[Git][security-tracker-team/security-tracker][master] 2 commits: qemu DSA

Moritz Muehlenhoff Sun, 06 Sep 2020 10:47:19 -0700


Moritz Muehlenhoff pushed to branch master at Debian Security Tracker / 
security-tracker



Commits:
c7f1c5bd by Moritz Muehlenhoff at 2020-09-06T19:43:49+02:00
qemu DSA

- - - - -
01503b3b by Moritz Muehlenhoff at 2020-09-06T19:45:38+02:00
drop one ID; already fixed

- - - - -


3 changed files:

- data/CVE/list
- data/DSA/list
- data/dsa-needed.txt


Changes:

=====================================
data/CVE/list
=====================================
@@ -18518,7 +18518,6 @@ CVE-2020-16093
        RESERVED
 CVE-2020-16092 (In QEMU through 5.0.0, an assertion failure can occur in the 
network p ...)
        - qemu 1:5.1+dfsg-1
-       [buster] - qemu <postponed> (Minor issue, fix along in future DSA)
        NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=1860283
        NOTE: 
https://git.qemu.org/?p=qemu.git;a=commit;h=035e69b063835a5fd23cacabd63690a3d84532a8
 CVE-2020-16091
@@ -19038,7 +19037,6 @@ CVE-2020-15864
 CVE-2020-15863 (hw/net/xgmac.c in the XGMAC Ethernet controller in QEMU before 
07-20-2 ...)
        {DLA-2288-1}
        - qemu 1:5.0-12
-       [buster] - qemu <postponed> (Minor issue, can be fixed along in next 
DSA)
        NOTE: https://www.openwall.com/lists/oss-security/2020/07/22/1
        NOTE: 
https://git.qemu.org/?p=qemu.git;a=commit;h=5519724a13664b43e225ca05351c60b4468e4555
 CVE-2020-15861 (Net-SNMP through 5.7.3 allows Escalation of Privileges because 
of UNIX ...)
@@ -26932,7 +26930,6 @@ CVE-2020-12830
        RESERVED
 CVE-2020-12829 (In QEMU through 5.0.0, an integer overflow was found in the 
SM501 disp ...)
        - qemu 1:5.0-12 (low; bug #961451)
-       [buster] - qemu <no-dsa> (Minor issue)
        [stretch] - qemu <no-dsa> (Minor issue)
        NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=1808510
        NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=1786026


=====================================
data/DSA/list
=====================================
@@ -1,3 +1,6 @@
+[06 Sep 2020] DSA-4760-1 qemu - security update
+       {CVE-2020-12829 CVE-2020-14364 CVE-2020-15863 CVE-2020-16092}
+       [buster] - qemu 1:3.1+dfsg-8+deb10u8
 [04 Sep 2020] DSA-4759-1 ark - security update
        {CVE-2020-24654}
        [buster] - ark 4:18.08.3-1+deb10u2


=====================================
data/dsa-needed.txt
=====================================
@@ -22,8 +22,6 @@ knot-resolver
 linux (carnil)
   Wait until more issues have piled up
 --
-qemu (jmm)
---
 rails (jmm)
   Sylvain Beucler proposed to help for the update, remaining CVEs to be done
 --



View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/compare/850bba5284d066dfd1b06cba61cc666df1ce4800...01503b3b7129958abcc6a0ac09d555f24c3ef688

-- 
View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/compare/850bba5284d066dfd1b06cba61cc666df1ce4800...01503b3b7129958abcc6a0ac09d555f24c3ef688
You're receiving this email because of your account on salsa.debian.org.

_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits

[Git][security-tracker-team/security-tracker][master] 2 commits: qemu DSA

Reply via email to