Summary: | <app-emulation/qemu-2.10.0: qemu-nbd crashes due to undefined I/O coroutine | ||
---|---|---|---|
Product: | Gentoo Security | Reporter: | Christopher Díaz Riveros (RETIRED) <chrisadr> |
Component: | Vulnerabilities | Assignee: | Gentoo Security <security> |
Status: | RESOLVED FIXED | ||
Severity: | minor | CC: | virtualization |
Priority: | Normal | ||
Version: | unspecified | ||
Hardware: | All | ||
OS: | Linux | ||
URL: | https://bugzilla.redhat.com/show_bug.cgi?id=1473622 | ||
Whiteboard: | B3 [noglsa cve] | ||
Package list: | Runtime testing required: | --- |
Description
Christopher Díaz Riveros (RETIRED)
2017-07-21 12:54:36 UTC
This CVE does not apply to any version currently in tree. Version 2.9.0 does not contain [1] [1] http://git.qemu.org/?p=qemu.git;a=commitdiff;h=ff82911cd3f69f028f2537825c9720ff78bc3f19 Please disregard my last comment. commit 606c4d5b81243fb243bd38a21326e60c3318138c (HEAD -> master, origin/master, origin/HEAD) Author: Matthias Maier <tamiko@gentoo.org> Date: Wed Jul 26 13:53:25 2017 -0500 app-emulation/qemu: security patches CVE-2017-7539, bug #625850 CVE-2017-10664, bug #623016 CVE-2017-10806, bug #624088 Package-Manager: Portage-2.3.6, Repoman-2.3.3 I am sorry, the last patch for this issue was not functional - I reverted the change. At the moment it is not feasible to backport this upstream commit. No vulnerable versions left in tree. Security please proceed. |