Author: agx
Date: 2017-06-23 11:04:56 +0000 (Fri, 23 Jun 2017)
New Revision: 52841
Modified:
data/CVE/list
Log:
lts: Mark hotplug related issues as no-dsa for qemu{,-kvm}
The hotplug code in wheezy has more issues so fixing DoS by leaks
is not worth the effort.
Modified: data/CVE/list
===================================================================
--- data/CVE/list 2017-06-23 11:04:46 UTC (rev 52840)
+++ data/CVE/list 2017-06-23 11:04:56 UTC (rev 52841)
@@ -2469,17 +2469,23 @@
RESERVED
CVE-2017-9375 (QEMU (aka Quick Emulator), when built with USB xHCI controller
...)
- qemu <unfixed> (bug #864219)
+ [wheezy] - qemu <not-affected> (vulnerable code not present)
- qemu-kvm <removed>
+ [wheezy] - qemu-kvm <not-affected> (vulnerable code not present)
NOTE: Fixed by:
http://git.qemu.org/?p=qemu.git;a=commitdiff;h=96d87bdda3919bb16f754b3d3fd1227e1f38f13c
CVE-2017-9374 (Memory leak in QEMU (aka Quick Emulator), when built with USB
EHCI ...)
- qemu <unfixed> (bug #864568)
[stretch] - qemu <no-dsa> (Minor issue)
[jessie] - qemu <no-dsa> (Minor issue)
+ [wheezy] - qemu <no-dsa> (Minor issue)
- qemu-kvm <removed>
+ [wheezy] - qemu-kvm <no-dsa> (Minor issue)
NOTE: Fixed by:
http://git.qemu.org/?p=qemu.git;a=commitdiff;h=d710e1e7bd3d5bfc26b631f02ae87901ebe646b0
CVE-2017-9373 (Memory leak in QEMU (aka Quick Emulator), when built with IDE
AHCI ...)
- qemu <unfixed> (bug #864216)
+ [wheezy] - qemu <no-dsa> (Minor issue)
- qemu-kvm <removed>
+ [wheezy] - qemu-kvm <no-dsa> (Minor issue)
NOTE: Fixed by:
http://git.qemu.org/?p=qemu.git;a=commitdiff;h=d68f0f778e7f4fbd674627274267f269e40f0b04
CVE-2017-9371
RESERVED
_______________________________________________
Secure-testing-commits mailing list
[email protected]
http://lists.alioth.debian.org/cgi-bin/mailman/listinfo/secure-testing-commits
