[Git][security-tracker-team/security-tracker][master] Three CVEs fixed for qemu via unstable upload

Wed, 06 Feb 2019 07:27:10 -0800 

Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / 
security-tracker


Commits:
e27d540d by Salvatore Bonaccorso at 2019-02-06T15:26:10Z
Three CVEs fixed for qemu via unstable upload

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -1658,7 +1658,7 @@ CVE-2019-6779 (Cscms 4.1.8 allows admin.php/links/save 
CSRF to add, modify, or d
        NOT-FOR-US: Cscms
 CVE-2019-6778 [slirp: heap buffer overflow in tcp_emu()]
        RESERVED
-       - qemu <unfixed> (bug #921525)
+       - qemu 1:3.1+dfsg-3 (bug #921525)
        - qemu-kvm <removed>
        - slirp4netns 0.2.1-1
        NOTE: 
https://lists.gnu.org/archive/html/qemu-devel/2019-01/msg03132.html
@@ -2246,7 +2246,7 @@ CVE-2019-1003000 (A sandbox bypass vulnerability exists 
in Script Security Plugi
        NOT-FOR-US: Jenkins plugin
 CVE-2019-6501 [scsi-generic: possible OOB access while handling inquiry 
request]
        RESERVED
-       - qemu <unfixed> (bug #920222)
+       - qemu 1:3.1+dfsg-3 (bug #920222)
        - qemu-kvm <removed>
        NOTE: 
https://lists.gnu.org/archive/html/qemu-devel/2019-01/msg02324.html
        NOTE: Code introduced by 
https://git.qemu.org/?p=qemu.git;a=commit;h=6c219fc8a1 ,
@@ -12806,7 +12806,7 @@ CVE-2018-20124 (hw/rdma/rdma_backend.c in QEMU allows 
guest OS users to trigger
        NOTE: 
https://git.qemu.org/?p=qemu.git;a=commit;h=0e68373cc2b3a063ce067bc0cc3edaf370752890
        NOTE: RDMA support not enabled in the binary packages.
 CVE-2018-20123 (pvrdma_realize in hw/rdma/vmw/pvrdma_main.c in QEMU has a 
Memory leak ...)
-       - qemu <unfixed> (unimportant; bug #916442)
+       - qemu 1:3.1+dfsg-3 (unimportant; bug #916442)
        [stretch] - qemu <not-affected> (Vulnerable code not present)
        [jessie] - qemu <not-affected> (Vulnerable code not present)
        - qemu-kvm <removed>



View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/commit/e27d540d5fbcba39a764a289ab0016314f1ff9e3

-- 
View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/commit/e27d540d5fbcba39a764a289ab0016314f1ff9e3
You're receiving this email because of your account on salsa.debian.org.

_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits

Reply via email to