Author: carnil Date: 2017-08-05 13:57:29 +0000 (Sat, 05 Aug 2017) New Revision: 54319
Modified: data/CVE/list Log: Add fixed version for unstable upload for qemu Modified: data/CVE/list =================================================================== --- data/CVE/list 2017-08-05 13:39:03 UTC (rev 54318) +++ data/CVE/list 2017-08-05 13:57:29 UTC (rev 54319) @@ -2539,7 +2539,7 @@ NOT-FOR-US: Humax Wi-Fi Router model HG100R-* CVE-2017-11434 (The dhcp_decode function in slirp/bootp.c in QEMU (aka Quick Emulator) ...) {DSA-3925-1} - - qemu <unfixed> (bug #869171) + - qemu 1:2.8+dfsg-7 (bug #869171) - qemu-kvm <removed> NOTE: https://lists.gnu.org/archive/html/qemu-devel/2017-07/msg05001.html CVE-2017-11433 @@ -2857,7 +2857,7 @@ NOTE: https://github.com/ImageMagick/ImageMagick/issues/506 CVE-2017-11334 (The address_space_write_continue function in exec.c in QEMU (aka Quick ...) {DSA-3925-1} - - qemu <unfixed> (bug #869173) + - qemu 1:2.8+dfsg-7 (bug #869173) - qemu-kvm <removed> NOTE: https://lists.gnu.org/archive/html/qemu-devel/2017-07/msg03775.html CVE-2017-11333 (The vorbis_analysis_wrote function in lib/block.c in Xiph.Org libvorbis ...) @@ -4388,7 +4388,7 @@ RESERVED CVE-2017-10806 (Stack-based buffer overflow in hw/usb/redirect.c in QEMU (aka Quick ...) {DSA-3925-1} - - qemu <unfixed> (bug #867751) + - qemu 1:2.8+dfsg-7 (bug #867751) [jessie] - qemu <no-dsa> (Minor issue) [wheezy] - qemu <no-dsa> (Minor issue) - qemu-kvm <removed> @@ -4762,7 +4762,7 @@ RESERVED CVE-2017-10664 (qemu-nbd in QEMU (aka Quick Emulator) does not ignore SIGPIPE, which ...) {DSA-3920-1} - - qemu <unfixed> (bug #866674) + - qemu 1:2.8+dfsg-7 (bug #866674) [jessie] - qemu <no-dsa> (Minor issue) - qemu-kvm <removed> [wheezy] - qemu-kvm <not-affected> (qemu-nbd shipped from qemu package) @@ -6942,7 +6942,7 @@ CVE-2017-10911 (The make_response function in drivers/block/xen-blkback/blkback.c in ...) {DSA-3920-1} - linux 4.11.11-1 - - qemu <unfixed> (bug #869706) + - qemu 1:2.8+dfsg-7 (bug #869706) NOTE: https://xenbits.xen.org/xsa/advisory-216.html CVE-2017-1000381 (The c-ares function `ares_parse_naptr_reply()`, which is used for ...) {DLA-998-1} @@ -7671,7 +7671,7 @@ NOTE: and following refactorings. CVE-2017-9524 (The qemu-nbd server in QEMU (aka Quick Emulator), when built with the ...) {DSA-3925-1} - - qemu <unfixed> (bug #865755) + - qemu 1:2.8+dfsg-7 (bug #865755) [jessie] - qemu <not-affected> (Vulnerable code not present) [wheezy] - qemu <not-affected> (Vulnerable code not present) - qemu-kvm <removed> @@ -8124,7 +8124,7 @@ NOTE: Fixed by: http://git.qemu.org/?p=qemu.git;a=commitdiff;h=96d87bdda3919bb16f754b3d3fd1227e1f38f13c CVE-2017-9374 (Memory leak in QEMU (aka Quick Emulator), when built with USB EHCI ...) {DSA-3920-1} - - qemu <unfixed> (bug #864568) + - qemu 1:2.8+dfsg-7 (bug #864568) [jessie] - qemu <no-dsa> (Minor issue) [wheezy] - qemu <no-dsa> (Minor issue) - qemu-kvm <removed> @@ -8132,7 +8132,7 @@ NOTE: Fixed by: http://git.qemu.org/?p=qemu.git;a=commitdiff;h=d710e1e7bd3d5bfc26b631f02ae87901ebe646b0 CVE-2017-9373 (Memory leak in QEMU (aka Quick Emulator), when built with IDE AHCI ...) {DSA-3920-1} - - qemu <unfixed> (bug #864216) + - qemu 1:2.8+dfsg-7 (bug #864216) [wheezy] - qemu <no-dsa> (Minor issue) - qemu-kvm <removed> [wheezy] - qemu-kvm <no-dsa> (Minor issue) @@ -8278,7 +8278,7 @@ NOTE: Patch: http://lists.nongnu.org/archive/html/chicken-hackers/2017-05/msg00099.html CVE-2017-9330 (QEMU (aka Quick Emulator), when built with the USB OHCI Emulation ...) {DSA-3920-1} - - qemu <unfixed> (bug #863943) + - qemu 1:2.8+dfsg-7 (bug #863943) [jessie] - qemu <no-dsa> (Minor issue) [wheezy] - qemu <not-affected> (Vulnerable code no present) - qemu-kvm <removed> @@ -8488,7 +8488,7 @@ NOTE: https://www.sudo.ws/repos/sudo/raw-rev/b5460cbbb11b CVE-2017-9310 (QEMU (aka Quick Emulator), when built with the e1000e NIC emulation ...) {DSA-3920-1} - - qemu <unfixed> (bug #863840) + - qemu 1:2.8+dfsg-7 (bug #863840) [jessie] - qemu <not-affected> (Vulnerable code not present; e1000e introduced in 2.7.0-rc0) [wheezy] - qemu <not-affected> (Vulnerable code not present) - qemu-kvm <removed> _______________________________________________ Secure-testing-commits mailing list Secure-testing-commits@lists.alioth.debian.org http://lists.alioth.debian.org/cgi-bin/mailman/listinfo/secure-testing-commits