From a2cc3101294191817b401db42fe5d091720c9be6 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Moritz=20M=C3=BChlenhoff?= Date: Sun, 3 Oct 2021 20:09:59 +0200 Subject: qemu DSA --- data/CVE/list | 5 ----- data/DSA/list | 3 +++ data/dsa-needed.txt | 2 -- 3 files changed, 3 insertions(+), 7 deletions(-) diff --git a/data/CVE/list b/data/CVE/list index 321d117e5a..fd655b5dce 100644 --- a/data/CVE/list +++ b/data/CVE/list @@ -6091,7 +6091,6 @@ CVE-2021-39231 CVE-2021-3713 (An out-of-bounds write flaw was found in the UAS (USB Attached SCSI) d ...) {DLA-2753-1} - qemu 1:6.1+dfsg-2 (bug #992727) - [bullseye] - qemu (Minor issue) [buster] - qemu (Minor issue) NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=1994640 CVE-2021-39230 (Butter is a system usability utility. Due to a kernel error the JPNS k ...) @@ -13019,7 +13018,6 @@ CVE-2020-36417 CVE-2021-3638 [ati-vga: inconsistent check in ati_2d_blt() may lead to out-of-bounds write] RESERVED - qemu 1:6.1+dfsg-6 (bug #992726) - [bullseye] - qemu (Minor issue) [buster] - qemu (Vulnerable code introduced in ATI VGA device emulation added later) [stretch] - qemu (Vulnerable code introduced in ATI VGA device emulation added later) NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=1979858 @@ -21774,7 +21772,6 @@ CVE-2021-32606 (In the Linux kernel 5.11 through 5.12.2, isotp_setsockopt in net NOTE: https://www.openwall.com/lists/oss-security/2021/05/11/16 CVE-2021-3545 (An information disclosure vulnerability was found in the virtio vhost- ...) - qemu 1:6.1+dfsg-1 (bug #989042) - [bullseye] - qemu (Minor issue) [buster] - qemu (Minor issue) [stretch] - qemu (The vulnerable code was introduced later) NOTE: https://lists.nongnu.org/archive/html/qemu-devel/2021-05/msg01155.html @@ -21782,7 +21779,6 @@ CVE-2021-3545 (An information disclosure vulnerability was found in the virtio v NOTE: https://gitlab.com/qemu-project/qemu/-/commit/121841b2 CVE-2021-3544 (Several memory leaks were found in the virtio vhost-user GPU device (v ...) - qemu 1:6.1+dfsg-1 (bug #989042) - [bullseye] - qemu (Minor issue) [buster] - qemu (Minor issue) [stretch] - qemu (The vulnerable code was introduced later) NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=1958935 @@ -22021,7 +22017,6 @@ CVE-2021-32563 (An issue was discovered in Thunar before 4.16.7 and 4.17.x befor NOTE: Regression: https://gitlab.xfce.org/xfce/thunar/-/issues/575 CVE-2021-3546 (A flaw was found in vhost-user-gpu of QEMU in versions up to and inclu ...) - qemu 1:6.1+dfsg-1 (bug #989042) - [bullseye] - qemu (Minor issue) [buster] - qemu (Minor issue) [stretch] - qemu (The vulnerable code was introduced later) NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=1958978 diff --git a/data/DSA/list b/data/DSA/list index 8e4f0ac001..3313b94de9 100644 --- a/data/DSA/list +++ b/data/DSA/list @@ -1,3 +1,6 @@ +[03 Oct 2021] DSA-4980-1 qemu - security update + {CVE-2021-3544 CVE-2021-3545 CVE-2021-3546 CVE-2021-3638 CVE-2021-3682 CVE-2021-3713 CVE-2021-3748} + [bullseye] - qemu 1:5.2+dfsg-11+deb11u1 [01 Oct 2021] DSA-4979-1 mediawiki - security update {CVE-2021-35197 CVE-2021-41798 CVE-2021-41799 CVE-2021-41800 CVE-2021-41801} [buster] - mediawiki 1:1.31.16-1~deb10u1 diff --git a/data/dsa-needed.txt b/data/dsa-needed.txt index 0a16e2e84d..6acdbe7455 100644 --- a/data/dsa-needed.txt +++ b/data/dsa-needed.txt @@ -42,8 +42,6 @@ puppetdb (jmm) -- python-pysaml2 (jmm) -- -qemu (jmm) --- rabbitmq-server -- runc -- cgit v1.2.3