Summary: | <app-emulation/qemu-2.0.0-r1: qcow1 - validate image size and L2 table size (CVE-2014-{0222,0223}) | ||
---|---|---|---|
Product: | Gentoo Security | Reporter: | Agostino Sarubbo <ago> |
Component: | Vulnerabilities | Assignee: | Gentoo Security <security> |
Status: | RESOLVED FIXED | ||
Severity: | normal | CC: | cardoe, qemu+disabled |
Priority: | Normal | ||
Version: | unspecified | ||
Hardware: | All | ||
OS: | Linux | ||
URL: | http://git.qemu.org/?p=qemu.git;a=commitdiff;h=46485de0cb357b57373e1ca895adedf1f3ed46ec | ||
Whiteboard: | B2 [glsa] | ||
Package list: | Runtime testing required: | --- | |
Bug Depends on: | 510208 | ||
Bug Blocks: |
Description
Agostino Sarubbo
2014-05-13 13:00:17 UTC
upstream has merged the fixes now for CVE-2014-0222 & CVE-2014-0223 http://git.qemu.org/?p=qemu.git;a=commitdiff;h=46485de0cb357b57373e1ca895adedf1f3ed46ec http://git.qemu.org/?p=qemu.git;a=commitdiff;h=42eb58179b3b215bb507da3262b682b8a2ec10b5 qemu-2.0.0-r1 has the fixes (In reply to SpanKY from comment #2) > qemu-2.0.0-r1 has the fixes Please let us know if you are ready for stabilization? security, please add it to the current glsa draft. Added to existing GLSA draft This issue was resolved and addressed in GLSA 201408-17 at http://security.gentoo.org/glsa/glsa-201408-17.xml by GLSA coordinator Kristian Fiskerstrand (K_F). |