Author: carnil
Date: 2017-08-05 13:57:29 +0000 (Sat, 05 Aug 2017)
New Revision: 54319
Modified:
data/CVE/list
Log:
Add fixed version for unstable upload for qemu
Modified: data/CVE/list
===================================================================
--- data/CVE/list 2017-08-05 13:39:03 UTC (rev 54318)
+++ data/CVE/list 2017-08-05 13:57:29 UTC (rev 54319)
@@ -2539,7 +2539,7 @@
NOT-FOR-US: Humax Wi-Fi Router model HG100R-*
CVE-2017-11434 (The dhcp_decode function in slirp/bootp.c in QEMU (aka Quick
Emulator) ...)
{DSA-3925-1}
- - qemu <unfixed> (bug #869171)
+ - qemu 1:2.8+dfsg-7 (bug #869171)
- qemu-kvm <removed>
NOTE:
https://lists.gnu.org/archive/html/qemu-devel/2017-07/msg05001.html
CVE-2017-11433
@@ -2857,7 +2857,7 @@
NOTE: https://github.com/ImageMagick/ImageMagick/issues/506
CVE-2017-11334 (The address_space_write_continue function in exec.c in QEMU
(aka Quick ...)
{DSA-3925-1}
- - qemu <unfixed> (bug #869173)
+ - qemu 1:2.8+dfsg-7 (bug #869173)
- qemu-kvm <removed>
NOTE:
https://lists.gnu.org/archive/html/qemu-devel/2017-07/msg03775.html
CVE-2017-11333 (The vorbis_analysis_wrote function in lib/block.c in Xiph.Org
libvorbis ...)
@@ -4388,7 +4388,7 @@
RESERVED
CVE-2017-10806 (Stack-based buffer overflow in hw/usb/redirect.c in QEMU (aka
Quick ...)
{DSA-3925-1}
- - qemu <unfixed> (bug #867751)
+ - qemu 1:2.8+dfsg-7 (bug #867751)
[jessie] - qemu <no-dsa> (Minor issue)
[wheezy] - qemu <no-dsa> (Minor issue)
- qemu-kvm <removed>
@@ -4762,7 +4762,7 @@
RESERVED
CVE-2017-10664 (qemu-nbd in QEMU (aka Quick Emulator) does not ignore SIGPIPE,
which ...)
{DSA-3920-1}
- - qemu <unfixed> (bug #866674)
+ - qemu 1:2.8+dfsg-7 (bug #866674)
[jessie] - qemu <no-dsa> (Minor issue)
- qemu-kvm <removed>
[wheezy] - qemu-kvm <not-affected> (qemu-nbd shipped from qemu package)
@@ -6942,7 +6942,7 @@
CVE-2017-10911 (The make_response function in
drivers/block/xen-blkback/blkback.c in ...)
{DSA-3920-1}
- linux 4.11.11-1
- - qemu <unfixed> (bug #869706)
+ - qemu 1:2.8+dfsg-7 (bug #869706)
NOTE: https://xenbits.xen.org/xsa/advisory-216.html
CVE-2017-1000381 (The c-ares function `ares_parse_naptr_reply()`, which is
used for ...)
{DLA-998-1}
@@ -7671,7 +7671,7 @@
NOTE: and following refactorings.
CVE-2017-9524 (The qemu-nbd server in QEMU (aka Quick Emulator), when built
with the ...)
{DSA-3925-1}
- - qemu <unfixed> (bug #865755)
+ - qemu 1:2.8+dfsg-7 (bug #865755)
[jessie] - qemu <not-affected> (Vulnerable code not present)
[wheezy] - qemu <not-affected> (Vulnerable code not present)
- qemu-kvm <removed>
@@ -8124,7 +8124,7 @@
NOTE: Fixed by:
http://git.qemu.org/?p=qemu.git;a=commitdiff;h=96d87bdda3919bb16f754b3d3fd1227e1f38f13c
CVE-2017-9374 (Memory leak in QEMU (aka Quick Emulator), when built with USB
EHCI ...)
{DSA-3920-1}
- - qemu <unfixed> (bug #864568)
+ - qemu 1:2.8+dfsg-7 (bug #864568)
[jessie] - qemu <no-dsa> (Minor issue)
[wheezy] - qemu <no-dsa> (Minor issue)
- qemu-kvm <removed>
@@ -8132,7 +8132,7 @@
NOTE: Fixed by:
http://git.qemu.org/?p=qemu.git;a=commitdiff;h=d710e1e7bd3d5bfc26b631f02ae87901ebe646b0
CVE-2017-9373 (Memory leak in QEMU (aka Quick Emulator), when built with IDE
AHCI ...)
{DSA-3920-1}
- - qemu <unfixed> (bug #864216)
+ - qemu 1:2.8+dfsg-7 (bug #864216)
[wheezy] - qemu <no-dsa> (Minor issue)
- qemu-kvm <removed>
[wheezy] - qemu-kvm <no-dsa> (Minor issue)
@@ -8278,7 +8278,7 @@
NOTE: Patch:
http://lists.nongnu.org/archive/html/chicken-hackers/2017-05/msg00099.html
CVE-2017-9330 (QEMU (aka Quick Emulator), when built with the USB OHCI
Emulation ...)
{DSA-3920-1}
- - qemu <unfixed> (bug #863943)
+ - qemu 1:2.8+dfsg-7 (bug #863943)
[jessie] - qemu <no-dsa> (Minor issue)
[wheezy] - qemu <not-affected> (Vulnerable code no present)
- qemu-kvm <removed>
@@ -8488,7 +8488,7 @@
NOTE: https://www.sudo.ws/repos/sudo/raw-rev/b5460cbbb11b
CVE-2017-9310 (QEMU (aka Quick Emulator), when built with the e1000e NIC
emulation ...)
{DSA-3920-1}
- - qemu <unfixed> (bug #863840)
+ - qemu 1:2.8+dfsg-7 (bug #863840)
[jessie] - qemu <not-affected> (Vulnerable code not present; e1000e
introduced in 2.7.0-rc0)
[wheezy] - qemu <not-affected> (Vulnerable code not present)
- qemu-kvm <removed>
_______________________________________________
Secure-testing-commits mailing list
Secure-testing-commits@lists.alioth.debian.org
http://lists.alioth.debian.org/cgi-bin/mailman/listinfo/secure-testing-commits
