Summary: | <app-emulation/xen-tools-4.7.1-r6: qemu: display: cirrus: oob access while doing bitblt copy backward mode (CVE-2017-2615) | ||
---|---|---|---|
Product: | Gentoo Security | Reporter: | Thomas Deutschmann (RETIRED) <whissi> |
Component: | Vulnerabilities | Assignee: | Gentoo Security <security> |
Status: | RESOLVED FIXED | ||
Severity: | normal | CC: | xen |
Priority: | Normal | Flags: | stable-bot:
sanity-check+
|
Version: | unspecified | ||
Hardware: | All | ||
OS: | Linux | ||
URL: | https://xenbits.xen.org/xsa/advisory-208.html | ||
Whiteboard: | B2 [glsa cve cleanup] | ||
Package list: |
=app-emulation/xen-4.7.1-r5 amd64
=app-emulation/xen-tools-4.7.1-r6 amd64 x86
|
Runtime testing required: | --- |
Bug Depends on: | |||
Bug Blocks: | 609158 |
Description
Thomas Deutschmann (RETIRED)
2017-02-12 18:36:40 UTC
commit 3e4e51017be9fb21ac2f84cd162c290d2cdfd28b Author: Yixun Lan <dlan@gentoo.org> Date: Wed Feb 15 15:52:25 2017 +0800 app-emulation/xen-tools: fix XSA-208 XSA-208: oob access in cirrus bitblt copy Gentoo-Bug: 609160 Package-Manager: Portage-2.3.3, Repoman-2.3.1 :100644 100644 8a27775919... 4fe2216e04... M app-emulation/xen-tools/Manifest :000000 100644 0000000000... 20cf1af534... A app-emulation/xen-tools/xen-tools-4.7.1-r6.ebuild :000000 100644 0000000000... 78c2c2e6f3... A app-emulation/xen-tools/xen-tools-4.8.0-r2.ebuild Arches, please test and mark stable: =app-emulation/xen-4.7.1-r5 Target keyword only: "amd64" =app-emulation/xen-tools-4.7.1-r6 Target keywords: "amd64 x86" (note: I've also combined the stablereq of bug 607840 here - affect app-emulation/xen) amd64 stable x86 stable. Maintainer(s), please cleanup. Security, please add it to the existing request, or file a new one. New GLSA request filed. @ Maintainer(s): Please cleanup and drop <app-emulation/xen-4.7.1-r5 and <app-emulation/xen-tools-4.7.1-r6! This issue was resolved and addressed in GLSA 201702-27 at https://security.gentoo.org/glsa/201702-27 by GLSA coordinator Thomas Deutschmann (whissi). |