[Git][security-tracker-team/security-tracker][master] Update status for CVE-2024-3567/qemu
Salvatore Bonaccorso (@carnil)
carnil at debian.org
Thu May 9 17:05:16 BST 2024
Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker
Commits:
20e93f06 by Salvatore Bonaccorso at 2024-05-09T18:04:23+02:00
Update status for CVE-2024-3567/qemu
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -9429,13 +9429,14 @@ CVE-2024-3568 (The huggingface/transformers library is vulnerable to arbitrary c
NOT-FOR-US: huggingface/transformers
CVE-2024-3567 (A flaw was found in QEMU. An assertion failure was present in the upda ...)
- qemu 1:8.2.3+ds-1 (bug #1068822)
- [bookworm] - qemu <no-dsa> (Minor issue)
- [bullseye] - qemu <no-dsa> (Minor issue)
- [buster] - qemu <no-dsa> (Minor issue)
+ [bookworm] - qemu <not-affected> (Vulnerable code introduced later)
+ [bullseye] - qemu <not-affected> (Vulnerable code introduced later)
+ [buster] - qemu <not-affected> (Vulnerable code introduced later)
NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=2274339
NOTE: https://gitlab.com/qemu-project/qemu/-/issues/2273
- NOTE: https://gitlab.com/qemu-project/qemu/-/commit/83ddb3dbba2ee0f1767442ae6ee665058aeb1093 (v9.0.0-rc3)
- NOTE: https://gitlab.com/qemu-project/qemu/-/commit/1cfe45956e03070f894e91b304e233b4d5b99719 (v8.2.3)
+ NOTE: Introduced with: https://gitlab.com/qemu-project/qemu/-/commit/f199b13bc113c46eaddcf9f375d13f1e400b4e35 (v8.1.0-rc0)
+ NOTE: Fixed by: https://gitlab.com/qemu-project/qemu/-/commit/83ddb3dbba2ee0f1767442ae6ee665058aeb1093 (v9.0.0-rc3)
+ NOTE: Fixed by: https://gitlab.com/qemu-project/qemu/-/commit/1cfe45956e03070f894e91b304e233b4d5b99719 (v8.2.3)
CVE-2024-3566 (A command inject vulnerability allows an attacker to perform command i ...)
- nodejs <not-affected> (Only affects Windows)
CVE-2024-3516 (Heap buffer overflow in ANGLE in Google Chrome prior to 123.0.6312.122 ...)
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/20e93f06191113a1ae78f34c08f9cd530f7ab309
--
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/20e93f06191113a1ae78f34c08f9cd530f7ab309
You're receiving this email because of your account on salsa.debian.org.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20240509/f3ef9941/attachment.htm>
More information about the debian-security-tracker-commits
mailing list