[Secure-testing-commits] r45324 - data/CVE

Salvatore Bonaccorso Fri, 14 Oct 2016 13:18:53 -0700

Author: carnil
Date: 2016-10-14 20:18:33 +0000 (Fri, 14 Oct 2016)
New Revision: 45324


Modified:
   data/CVE/list
Log:
Add fixed version for four CVEs for qemu with unstable upload

Modified: data/CVE/list
===================================================================
--- data/CVE/list       2016-10-14 19:41:40 UTC (rev 45323)
+++ data/CVE/list       2016-10-14 20:18:33 UTC (rev 45324)
@@ -962,7 +962,7 @@
 CVE-2016-8221
        RESERVED
 CVE-2016-7423 (The mptsas_process_scsi_io_request function in QEMU (aka Quick 
...)
-       - qemu <unfixed> (bug #838145)
+       - qemu 1:2.7+dfsg-1 (bug #838145)
        [jessie] - qemu <not-affected> (Vulnerable code introduced later)
        [wheezy] - qemu <not-affected> (Vulnerable code introduced later)
        - qemu-kvm <not-affected> (Vulnerable code introduced later)
@@ -974,7 +974,7 @@
        NOTE: Fixed by: 
http://git.qemu.org/?p=qemu.git;a=commit;h=670e56d3ed2918b3861d9216f2c0540d9e9ae0d5
 CVE-2016-7422 [virtio: null pointer dereference in virtqueue_map_desc]
        RESERVED
-       - qemu <unfixed> (bug #838146)
+       - qemu 1:2.7+dfsg-1 (bug #838146)
        [jessie] - qemu <not-affected> (Vulnerable code introduced later)
        [wheezy] - qemu <not-affected> (Vulnerable code introduced later)
        - qemu-kvm <not-affected> (Vulnerable code introduced later)
@@ -984,7 +984,7 @@
        NOTE: http://www.openwall.com/lists/oss-security/2016/09/16/4
 CVE-2016-7421 [scsi: pvscsi: infinite loop when processing IO requests]
        RESERVED
-       - qemu <unfixed> (bug #838147)
+       - qemu 1:2.7+dfsg-1 (bug #838147)
        [wheezy] - qemu <not-affected> (Vulnerable code not present, introduced 
after 1.5)
        - qemu-kvm <not-affected> (Vulnerable code not present, introduced 
after 1.5)
        NOTE: 
https://lists.gnu.org/archive/html/qemu-devel/2016-09/msg03609.html
@@ -4083,9 +4083,9 @@
        NOTE: Fixed by: 
https://git.gnome.org/browse/file-roller/commit/?id=f70be1f41688859ec8dbe266df35a1839ceb96c5
 (3.20.3)
 CVE-2016-7161 (Heap-based buffer overflow in the .receive callback of ...)
        {DLA-653-1 DLA-652-1}
-       - qemu <unfixed> (bug #838850)
+       - qemu 1:2.7+dfsg-1 (bug #838850)
        - qemu-kvm <removed>
-       NOTE: 
http://git.qemu.org/?p=qemu.git;a=commit;h=a0d1cbdacff5df4ded16b753b38fdd9da6092968
+       NOTE: 
http://git.qemu.org/?p=qemu.git;a=commit;h=a0d1cbdacff5df4ded16b753b38fdd9da6092968
 (2.7.0-rc3)
        NOTE: http://patchwork.ozlabs.org/patch/657076/
 CVE-2016-7160
        RESERVED


_______________________________________________
Secure-testing-commits mailing list
Secure-testing-commits@lists.alioth.debian.org
http://lists.alioth.debian.org/cgi-bin/mailman/listinfo/secure-testing-commits

[Secure-testing-commits] r45324 - data/CVE

Reply via email to