Moritz Muehlenhoff pushed to branch master at Debian Security Tracker /
security-tracker
Commits:
182726ab by Moritz Muehlenhoff at 2018-04-12T20:34:57+02:00
qemu fixed
- - - - -
165ad983 by Moritz Muehlenhoff at 2018-04-12T20:35:28+02:00
Merge branch 'master' of
salsa.debian.org:security-tracker-team/security-tracker
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
--- a/data/CVE/list
+++ b/data/CVE/list
@@ -5142,7 +5142,7 @@ CVE-2018-7860
CVE-2018-7859
RESERVED
CVE-2018-7858 (Quick Emulator (aka QEMU), when built with the Cirrus CLGD 54xx
VGA ...)
- - qemu <unfixed> (bug #892497)
+ - qemu 1:2.12~rc3+dfsg-1 (bug #892497)
[stretch] - qemu <not-affected> (Vulnerable code not present)
[jessie] - qemu <not-affected> (Vulnerable code not present)
[wheezy] - qemu <not-affected> (Vulnerable code not present)
@@ -6090,7 +6090,7 @@ CVE-2018-7551 (There is an invalid free in
MiniPS::delete0 in minips.cpp that le
[jessie] - sam2p <no-dsa> (Will be fixed via point release)
NOTE: https://github.com/pts/sam2p/issues/28
CVE-2018-7550 (The load_multiboot function in hw/i386/multiboot.c in Quick
Emulator ...)
- - qemu <unfixed> (bug #892041)
+ - qemu 1:2.12~rc3+dfsg-1 (bug #892041)
- qemu-kvm <removed>
NOTE:
https://lists.nongnu.org/archive/html/qemu-devel/2018-03/msg01885.html
CVE-2018-7549 (In params.c in zsh through 5.4.2, there is a crash during a
copy of an ...)
@@ -11796,7 +11796,7 @@ CVE-2018-5684 (In Libav through 12.2, there is an
invalid memcpy call in the ...
[jessie] - libav <ignored> (Minor issue)
NOTE: https://bugzilla.libav.org/show_bug.cgi?id=1110
CVE-2018-5683 (The vga_draw_text function in Qemu allows local OS guest
privileged ...)
- - qemu <unfixed> (bug #887392)
+ - qemu 1:2.12~rc3+dfsg-1 (bug #887392)
[stretch] - qemu <postponed> (Minor issue, can be fixed along in future
DSA)
[jessie] - qemu <postponed> (Minor issue, can be fixed along in future
DSA)
[wheezy] - qemu <postponed> (Minor issue, can be fixed along in next
DLA)
@@ -27971,7 +27971,7 @@ CVE-2017-16847 (Zoho ManageEngine Applications Manager
13 allows SQL injection v
CVE-2017-16846 (Zoho ManageEngine Applications Manager 13 allows SQL injection
via the ...)
NOT-FOR-US: Zoho ManageEngine Applications Manager
CVE-2017-16845 (hw/input/ps2.c in Qemu does not validate 'rptr' and 'count'
values ...)
- - qemu <unfixed> (bug #882136)
+ - qemu 1:2.12~rc3+dfsg-1 (bug #882136)
[stretch] - qemu <no-dsa> (Minor issue)
[jessie] - qemu <no-dsa> (Minor issue)
[wheezy] - qemu <postponed> (Can be fixed along in a future update)
@@ -32942,7 +32942,7 @@ CVE-2017-15125
RESERVED
NOT-FOR-US: Red Hat CloudForms
CVE-2017-15124 (VNC server implementation in Quick Emulator (QEMU) 2.11.0 and
older ...)
- - qemu <unfixed> (bug #884806)
+ - qemu 1:2.12~rc3+dfsg-1 (bug #884806)
[stretch] - qemu <postponed> (Can be fixed along in later update)
[jessie] - qemu <postponed> (Can be fixed along in later update)
[wheezy] - qemu <postponed> (Can be fixed along in later update)
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/compare/c324ddb9cccd6987c79abdeef62d799daa74e4fb...165ad983f458c3c1a6e2903650285170e2f791cf
---
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/compare/c324ddb9cccd6987c79abdeef62d799daa74e4fb...165ad983f458c3c1a6e2903650285170e2f791cf
You're receiving this email because of your account on salsa.debian.org.
_______________________________________________
Secure-testing-commits mailing list
Secure-testing-commits@lists.alioth.debian.org
http://lists.alioth.debian.org/cgi-bin/mailman/listinfo/secure-testing-commits
