[Secure-testing-commits] [Git][security-tracker-team/security-tracker][master] libvirt DSA

Wed, 14 Mar 2018 14:42:43 -0700 

Moritz Muehlenhoff pushed to branch master at Debian Security Tracker / 
security-tracker


Commits:
798ebd97 by Moritz Muehlenhoff at 2018-03-14T22:42:05+01:00
libvirt DSA

- - - - -


2 changed files:

- data/CVE/list
- data/DSA/list


Changes:

=====================================
data/CVE/list
=====================================
--- a/data/CVE/list
+++ b/data/CVE/list
@@ -5080,6 +5080,7 @@ CVE-2018-6767 (A stack-based buffer over-read in the 
ParseRiffHeaderConfig funct
        NOTE: 
https://github.com/dbry/WavPack/commit/d5bf76b5a88d044a1be1d5656698e3ba737167e5
 CVE-2018-6764 (util/virlog.c in libvirt does not properly determine the 
hostname on ...)
        - libvirt 4.0.0-2 (bug #889839)
+       [stretch] - libvirt 3.0.0-4+deb9u3
        [jessie] - libvirt <not-affected> (Vulnerable code introduced later in 
1.3.1)
        [wheezy] - libvirt <not-affected> (Vulnerable code introduced later in 
1.3.1)
        NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=1541444
@@ -8122,6 +8123,7 @@ CVE-2018-5749 (install.php in Minecraft Servers List Lite 
before commit c1cd164 
 CVE-2018-5748 (qemu/qemu_monitor.c in libvirt allows attackers to cause a 
denial of ...)
        - libvirt 4.0.0-1 (bug #887700)
        [stretch] - libvirt 3.0.0-4+deb9u2
+       [jessie] - libvirt 1.2.9-9+deb8u5
        [wheezy] - libvirt <postponed> (Can be fixed in a later update)
        NOTE: 
https://www.redhat.com/archives/libvir-list/2017-December/msg00749.html
        NOTE: 
https://libvirt.org/git/?p=libvirt.git;a=commit;h=bc251ea91bcfddd2622fce6bce701a438b2e7276


=====================================
data/DSA/list
=====================================
--- a/data/DSA/list
+++ b/data/DSA/list
@@ -1,3 +1,7 @@
+[14 Mar 2018] DSA-4137-1 libvirt - security update
+       {CVE-2018-1064}
+       [jessie] - libvirt 1.2.9-9+deb8u5
+       [stretch] - libvirt 3.0.0-4+deb9u3
 [14 Mar 2018] DSA-4136-1 curl - security update
        {CVE-2018-1000120 CVE-2018-1000121 CVE-2018-1000122}
        [jessie] - curl 7.38.0-4+deb8u10



View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/commit/798ebd97234c4e887bf356556fc8f347dfaf66ae

---
View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/commit/798ebd97234c4e887bf356556fc8f347dfaf66ae
You're receiving this email because of your account on salsa.debian.org.

_______________________________________________
Secure-testing-commits mailing list
Secure-testing-commits@lists.alioth.debian.org
http://lists.alioth.debian.org/cgi-bin/mailman/listinfo/secure-testing-commits

Reply via email to