[Git][security-tracker-team/security-tracker][master] Update status of CVE-2024-3446 and CVE-2024-4467/qemu in bullseye. Ignore them
Santiago R.R. (@santiago)
santiago at debian.org
Tue May 6 19:18:33 BST 2025
Santiago R.R. pushed to branch master at Debian Security Tracker / security-tracker
Commits:
7421a316 by Santiago Ruano Rincón at 2025-05-06T15:18:21-03:00
Update status of CVE-2024-3446 and CVE-2024-4467/qemu in bullseye. Ignore them
Backports too complex.
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -89339,7 +89339,7 @@ CVE-2024-4836 (Web services managed by Edito CMS (Content Management System) in
CVE-2024-4467 (A flaw was found in the QEMU disk image utility (qemu-img) 'info' comm ...)
- qemu 1:9.0.1+ds-1 (bug #1075824)
[bookworm] - qemu 1:7.2+dfsg-7+deb12u7
- [bullseye] - qemu <no-dsa> (Minor issue)
+ [bullseye] - qemu <ignored> (Minor issue; fix requires an intrusive backport and entails a high regression risk)
NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=2278875
NOTE: https://gitlab.com/qemu-project/qemu/-/commit/bd385a5298d7062668e804d73944d52aec9549f1
NOTE: https://gitlab.com/qemu-project/qemu/-/commit/2eb42a728d27a43fdcad5f37d3f65706ce6deba5
@@ -117694,7 +117694,7 @@ CVE-2024-3512
CVE-2024-3446 (A double free vulnerability was found in QEMU virtio devices (virtio-g ...)
- qemu 1:8.2.3+ds-1 (bug #1068820)
[bookworm] - qemu 1:7.2+dfsg-7+deb12u6
- [bullseye] - qemu <no-dsa> (Minor issue)
+ [bullseye] - qemu <ignored> (Minor issue; fix requires intrusive backport and entails a high regression risk)
[buster] - qemu <no-dsa> (Minor issue)
NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=2274211
NOTE: https://patchew.org/QEMU/20240409105537.18308-1-philmd@linaro.org/
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/7421a31653520a68d978b4761f3e33037c1937c3
--
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/7421a31653520a68d978b4761f3e33037c1937c3
You're receiving this email because of your account on salsa.debian.org.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20250506/63839b16/attachment.htm>
More information about the debian-security-tracker-commits
mailing list