[Git][security-tracker-team/security-tracker][master] 2 commits: Ignore CVE-2021-3592,qemu for now because of a regression.

Markus Koschany (@apo) Sat, 11 Sep 2021 13:59:06 -0700


Markus Koschany pushed to branch master at Debian Security Tracker / 
security-tracker



Commits:
95baca24 by Markus Koschany at 2021-09-11T22:51:09+02:00
Ignore CVE-2021-3592,qemu for now because of a regression.

- - - - -
5f977316 by Markus Koschany at 2021-09-11T22:58:40+02:00
Reserve DLA-2753-2 for qemu

- - - - -


2 changed files:

- data/CVE/list
- data/DLA/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -14435,6 +14435,7 @@ CVE-2021-3592 (An invalid pointer initialization issue 
was found in the SLiRP ne
        [bullseye] - libslirp <no-dsa> (Minor issue)
        - qemu 1:4.1-2
        [buster] - qemu <no-dsa> (Minor issue)
+       [stretch] - qemu <ignored> (Introduces a regression. See Debian bug 
#994080)
        NOTE: 
https://gitlab.freedesktop.org/slirp/libslirp/-/commit/93e645e72a056ec0b2c16e0299fc5c6b94e4ca17
 (v4.6.0)
        NOTE: 
https://gitlab.freedesktop.org/slirp/libslirp/-/commit/f13cad45b25d92760bb0ad67bec0300a4d7d5275
 (v4.6.0)
        NOTE: 
https://gitlab.freedesktop.org/slirp/libslirp/-/commit/2eca0838eee1da96204545e22cdaed860d9d7c6c
 (v4.6.0)


=====================================
data/DLA/list
=====================================
@@ -1,3 +1,5 @@
+[11 Sep 2021] DLA-2753-2 qemu - regression update
+       [stretch] - qemu 1:2.8+dfsg-6+deb9u16
 [10 Sep 2021] DLA-2756-1 firefox-esr - security update
        {CVE-2021-38493}
        [stretch] - firefox-esr 78.14.0esr-1~deb9u1
@@ -8,7 +10,7 @@
        {CVE-2021-39371}
        [stretch] - pywps 4.0.0-3+deb9u1
 [01 Sep 2021] DLA-2753-1 qemu - security update
-       {CVE-2021-3527 CVE-2021-3592 CVE-2021-3594 CVE-2021-3595 CVE-2021-3682 
CVE-2021-3713}
+       {CVE-2021-3527 CVE-2021-3594 CVE-2021-3595 CVE-2021-3682 CVE-2021-3713}
        [stretch] - qemu 1:2.8+dfsg-6+deb9u15
 [31 Aug 2021] DLA-2752-1 squashfs-tools - security update
        {CVE-2021-40153}



View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/compare/25d3c84d2a7b0e8644b9090382af07082e347921...5f97731686d16bdfd14b1fd04a23413485a3a830

-- 
View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/compare/25d3c84d2a7b0e8644b9090382af07082e347921...5f97731686d16bdfd14b1fd04a23413485a3a830
You're receiving this email because of your account on salsa.debian.org.

_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits

[Git][security-tracker-team/security-tracker][master] 2 commits: Ignore CVE-2021-3592,qemu for now because of a regression.

Reply via email to