[Secure-testing-commits] r47119 - data/CVE

Hugo Lefeuvre Thu, 15 Dec 2016 13:45:57 -0800

Author: hle
Date: 2016-12-15 21:45:31 +0000 (Thu, 15 Dec 2016)
New Revision: 47119


Modified:
   data/CVE/list
Log:
Mark CVE-2016-9907 as not affecting qemu(-kvm) in wheezy

Modified: data/CVE/list
===================================================================
--- data/CVE/list       2016-12-15 21:10:30 UTC (rev 47118)
+++ data/CVE/list       2016-12-15 21:45:31 UTC (rev 47119)
@@ -1379,10 +1379,13 @@
 CVE-2016-9907 [usb: redirector: memory leakage when destroying redirector]
        RESERVED
        - qemu <unfixed> (bug #847953)
+       [wheezy] - qemu <not-affected> (Vulnerable code not present)
        - qemu-kvm <removed>
+       [wheezy] - qemu-kvm <not-affected> (Vulnerable code not present)
        NOTE: 
https://lists.gnu.org/archive/html/qemu-devel/2016-11/msg01379.html
        NOTE: 
http://git.qemu.org/?p=qemu.git;a=commit;h=07b026fd82d6cf11baf7d7c603c4f5f6070b35bf
        NOTE: http://www.openwall.com/lists/oss-security/2016/12/06/3
+        NOTE: Leakage introduced after 1.2.50: 
http://git.qemu.org/?p=qemu.git;a=commit;h=fc3f6e1b106abcf6b8cf487ac8f8e5fc2fd86776
 CVE-2016-9908 [display: virtio-gpu-3d: information leakage in 
virgl_cmd_get_capset]
        RESERVED
        - qemu <unfixed> (bug #847400)


_______________________________________________
Secure-testing-commits mailing list
Secure-testing-commits@lists.alioth.debian.org
http://lists.alioth.debian.org/cgi-bin/mailman/listinfo/secure-testing-commits

[Secure-testing-commits] r47119 - data/CVE

Reply via email to