[Secure-testing-commits] r57879 - in data: . CVE

Mon, 20 Nov 2017 14:28:39 -0800 

Author: pochu
Date: 2017-11-20 22:28:17 +0000 (Mon, 20 Nov 2017)
New Revision: 57879

Modified:
   data/CVE/list
   data/dla-needed.txt
Log:
mark qemu(-kvm) as postponed on wheezy

Modified: data/CVE/list
===================================================================
--- data/CVE/list       2017-11-20 22:24:04 UTC (rev 57878)
+++ data/CVE/list       2017-11-20 22:28:17 UTC (rev 57879)
@@ -524,7 +524,9 @@
        - qemu <unfixed> (bug #882136)
        [stretch] - qemu <no-dsa> (Minor issue)
        [jessie] - qemu <no-dsa> (Minor issue)
+       [wheezy] - qemu <postponed> (Can be fixed along in a future update)
        - qemu-kvm <removed>
+       [wheezy] - qemu-kvm <postponed> (Can be fixed along in a future update)
        NOTE: 
https://lists.gnu.org/archive/html/qemu-devel/2017-11/msg02982.html
 CVE-2017-16844 (Heap-based buffer overflow in the loadbuf function in 
formisc.c in ...)
        {DSA-4041-1 DLA-1173-1}
@@ -4666,7 +4668,9 @@
        - qemu <unfixed> (bug #880832)
        [stretch] - qemu <no-dsa> (Minor issue)
        [jessie] - qemu <no-dsa> (Minor issue)
+       [wheezy] - qemu <postponed> (Can be fixed along in a future update)
        - qemu-kvm <removed>
+       [wheezy] - qemu-kvm <postponed> (Can be fixed along in a future update)
        NOTE: 
https://lists.gnu.org/archive/html/qemu-devel/2017-10/msg02557.html
        NOTE: Fixed by: 
https://git.qemu.org/gitweb.cgi?p=qemu.git;a=commit;h=eb38e1bc3740725ca29a535351de94107ec58d51
 CVE-2017-15288 (The compilation daemon in Scala before 2.10.7, 2.11.x before 
2.11.12, ...)

Modified: data/dla-needed.txt
===================================================================
--- data/dla-needed.txt 2017-11-20 22:24:04 UTC (rev 57878)
+++ data/dla-needed.txt 2017-11-20 22:28:17 UTC (rev 57879)
@@ -87,12 +87,6 @@
 python2.7 (Roberto C. Sánchez)
   NOTE: 20171118: Update is prepared, call for testing has been sent, will 
upload and release DLA 20171125
 --
-qemu
-  NOTE: 20171120 Can wait for more issues to pile up
---
-qemu-kvm
-  NOTE: 20171120 Can wait for more issues to pile up
---
 roundcube (Roberto C. Sánchez)
   NOTE: 2017118: Patch is ready; because of code differences, waiting on 
upstream to review or provide information on how to reproduce the exploit
 --


_______________________________________________
Secure-testing-commits mailing list
Secure-testing-commits@lists.alioth.debian.org
http://lists.alioth.debian.org/cgi-bin/mailman/listinfo/secure-testing-commits

Reply via email to