Author: carnil Date: 2017-09-23 16:57:19 +0000 (Sat, 23 Sep 2017) New Revision: 56060
Modified: data/CVE/list Log: Three CVEs fixed for qemu in unstable Modified: data/CVE/list =================================================================== --- data/CVE/list 2017-09-23 16:25:26 UTC (rev 56059) +++ data/CVE/list 2017-09-23 16:57:19 UTC (rev 56060) @@ -1430,7 +1430,7 @@ CVE-2017-14168 RESERVED CVE-2017-14167 (Integer overflow in the load_multiboot function in hw/i386/multiboot.c ...) - - qemu <unfixed> (bug #874606) + - qemu 1:2.10.0+dfsg-1 (bug #874606) - qemu-kvm <removed> NOTE: https://lists.nongnu.org/archive/html/qemu-devel/2017-09/msg01483.html NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=1489375 @@ -2706,7 +2706,7 @@ [jessie] - lame <no-dsa> (Minor issue) NOTE: https://sourceforge.net/p/lame/bugs/472/ CVE-2017-13711 (Use-after-free vulnerability in the sofree function in slirp/socket.c ...) - - qemu <unfixed> (bug #873875) + - qemu 1:2.10.0+dfsg-1 (bug #873875) [stretch] - qemu <no-dsa> (Minor issue) [jessie] - qemu <not-affected> (Vulnerable code introduced later) [wheezy] - qemu <not-affected> (Vulnerable code introduced later) @@ -2849,7 +2849,7 @@ NOTE: Fixed by: https://git.qemu.org/gitweb.cgi?p=qemu.git;a=commit;h=bfc56535f793c557aa754c50213fc5f882e6482d NOTE: Introduced by: https://git.qemu.org/gitweb.cgi?p=qemu.git;a=commit;h=fec5e8c92becad223df9d972770522f64aafdb72 CVE-2017-13672 (QEMU (aka Quick Emulator), when built with the VGA display emulator ...) - - qemu <unfixed> (low; bug #873851) + - qemu 1:2.10.0+dfsg-1 (low; bug #873851) [stretch] - qemu <postponed> (Can be fixed along in a future DSA) [jessie] - qemu <postponed> (Can be fixed along in a future DSA) - qemu-kvm <removed> _______________________________________________ Secure-testing-commits mailing list Secure-testing-commits@lists.alioth.debian.org http://lists.alioth.debian.org/cgi-bin/mailman/listinfo/secure-testing-commits