Author: pochu Date: 2017-11-20 22:28:17 +0000 (Mon, 20 Nov 2017) New Revision: 57879
Modified: data/CVE/list data/dla-needed.txt Log: mark qemu(-kvm) as postponed on wheezy Modified: data/CVE/list =================================================================== --- data/CVE/list 2017-11-20 22:24:04 UTC (rev 57878) +++ data/CVE/list 2017-11-20 22:28:17 UTC (rev 57879) @@ -524,7 +524,9 @@ - qemu <unfixed> (bug #882136) [stretch] - qemu <no-dsa> (Minor issue) [jessie] - qemu <no-dsa> (Minor issue) + [wheezy] - qemu <postponed> (Can be fixed along in a future update) - qemu-kvm <removed> + [wheezy] - qemu-kvm <postponed> (Can be fixed along in a future update) NOTE: https://lists.gnu.org/archive/html/qemu-devel/2017-11/msg02982.html CVE-2017-16844 (Heap-based buffer overflow in the loadbuf function in formisc.c in ...) {DSA-4041-1 DLA-1173-1} @@ -4666,7 +4668,9 @@ - qemu <unfixed> (bug #880832) [stretch] - qemu <no-dsa> (Minor issue) [jessie] - qemu <no-dsa> (Minor issue) + [wheezy] - qemu <postponed> (Can be fixed along in a future update) - qemu-kvm <removed> + [wheezy] - qemu-kvm <postponed> (Can be fixed along in a future update) NOTE: https://lists.gnu.org/archive/html/qemu-devel/2017-10/msg02557.html NOTE: Fixed by: https://git.qemu.org/gitweb.cgi?p=qemu.git;a=commit;h=eb38e1bc3740725ca29a535351de94107ec58d51 CVE-2017-15288 (The compilation daemon in Scala before 2.10.7, 2.11.x before 2.11.12, ...) Modified: data/dla-needed.txt =================================================================== --- data/dla-needed.txt 2017-11-20 22:24:04 UTC (rev 57878) +++ data/dla-needed.txt 2017-11-20 22:28:17 UTC (rev 57879) @@ -87,12 +87,6 @@ python2.7 (Roberto C. Sánchez) NOTE: 20171118: Update is prepared, call for testing has been sent, will upload and release DLA 20171125 -- -qemu - NOTE: 20171120 Can wait for more issues to pile up --- -qemu-kvm - NOTE: 20171120 Can wait for more issues to pile up --- roundcube (Roberto C. Sánchez) NOTE: 2017118: Patch is ready; because of code differences, waiting on upstream to review or provide information on how to reproduce the exploit -- _______________________________________________ Secure-testing-commits mailing list Secure-testing-commits@lists.alioth.debian.org http://lists.alioth.debian.org/cgi-bin/mailman/listinfo/secure-testing-commits