Author: carnil Date: 2016-10-14 20:18:33 +0000 (Fri, 14 Oct 2016) New Revision: 45324
Modified: data/CVE/list Log: Add fixed version for four CVEs for qemu with unstable upload Modified: data/CVE/list =================================================================== --- data/CVE/list 2016-10-14 19:41:40 UTC (rev 45323) +++ data/CVE/list 2016-10-14 20:18:33 UTC (rev 45324) @@ -962,7 +962,7 @@ CVE-2016-8221 RESERVED CVE-2016-7423 (The mptsas_process_scsi_io_request function in QEMU (aka Quick ...) - - qemu <unfixed> (bug #838145) + - qemu 1:2.7+dfsg-1 (bug #838145) [jessie] - qemu <not-affected> (Vulnerable code introduced later) [wheezy] - qemu <not-affected> (Vulnerable code introduced later) - qemu-kvm <not-affected> (Vulnerable code introduced later) @@ -974,7 +974,7 @@ NOTE: Fixed by: http://git.qemu.org/?p=qemu.git;a=commit;h=670e56d3ed2918b3861d9216f2c0540d9e9ae0d5 CVE-2016-7422 [virtio: null pointer dereference in virtqueue_map_desc] RESERVED - - qemu <unfixed> (bug #838146) + - qemu 1:2.7+dfsg-1 (bug #838146) [jessie] - qemu <not-affected> (Vulnerable code introduced later) [wheezy] - qemu <not-affected> (Vulnerable code introduced later) - qemu-kvm <not-affected> (Vulnerable code introduced later) @@ -984,7 +984,7 @@ NOTE: http://www.openwall.com/lists/oss-security/2016/09/16/4 CVE-2016-7421 [scsi: pvscsi: infinite loop when processing IO requests] RESERVED - - qemu <unfixed> (bug #838147) + - qemu 1:2.7+dfsg-1 (bug #838147) [wheezy] - qemu <not-affected> (Vulnerable code not present, introduced after 1.5) - qemu-kvm <not-affected> (Vulnerable code not present, introduced after 1.5) NOTE: https://lists.gnu.org/archive/html/qemu-devel/2016-09/msg03609.html @@ -4083,9 +4083,9 @@ NOTE: Fixed by: https://git.gnome.org/browse/file-roller/commit/?id=f70be1f41688859ec8dbe266df35a1839ceb96c5 (3.20.3) CVE-2016-7161 (Heap-based buffer overflow in the .receive callback of ...) {DLA-653-1 DLA-652-1} - - qemu <unfixed> (bug #838850) + - qemu 1:2.7+dfsg-1 (bug #838850) - qemu-kvm <removed> - NOTE: http://git.qemu.org/?p=qemu.git;a=commit;h=a0d1cbdacff5df4ded16b753b38fdd9da6092968 + NOTE: http://git.qemu.org/?p=qemu.git;a=commit;h=a0d1cbdacff5df4ded16b753b38fdd9da6092968 (2.7.0-rc3) NOTE: http://patchwork.ozlabs.org/patch/657076/ CVE-2016-7160 RESERVED _______________________________________________ Secure-testing-commits mailing list Secure-testing-commits@lists.alioth.debian.org http://lists.alioth.debian.org/cgi-bin/mailman/listinfo/secure-testing-commits