[Git][security-tracker-team/security-tracker][master] Track fixed version via unstable for some qemu issues

Salvatore Bonaccorso (@carnil) carnil at debian.org
Thu Mar 19 21:25:53 GMT 2026 


Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker


Commits:
754e13be by Salvatore Bonaccorso at 2026-03-19T22:25:28+01:00
Track fixed version via unstable for some qemu issues

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -11884,7 +11884,7 @@ CVE-2026-2409 (Improper Neutralization of Special Elements used in an SQL Comman
 CVE-2026-2274 (A SSRF and Arbitrary File Read vulnerability in AppSheet Core in Googl ...)
 	NOT-FOR-US: Google AppSheet
 CVE-2026-2243 (A flaw was found in QEMU. A specially crafted VMDK image could trigger ...)
-	- qemu <unfixed> (bug #1128478)
+	- qemu 1:10.2.2+ds-1 (bug #1128478)
 	[trixie] - qemu <no-dsa> (Minor issue)
 	[bookworm] - qemu <no-dsa> (Minor issue)
 	[bullseye] - qemu <postponed> (Minor issue)
@@ -194307,13 +194307,13 @@ CVE-2024-20083 (In venc, there is a possible out of bounds write due to a missin
 CVE-2024-20082 (In Modem, there is a possible memory corruption due to a missing bound ...)
 	NOT-FOR-US: Mediatek
 CVE-2026-3196
-	- qemu <unfixed> (bug #1129605)
+	- qemu 1:10.2.2+ds-1 (bug #1129605)
 	[trixie] - qemu <no-dsa> (Minor issue)
 	[bookworm] - qemu <no-dsa> (Minor issue)
 	NOTE: https://lore.kernel.org/qemu-devel/20260220-virtio-snd-series-v1-0-207c4f7200a2@linaro.org/
 	NOTE: Fixed by: https://gitlab.com/qemu-project/qemu/-/commit/61679d7dcfa2dffc8fb115aa19b09e0e7cf5ea5c
 CVE-2026-3195
-	- qemu <unfixed> (bug #1129604)
+	- qemu 1:10.2.2+ds-1 (bug #1129604)
 	[trixie] - qemu <no-dsa> (Minor issue)
 	[bookworm] - qemu <not-affected> (Incomplete fix for CVE-2024-7730 not applied)
 	[bullseye] - qemu <not-affected> (Incomplete fix for CVE-2024-7730 not applied)



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/754e13bed3cf6cc7011b33ffda83e731b48cdbbf

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/754e13bed3cf6cc7011b33ffda83e731b48cdbbf
You're receiving this email because of your account on salsa.debian.org.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20260319/6ce0bebe/attachment.htm>

More information about the debian-security-tracker-commits mailing list