Moritz Muehlenhoff pushed to branch master at Debian Security Tracker / security-tracker
Commits: 798ebd97 by Moritz Muehlenhoff at 2018-03-14T22:42:05+01:00 libvirt DSA - - - - - 2 changed files: - data/CVE/list - data/DSA/list Changes: ===================================== data/CVE/list ===================================== --- a/data/CVE/list +++ b/data/CVE/list @@ -5080,6 +5080,7 @@ CVE-2018-6767 (A stack-based buffer over-read in the ParseRiffHeaderConfig funct NOTE: https://github.com/dbry/WavPack/commit/d5bf76b5a88d044a1be1d5656698e3ba737167e5 CVE-2018-6764 (util/virlog.c in libvirt does not properly determine the hostname on ...) - libvirt 4.0.0-2 (bug #889839) + [stretch] - libvirt 3.0.0-4+deb9u3 [jessie] - libvirt <not-affected> (Vulnerable code introduced later in 1.3.1) [wheezy] - libvirt <not-affected> (Vulnerable code introduced later in 1.3.1) NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=1541444 @@ -8122,6 +8123,7 @@ CVE-2018-5749 (install.php in Minecraft Servers List Lite before commit c1cd164 CVE-2018-5748 (qemu/qemu_monitor.c in libvirt allows attackers to cause a denial of ...) - libvirt 4.0.0-1 (bug #887700) [stretch] - libvirt 3.0.0-4+deb9u2 + [jessie] - libvirt 1.2.9-9+deb8u5 [wheezy] - libvirt <postponed> (Can be fixed in a later update) NOTE: https://www.redhat.com/archives/libvir-list/2017-December/msg00749.html NOTE: https://libvirt.org/git/?p=libvirt.git;a=commit;h=bc251ea91bcfddd2622fce6bce701a438b2e7276 ===================================== data/DSA/list ===================================== --- a/data/DSA/list +++ b/data/DSA/list @@ -1,3 +1,7 @@ +[14 Mar 2018] DSA-4137-1 libvirt - security update + {CVE-2018-1064} + [jessie] - libvirt 1.2.9-9+deb8u5 + [stretch] - libvirt 3.0.0-4+deb9u3 [14 Mar 2018] DSA-4136-1 curl - security update {CVE-2018-1000120 CVE-2018-1000121 CVE-2018-1000122} [jessie] - curl 7.38.0-4+deb8u10 View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/798ebd97234c4e887bf356556fc8f347dfaf66ae --- View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/798ebd97234c4e887bf356556fc8f347dfaf66ae You're receiving this email because of your account on salsa.debian.org.
_______________________________________________ Secure-testing-commits mailing list Secure-testing-commits@lists.alioth.debian.org http://lists.alioth.debian.org/cgi-bin/mailman/listinfo/secure-testing-commits