[Git][security-tracker-team/security-tracker][master] Mark CVE-2023-1544/qemu fixed in bookworm

Santiago R.R. (@santiago) santiago at debian.org
Sun Dec 1 14:44:47 GMT 2024



Santiago R.R. pushed to branch master at Debian Security Tracker / security-tracker


Commits:
b0264997 by Santiago Ruano Rincón at 2024-12-01T11:43:37-03:00
Mark CVE-2023-1544/qemu fixed in bookworm

Thanks to Michael and Salvatore for reviewing

Reviewed-by: Salvatore Bonaccorso <carnil at debian.org>

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -135259,11 +135259,12 @@ CVE-2023-1545 (SQL Injection in GitHub repository nilsteampassnet/teampass prior
 	- teampass <itp> (bug #730180)
 CVE-2023-1544 (A flaw was found in the QEMU implementation of VMWare's paravirtual RD ...)
 	- qemu 1:8.2.0+ds-1 (bug #1034179)
-	[bookworm] - qemu <no-dsa> (Minor issue)
+	[bookworm] - qemu 1:7.2+dfsg-7+deb12u3
 	[bullseye] - qemu <no-dsa> (Minor issue)
 	[buster] - qemu <ignored> (PVRDMA support not enabled in the binary packages)
 	NOTE: https://lists.nongnu.org/archive/html/qemu-devel/2023-03/msg00206.html
 	NOTE: Fixed by: https://gitlab.com/qemu-project/qemu/-/commit/85fc35afa93c7320d1641d344d0c5dfbe341d087 (v8.2.0-rc0)
+	NOTE: Fixed by: https://gitlab.com/qemu-project/qemu/-/commit/06c9bf032f5581629819affd95fcbd7c54cf493a (v7.2.7)
 	NOTE: PVRDMA support not enabled in the binary packages until 1:3.1+dfsg-3, disabled again in 1:3.1+dfsg-4 until 1:4.1-1
 	NOTE: Not fixed in 1:5.2+dfsg-11+deb11u3 as claimed in the changelog, contains the
 	NOTE: CVE-2022-1050 fix instead. In unstable 1:8.0.2+dfsg-1 disabled support for



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/b0264997a6049433f70940c81e2d91fabd13c87f

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/b0264997a6049433f70940c81e2d91fabd13c87f
You're receiving this email because of your account on salsa.debian.org.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20241201/a628956d/attachment.htm>


More information about the debian-security-tracker-commits mailing list