp through 4.3.1 has a buffer over-read because
CVE-2020-29129 (ncsi.c in libslirp through 4.3.1 has a buffer over-read because it tri ...)
- libslirp 4.4.0-1
- qemu 1:4.1-2
- [buster] - qemu <postponed> (Fix along in future DSA)
[stretch] - qemu <not-affected> (Vulnerable code introduced later)
NOTE: https://gitlab.freedesktop.org/slirp/libslirp/-/commit/2e1dcbc0c2af64fcb17009eaf2ceedd81be2b27f (v4.4.0)
NOTE: qemu 1:4.1-2 switched to system libslirp, marking that version as fixed.
@@ -128557,7 +128538,6 @@ CVE-2020-28917 (An issue was discovered in the view_statistics (aka View fronten
CVE-2020-28916 (hw/net/e1000e_core.c in QEMU 5.0.0 has an infinite loop via an RX desc ...)
{DLA-2560-1}
- qemu 1:5.2+dfsg-1 (bug #976388; bug #974687)
- [buster] - qemu <postponed> (Fix along in future DSA)
NOTE: https://www.openwall.com/lists/oss-security/2020/12/01/2
NOTE: https://lists.nongnu.org/archive/html/qemu-devel/2020-11/msg03185.html
NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=1893895 (duplicate)
@@ -134202,7 +134182,6 @@ CVE-2020-27822 (A flaw was found in Wildfly affecting versions 19.0.0.Final, 19.
- wildfly <itp> (bug #752018)
CVE-2020-27821 (A flaw was found in the memory management API of QEMU during the initi ...)
- qemu 1:5.2+dfsg-3 (bug #977616)
- [buster] - qemu <postponed> (Fix along in future update)
[stretch] - qemu <not-affected> (Vulnerable code introduced later)
NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=1902651
NOTE: https://git.qemu.org/?p=qemu.git;a=commit;h=4bfb024bc76973d40a359476dc0291f46e435442
@@ -135362,7 +135341,6 @@ CVE-2020-27618 (The iconv function in the GNU C Library (aka glibc or libc6) 2.3
CVE-2020-27617 (eth_get_gso_type in net/eth.c in QEMU 4.2.1 allows guest OS users to t ...)
{DLA-2469-1}
- qemu 1:5.2+dfsg-1 (bug #973324)
- [buster] - qemu <postponed> (Fix along in future DSA)
NOTE: https://lists.nongnu.org/archive/html/qemu-devel/2020-10/msg06023.html
NOTE: Fixed by: https://git.qemu.org/?p=qemu.git;a=commit;h=7564bf7701f00214cdc8a678a9f7df765244def1 (v5.2.0-rc2)
CVE-2020-27616 (ati_2d_blt in hw/display/ati_2d.c in QEMU 4.2.1 can encounter an outsi ...)
@@ -139824,7 +139802,6 @@ CVE-2020-25724 (A flaw was found in RESTEasy, where an incorrect response to an
CVE-2020-25723 (A reachable assertion issue was found in the USB EHCI emulation code o ...)
{DLA-2469-1}
- qemu 1:5.2+dfsg-1 (bug #975276)
- [buster] - qemu <postponed> (Fix along in future DSA)
NOTE: https://git.qemu.org/?p=qemu.git;a=commit;h=2fdb42d840400d58f2e706ecca82c142b97bcbd6 (v5.2.0-rc0)
CVE-2020-25722 (Multiple flaws were found in the way samba AD DC implemented access an ...)
{DSA-5003-1}
@@ -140299,14 +140276,12 @@ CVE-2020-25626 (A flaw was found in Django REST Framework versions before 3.12.0
CVE-2020-25625 (hw/usb/hcd-ohci.c in QEMU 5.0.0 has an infinite loop when a TD list ha ...)
{DLA-2469-1}
- qemu 1:5.2+dfsg-1 (bug #970542)
- [buster] - qemu <postponed> (Can be fixed along in next qemu DSA)
NOTE: https://lists.nongnu.org/archive/html/qemu-devel/2020-09/msg05905.html
NOTE: https://www.openwall.com/lists/oss-security/2020/09/17/1
NOTE: Fixed by: https://git.qemu.org/?p=qemu.git;a=commit;h=1be90ebecc95b09a2ee5af3f60c412b45a766c4f (v5.2.0-rc0)
CVE-2020-25624 (hw/usb/hcd-ohci.c in QEMU 5.0.0 has a stack-based buffer over-read via ...)
{DLA-2469-1}
- qemu 1:5.2+dfsg-1 (bug #970541)
- [buster] - qemu <postponed> (Can be fixed along in next qemu DSA)
NOTE: https://lists.nongnu.org/archive/html/qemu-devel/2020-09/msg05492.html
NOTE: Fixed by: https://git.qemu.org/?p=qemu.git;a=commit;h=1328fe0c32d5474604105b8105310e944976b058 (v5.2.0-rc0)
CVE-2020-25623 (Erlang/OTP 22.3.x before 22.3.4.6 and 23.x before 23.1 allows Director ...)
@@ -141553,7 +141528,6 @@ CVE-2021-3409 (The patch for CVE-2020-17380/CVE-2020-25085 was found to be ineff
CVE-2020-25085 (QEMU 5.0.0 has a heap-based Buffer Overflow in flatview_read_continue ...)
