Summary: | <app-emulation/qemu-2.3.0-r4: scsi stack buffer overflow (CVE-2015-5158) | ||
---|---|---|---|
Product: | Gentoo Security | Reporter: | Agostino Sarubbo <ago> |
Component: | Vulnerabilities | Assignee: | Gentoo Security <security> |
Status: | RESOLVED FIXED | ||
Severity: | minor | CC: | qemu+disabled |
Priority: | Normal | ||
Version: | unspecified | ||
Hardware: | All | ||
OS: | Linux | ||
URL: | http://www.openwall.com/lists/oss-security/2015/07/23/6 | ||
Whiteboard: | B3 [glsa cve] | ||
Package list: | Runtime testing required: | --- | |
Bug Depends on: | 556052 | ||
Bug Blocks: |
Description
Agostino Sarubbo
2015-07-23 11:00:53 UTC
*qemu-2.3.0-r3 (25 Jul 2015) 25 Jul 2015; Doug Goldstein <cardoe@gentoo.org> +files/qemu-2.3.0-CVE-2015-5158.patch, +qemu-2.3.0-r3.ebuild: Add fix from upstream for CVE-2015-5158 #555680 by Agostino Sarubbo. Arches, please test and mark stable: =app-emulation/qemu-2.3.0-r3 Target keywords : "amd64 x86" let's use bug 556052 for stabilization since it's a newer rev This issue was resolved and addressed in GLSA 201510-02 at https://security.gentoo.org/glsa/201510-02 by GLSA coordinator Kristian Fiskerstrand (K_F). |