Summary: | <app-emulation/qemu-2.1.0-r1: hw: pci: use after free triggered via guest (CVE-2014-3471) | ||
---|---|---|---|
Product: | Gentoo Security | Reporter: | Kristian Fiskerstrand (RETIRED) <k_f> |
Component: | Vulnerabilities | Assignee: | Gentoo Security <security> |
Status: | RESOLVED FIXED | ||
Severity: | normal | CC: | cardoe, qemu+disabled |
Priority: | Normal | ||
Version: | unspecified | ||
Hardware: | All | ||
OS: | Linux | ||
URL: | https://lists.gnu.org/archive/html/qemu-devel/2014-06/msg05283.html | ||
Whiteboard: | B3 [glsa] | ||
Package list: | Runtime testing required: | --- |
Description
Kristian Fiskerstrand (RETIRED)
2014-06-23 13:30:21 UTC
qemu-2.1.0 is in the tree now. i think we should wait the normal 30 day period. Stabilized in Bug # 520688 Arches and Mainter(s), Thank you for your work. Added to an existing GLSA request. This issue was resolved and addressed in GLSA 201412-01 at http://security.gentoo.org/glsa/glsa-201412-01.xml by GLSA coordinator Kristian Fiskerstrand (K_F). |