diff options
| author | Salvatore Bonaccorso <carnil@debian.org> | 2020-07-03 21:31:43 +0200 |
|---|---|---|
| committer | Salvatore Bonaccorso <carnil@debian.org> | 2020-07-03 21:31:43 +0200 |
| commit | d4273206f0c9354885125809687f54733c62897f (patch) | |
| tree | 840af8501a6a7d46164c51beeec993e270a5c371 /data | |
| parent | 444a55f230bfaf3ae1e424c1e929cf7026cd6d3a (diff) | |
Track fixes for qemu via unstable
Diffstat (limited to 'data')
| -rw-r--r-- | data/CVE/list | 16 |
1 files changed, 8 insertions, 8 deletions
diff --git a/data/CVE/list b/data/CVE/list index d07757585a..796ea67fb7 100644 --- a/data/CVE/list +++ b/data/CVE/list @@ -4212,7 +4212,7 @@ CVE-2020-13964 (An issue was discovered in Roundcube Webmail before 1.3.12 and 1 NOTE: 1.4.x: https://github.com/roundcube/roundcubemail/commit/4beec65d40c5e5b1f2bace935c110baf05e10ae5 NOTE: 1.3.x: https://github.com/roundcube/roundcubemail/commit/37e2bc745723ef6322f0f785aefd0b9313a40f19 CVE-2020-13800 (ati-vga in hw/display/ati.c in QEMU 4.2.0 allows guest OS users to tri ...) - - qemu <unfixed> + - qemu 1:5.0-6 [buster] - qemu <not-affected> (Vulnerable code introduced later) [stretch] - qemu <not-affected> (Vulnerable code introduced later) [jessie] - qemu <not-affected> (Vulnerable code introduced later) @@ -4220,7 +4220,7 @@ CVE-2020-13800 (ati-vga in hw/display/ati.c in QEMU 4.2.0 allows guest OS users NOTE: https://lists.gnu.org/archive/html/qemu-devel/2020-06/msg00833.html NOTE: https://git.qemu.org/?p=qemu.git;a=commitdiff;h=a98610c429d52db0937c1e48659428929835c455 CVE-2020-13791 (hw/pci/pci.c in QEMU 4.2.0 allows guest OS users to trigger an out-of- ...) - - qemu <unfixed> + - qemu 1:5.0-6 [buster] - qemu <not-affected> (Vulnerable code introduced later) [stretch] - qemu <not-affected> (Vulnerable code introduced later) [jessie] - qemu <not-affected> (Vulnerable code introduced later) @@ -4445,7 +4445,7 @@ CVE-2020-13703 CVE-2019-20809 (The price oracle in PriceOracle.sol in Compound Finance Compound Price ...) NOT-FOR-US: Compound Finance Compound Price Oracle CVE-2020-13754 (hw/pci/msix.c in QEMU 4.2.0 allows guest OS users to trigger an out-of ...) - - qemu <unfixed> + - qemu 1:5.0-6 NOTE: https://lists.gnu.org/archive/html/qemu-devel/2020-06/msg03732.html CVE-2020-13702 (** DISPUTED ** The Rolling Proximity Identifier used in the Apple/Goog ...) NOT-FOR-US: Apple/Google Exposure Notification API @@ -4551,7 +4551,7 @@ CVE-2020-13661 CVE-2020-13660 (CMS Made Simple through 2.2.14 allows XSS via a crafted File Picker pr ...) NOT-FOR-US: CMS Made Simple CVE-2020-13659 (address_space_map in exec.c in QEMU 4.2.0 can trigger a NULL pointer d ...) - - qemu <unfixed> + - qemu 1:5.0-6 [buster] - qemu <postponed> (Minor issue) [stretch] - qemu <postponed> (Minor issue) NOTE: https://bugs.launchpad.net/qemu/+bug/1878259 @@ -5228,11 +5228,11 @@ CVE-2020-13363 RESERVED CVE-2020-13362 (In QEMU 5.0.0 and earlier, megasas_lookup_frame in hw/scsi/megasas.c h ...) {DLA-2262-1} - - qemu <unfixed> (bug #961887) + - qemu 1:5.0-6 (bug #961887) NOTE: https://lists.gnu.org/archive/html/qemu-devel/2020-05/msg03463.html CVE-2020-13361 (In QEMU 5.0.0 and earlier, es1370_transfer_audio in hw/audio/es1370.c ...) {DLA-2262-1} - - qemu <unfixed> (bug #961888) + - qemu 1:5.0-6 (bug #961888) NOTE: https://lists.gnu.org/archive/html/qemu-devel/2020-05/msg07230.html CVE-2019-20806 (An issue was discovered in the Linux kernel before 5.2. There is a NUL ...) {DSA-4698-1 DLA-2242-1} @@ -5477,7 +5477,7 @@ CVE-2020-13254 (An issue was discovered in Django 2.2 before 2.2.13 and 3.0 befo NOTE: https://github.com/django/django/commit/07e59caa02831c4569bbebb9eb773bdd9cb4b206 (2.2 branch) NOTE: Regression https://code.djangoproject.com/ticket/31654 CVE-2020-13253 (sd_wp_addr in hw/sd/sd.c in QEMU 4.2.0 uses an unvalidated address, wh ...) - - qemu <unfixed> (bug #961297) + - qemu 1:5.0-6 (bug #961297) [buster] - qemu <postponed> (Minor issue, can be fixed along in next DSA) [stretch] - qemu <postponed> (Minor issue, can be fixed along in next DSA) NOTE: https://lists.gnu.org/archive/html/qemu-devel/2020-05/msg05835.html @@ -13169,7 +13169,7 @@ CVE-2020-10763 CVE-2020-10762 RESERVED CVE-2020-10761 (An assertion failure issue was found in the Network Block Device(NBD) ...) - - qemu <unfixed> + - qemu 1:5.0-6 [buster] - qemu <not-affected> (Vulnerable code introduced later) [stretch] - qemu <not-affected> (Vulnerable code introduced later) [jessie] - qemu <not-affected> (Vulnerable code introduced later) |