Summary: | app-emulation/qemu: NULL pointer derefrence issues (CVE-2020-{25741,25742,25743}) | ||
---|---|---|---|
Product: | Gentoo Security | Reporter: | filip ambroz <filip.ambroz> |
Component: | Vulnerabilities | Assignee: | Gentoo Security <security> |
Status: | UNCONFIRMED --- | ||
Severity: | minor | CC: | ajak, sam, tamiko, virtualization, zlogene |
Priority: | Normal | ||
Version: | unspecified | ||
Hardware: | All | ||
OS: | Linux | ||
URL: | https://seclists.org/oss-sec/2020/q3/201 | ||
Whiteboard: | B3 [upstream] | ||
Package list: | Runtime testing required: | --- |
Description
filip ambroz
2020-09-29 11:18:28 UTC
We will wait when correct fix lands upstream. (In reply to Sergei Trofimovich from comment #1) > We will wait when correct fix lands upstream. thank you for answer, I changed the whiteboard QEMU 5.2 is out, does it have the fixes? (In reply to Joakim Tjernlund from comment #3) > QEMU 5.2 is out, does it have the fixes? QEMU is one of the worst upstreams I've seen for tracking patches. That said, I don't see the subjects of those emails in any QEMU master commits. These patches have not been applied upstream. Package list is empty or all packages have requested keywords. Still seems unfixed |