Thorsten Alteholz pushed to branch master at Debian Security Tracker / security-tracker
Commits: d410c008 by Thorsten Alteholz at 2020-11-29T17:01:30+01:00 mark qemu CVEs as postponed - - - - - 1 changed file: - data/CVE/list Changes: ===================================== data/CVE/list ===================================== @@ -539,11 +539,13 @@ CVE-2020-29131 CVE-2020-29130 (slirp.c in libslirp through 4.3.1 has a buffer over-read because it tr ...) - libslirp <unfixed> - qemu 1:4.1-2 + [stretch] - qemu <postponed> (Fix along in future DLA, when fixed upstream) NOTE: https://lists.freedesktop.org/archives/slirp/2020-November/000115.html NOTE: qemu 1:4.1-2 switched to system libslirp, marking that version as fixed. CVE-2020-29129 (ncsi.c in libslirp through 4.3.1 has a buffer over-read because it tri ...) - libslirp <unfixed> - qemu 1:4.1-2 + [stretch] - qemu <postponed> (Fix along in future DLA, when fixed upstream) NOTE: https://lists.freedesktop.org/archives/slirp/2020-November/000115.html NOTE: qemu 1:4.1-2 switched to system libslirp, marking that version as fixed. CVE-2020-29128 (petl before 1.68, in some configurations, allows resolution of entitie ...) View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/d410c008af3c766e95c46962ea2885323dceeb7c -- View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/d410c008af3c766e95c46962ea2885323dceeb7c You're receiving this email because of your account on salsa.debian.org.
_______________________________________________ debian-security-tracker-commits mailing list debian-security-tracker-commits@alioth-lists.debian.net https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits