Gentoo Websites Logo
Go to: Gentoo Home Documentation Forums Lists Bugs Planet Store Wiki Get Gentoo!
Bug 223649 - <app-emulation/qemu-softmmu-0.9.1-r3: vulnerable to CVE-2007-1320 (heap based overflows in the Cirrus VGA extension)
Summary: <app-emulation/qemu-softmmu-0.9.1-r3: vulnerable to CVE-2007-1320 (heap based...
Status: RESOLVED OBSOLETE
Alias: None
Product: Gentoo Security
Classification: Unclassified
Component: Vulnerabilities (show other bugs)
Hardware: All All
: High normal (vote)
Assignee: Gentoo Security
URL: http://cve.mitre.org/cgi-bin/cvename....
Whiteboard: B2 [glsa]
Keywords:
Depends on:
Blocks:
 
Reported: 2008-05-26 06:58 UTC by Carlo Marcelo Arenas Belon
Modified: 2013-08-28 13:59 UTC (History)
1 user (show)

See Also:
Package list:
Runtime testing required: ---


Attachments

Note You need to log in before you can comment on or make changes to this bug.
Description Carlo Marcelo Arenas Belon 2008-05-26 06:58:53 UTC
reported originally for qemu 0.8.2 (in xen) but never patched in upstream qemu until :

  http://svn.savannah.gnu.org/viewvc/?view=rev&root=qemu&revision=4340
Comment 1 Robert Buchholz (RETIRED) gentoo-dev 2008-07-01 08:38:14 UTC
Lu, does our qemu already contain this patch?
Comment 2 Luca Barbato gentoo-dev 2008-07-02 12:03:24 UTC
no, it doesn't let me some days to fetch the related patch (and/or decide if is worth providing a fresh snapshot)
Comment 3 Robert Buchholz (RETIRED) gentoo-dev 2008-07-02 23:19:27 UTC
sure, ping back when you have it.
Comment 4 Doug Goldstein (RETIRED) gentoo-dev 2012-03-08 16:27:47 UTC
Removed from tree.
Comment 5 Sean Amoss (RETIRED) gentoo-dev Security 2012-03-10 00:36:25 UTC
Added to existing GLSA request
Comment 6 Doug Goldstein (RETIRED) gentoo-dev 2013-08-28 01:21:53 UTC
@security: 15 month follow up ping.