diff options
author | Sylvain Beucler <beuc@beuc.net> | 2020-08-25 17:01:32 +0200 |
---|---|---|
committer | Sylvain Beucler <beuc@beuc.net> | 2020-08-25 17:17:03 +0200 |
commit | 3f79b9a7c7b9c78574b016f2668eb922e190e29a (patch) | |
tree | 88de7abc07567f0dd67cc5ffbe494ddd17b6947b /data/CVE/2018.list | |
parent | aa3f4ff8534c327d70f136cf5cc7017732d4c5db (diff) |
CVE-2018-19665/qemu: use canonical URL + bluetooth subsystem removed
Diffstat (limited to 'data/CVE/2018.list')
-rw-r--r-- | data/CVE/2018.list | 6 |
1 files changed, 3 insertions, 3 deletions
diff --git a/data/CVE/2018.list b/data/CVE/2018.list index a20df17e4c..6ce455e61d 100644 --- a/data/CVE/2018.list +++ b/data/CVE/2018.list @@ -4650,9 +4650,9 @@ CVE-2018-19665 (The Bluetooth subsystem in QEMU mishandles negative values for l NOTE: https://lists.gnu.org/archive/html/qemu-devel/2018-10/msg03822.html NOTE: second patch never accepted, no activity as of 20190909 NOTE: https://lists.gnu.org/archive/html/qemu-devel/2018-11/msg03570.html - NOTE: https://lists.debian.org/debian-lts/2019/01/msg00073.html - NOTE: 3.1 marked bluetooth subsystem deprecated - NOTE: https://github.com/qemu/qemu/commit/c0188e69d + NOTE: https://lists.gnu.org/archive/html/qemu-devel/2019-01/msg07426.html + NOTE: https://github.com/qemu/qemu/commit/c0188e69d (bluetooth subsystem deprecated in 3.1) + NOTE: https://github.com/qemu/qemu/commit/1d4ffe8dc (bluetooth subsystem removed in 5.0) CVE-2018-19664 (libjpeg-turbo 2.0.1 has a heap-based buffer over-read in the put_pixel ...) - libjpeg-turbo <not-affected> (Vulnerable code introduced later) NOTE: https://github.com/libjpeg-turbo/libjpeg-turbo/issues/305 |