Author: carnil Date: 2017-02-14 05:46:59 +0000 (Tue, 14 Feb 2017) New Revision: 48899
Modified: data/CVE/list Log: Mark CVE-2017-5857 as unimportant 1:2.8+dfsg-2 did revert "enable virtio gpu (virglrenderer) and opengl support". Modified: data/CVE/list =================================================================== --- data/CVE/list 2017-02-14 05:46:49 UTC (rev 48898) +++ data/CVE/list 2017-02-14 05:46:59 UTC (rev 48899) @@ -840,12 +840,12 @@ RESERVED CVE-2017-5857 [Qemu: display: virtio-gpu-3d: host memory leakage in virgl_cmd_resource_unref] RESERVED - - qemu <unfixed> (bug #853996) + - qemu <unfixed> (bug #853996; unimportant) [jessie] - qemu <not-affected> (Vulnerable code not present) - qemu-kvm <not-affected> (Vulnerable code not present) NOTE: https://lists.nongnu.org/archive/html/qemu-devel/2017-01/msg04615.html NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=1418382 - NOTE: http://www.openwall.com/lists/oss-security/2017/02/01/21c + NOTE: http://www.openwall.com/lists/oss-security/2017/02/01/21 CVE-2017-5856 [Qemu: scsi: megasas: host memory leakage in megasas_handle_dcmd] RESERVED - qemu <unfixed> (bug #853996) _______________________________________________ Secure-testing-commits mailing list Secure-testing-commits@lists.alioth.debian.org http://lists.alioth.debian.org/cgi-bin/mailman/listinfo/secure-testing-commits