Summary: | <app-emulation/qemu-2.4.0-r2: DoS in Virtual Network Device (virtio-net) (CVE-2015-7295) | ||
---|---|---|---|
Product: | Gentoo Security | Reporter: | Kristian Fiskerstrand (RETIRED) <k_f> |
Component: | Vulnerabilities | Assignee: | Gentoo Security <security> |
Status: | RESOLVED FIXED | ||
Severity: | normal | CC: | qemu+disabled |
Priority: | Normal | ||
Version: | unspecified | ||
Hardware: | All | ||
OS: | Linux | ||
URL: | http://seclists.org/oss-sec/2015/q3/579 | ||
Whiteboard: | B3 [glsa cve] | ||
Package list: | Runtime testing required: | --- |
Description
Kristian Fiskerstrand (RETIRED)
2015-09-18 11:02:08 UTC
upstream commits: http://git.qemu.org/?p=qemu.git;a=commitdiff;h=ce317461573bac12b10d67699b4ddf1f97cf066c http://git.qemu.org/?p=qemu.git;a=commitdiff;h=0cf33fb6b49a19de32859e2cdc6021334f448fb3 http://git.qemu.org/?p=qemu.git;a=commitdiff;h=29b9f5efd78ae0f9cc02dd169b6e80d2c404bade qemu-2.4.0.1 in the tree should have the fixes for this and should be fine to mark stable http://gitweb.gentoo.org/repo/gentoo.git/commit/?id=4703b062bb7d0c6ebdf91827a3396435e6dea74a We now have 2.4.0.1-r1 do you want to go with that as stable? or with 2.4.0.1 Also 2.4.1 is now in tree @maintainers: Can you please advise on which version to stabilize? ## commit 8ba1e580c6566005cfe98625e52b94803f367528 Author: Mike Frysinger <vapier@gentoo.org> Date: Fri Nov 6 11:36:45 2015 -0500 app-emulation/qemu: version bump to 2.4.1 #564990 ## stabilized in another bug. cleanup done by vapier Arches and Maintainer(s), Thank you for your work. Added to an existing GLSA Request. This issue was resolved and addressed in GLSA 201602-01 at https://security.gentoo.org/glsa/201602-01 by GLSA coordinator Kristian Fiskerstrand (K_F). |