{DLA-2469-1}
- qemu 1:5.2+dfsg-1 (bug #970540)
- [buster] - qemu <postponed> (Can be fixed along in next qemu DSA)
NOTE: https://lists.nongnu.org/archive/html/qemu-devel/2020-09/msg00733.html
NOTE: https://lists.nongnu.org/archive/html/qemu-devel/2020-09/msg01439.html
NOTE: https://www.openwall.com/lists/oss-security/2020/09/16/6
@@ -141565,7 +141539,6 @@ CVE-2020-25085 (QEMU 5.0.0 has a heap-based Buffer Overflow in flatview_read_con
CVE-2020-25084 (QEMU 5.0.0 has a use-after-free in hw/usb/hcd-xhci.c because the usb_p ...)
{DLA-2560-1}
- qemu 1:5.2+dfsg-1 (bug #970539)
- [buster] - qemu <postponed> (Can be fixed along in next qemu DSA)
NOTE: https://lists.nongnu.org/archive/html/qemu-devel/2020-08/msg08050.html
NOTE: https://lists.nongnu.org/archive/html/qemu-devel/2020-08/msg08043.html
NOTE: https://www.openwall.com/lists/oss-security/2020/09/16/5
@@ -161671,7 +161644,6 @@ CVE-2020-15860 (Parallels Remote Application Server (RAS) 17.1.1 has a Business
CVE-2020-15859 (QEMU 4.2.0 has a use-after-free in hw/net/e1000e_core.c because a gues ...)
{DLA-2560-1}
- qemu 1:5.2+dfsg-1 (bug #965978)
- [buster] - qemu <postponed> (Minor issue, can be fixed along in next DSA)
NOTE: Proposed patch: https://lists.gnu.org/archive/html/qemu-devel/2020-07/msg05895.html
NOTE: https://bugs.launchpad.net/qemu/+bug/1886362
NOTE: https://git.qemu.org/?p=qemu.git;a=commit;h=22dc8663d9fc7baa22100544c600b6285a63c7a3
@@ -162792,7 +162764,6 @@ CVE-2020-15469 (In QEMU 4.2.0, a MemoryRegionOps object may lack read/write call
{DLA-2560-1}
- qemu 1:6.0+dfsg-3 (low; bug #970253)
[bullseye] - qemu <ignored> (Minor issue, too intrusive to backport)
- [buster] - qemu <ignored> (Minor issue, too intrusive to backport)
NOTE: https://www.openwall.com/lists/oss-security/2020/07/02/1
NOTE: https://lists.gnu.org/archive/html/qemu-devel/2020-06/msg09961.html
NOTE: https://lists.gnu.org/archive/html/qemu-devel/2021-02/msg00674.html
@@ -168979,7 +168950,6 @@ CVE-2020-13254 (An issue was discovered in Django 2.2 before 2.2.13 and 3.0 befo
CVE-2020-13253 (sd_wp_addr in hw/sd/sd.c in QEMU 4.2.0 uses an unvalidated address, wh ...)
{DLA-2373-1}
- qemu 1:5.0-8 (bug #961297)
- [buster] - qemu <postponed> (Minor issue, revisit when fixed upstream)
NOTE: https://lists.gnu.org/archive/html/qemu-devel/2020-05/msg05835.html
NOTE: https://www.openwall.com/lists/oss-security/2020/05/27/2
NOTE: https://bugs.launchpad.net/qemu/+bug/1880822 (reproducer)
=====================================
data/DLA/list
=====================================
@@ -1,3 +1,6 @@
+[05 Sep 2022] DLA-3099-1 qemu - security update
+ {CVE-2020-13253 CVE-2020-15469 CVE-2020-15859 CVE-2020-25084 CVE-2020-25085 CVE-2020-25624 CVE-2020-25625 CVE-2020-25723 CVE-2020-27617 CVE-2020-27821 CVE-2020-28916 CVE-2020-29129 CVE-2020-29443 CVE-2020-35504 CVE-2020-35505 CVE-2021-3392 CVE-2021-3416 CVE-2021-3507 CVE-2021-3527 CVE-2021-3582 CVE-2021-3607 CVE-2021-3608 CVE-2021-3682 CVE-2021-3713 CVE-2021-3748 CVE-2021-3930 CVE-2021-4206 CVE-2021-4207 CVE-2021-20181 CVE-2021-20196 CVE-2021-20203 CVE-2021-20221 CVE-2021-20257 CVE-2022-26354 CVE-2022-35414}
+ [buster] - qemu 1:3.1+dfsg-8+deb10u9
[04 Sep 2022] DLA-3098-1 libmodbus - security update
{CVE-2022-0367}
[buster] - libmodbus 3.1.4-2+deb10u2
=====================================
data/dla-needed.txt
=====================================
@@ -90,13 +90,6 @@ poppler (Markus Koschany)
python-oslo.utils
NOTE: 20220904: Programming language: Python.
--
-qemu (Abhijith PA)
- NOTE: 20220802: Programming language: C.
- NOTE: 20220802: debdiff of backported fixes was submitted to buster-proposed-updates: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1007931 and
- NOTE: 20220802: wcan now be released as DLA instead. The updated packages are/were running fine in a buster ganeti cluster. (jmm)
- NOTE: 20220808: conflicting pu at https://people.debian.org/~abhijith/upload/mruby/qemu_3.1+dfsg-8+deb10u9.dsc , needs to be merged (Beuc/abhijith)
- NOTE: 20220822: Merged new build at https://people.debian.org/~abhijith/upload/mruby/qemu_3.1+dfsg-8+deb10u9.dsc (abhijith)
---
runc
NOTE: 20220905: Programming language: Go.
NOTE: 20220905: Special attention: Sync with Bullseye.
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/0e2edf5f0e5cefe49899e33b40ad315305b2522e
--
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/0e2edf5f0e5cefe49899e33b40ad315305b2522e
You're receiving this email because of your account on salsa.debian.org.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20220905/4467d4be/attachment-0001.htm>
More information about the debian-security-tracker-commits
mailing list