[Git][security-tracker-team/security-tracker][master] 2 commits: CVE-2020-13253/qemu: reference reproducer

Tue, 25 Aug 2020 09:15:25 -0700 


Sylvain Beucler pushed to branch master at Debian Security Tracker / 
security-tracker


Commits:
8094f409 by Sylvain Beucler at 2020-08-25T18:12:34+02:00
CVE-2020-13253/qemu: reference reproducer

- - - - -
cec91fb9 by Sylvain Beucler at 2020-08-25T18:13:11+02:00
CVE-2020-13754/qemu: reference patch and regression fixes

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -23423,7 +23423,10 @@ CVE-2019-20809 (The price oracle in PriceOracle.sol in 
Compound Finance Compound
 CVE-2020-13754 (hw/pci/msix.c in QEMU 4.2.0 allows guest OS users to trigger 
an out-of ...)
        {DSA-4728-1 DLA-2288-1}
        - qemu 1:5.0-6
-       NOTE: 
https://lists.gnu.org/archive/html/qemu-devel/2020-06/msg03732.html
+       NOTE: 
https://git.qemu.org/?p=qemu.git;a=commitdiff;h=5d971f9e672507210e77d020d89e0e89165c8fc9
 (fix)
+       NOTE: 
https://git.qemu.org/?p=qemu.git;a=commitdiff;h=dba04c3488c4699f5afe96f66e448b1d447cf3fb
 (regression fix)
+       NOTE: 
https://git.qemu.org/?p=qemu.git;a=commitdiff;h=8e67fda2dd6202ccec093fda561107ba14830a17
 (regression fix)
+       NOTE: 
https://git.qemu.org/?p=qemu.git;a=commitdiff;h=70b78d4e71494c90d2ccb40381336bc9b9a22f79
 (regression fix)
 CVE-2020-13702 (** DISPUTED ** The Rolling Proximity Identifier used in the 
Apple/Goog ...)
        NOT-FOR-US: Apple/Google Exposure Notification API
 CVE-2020-13701
@@ -24498,7 +24501,7 @@ CVE-2020-13253 (sd_wp_addr in hw/sd/sd.c in QEMU 4.2.0 
uses an unvalidated addre
        [stretch] - qemu <postponed> (Minor issue, can be fixed along in next 
DSA)
        NOTE: 
https://lists.gnu.org/archive/html/qemu-devel/2020-05/msg05835.html
        NOTE: https://www.openwall.com/lists/oss-security/2020/05/27/2
-       NOTE: https://bugs.launchpad.net/qemu/+bug/1880822
+       NOTE: https://bugs.launchpad.net/qemu/+bug/1880822 (reproducer)
        NOTE: 
https://git.qemu.org/?p=qemu.git;a=commitdiff;h=790762e5487114341cccc5bffcec4cb3c022c3cd
 (5.1)
 CVE-2020-13252 (Centreon before 19.04.15 allows remote attackers to execute 
arbitrary  ...)
        - centreon-web <itp> (bug #913903)



View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/compare/0ea9ecf30187258cb75ca7f0098ef641027fc1d8...cec91fb9ed5d17181cb6598c3440ce84c25f9655

-- 
View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/compare/0ea9ecf30187258cb75ca7f0098ef641027fc1d8...cec91fb9ed5d17181cb6598c3440ce84c25f9655
You're receiving this email because of your account on salsa.debian.org.



_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits

Reply via email to