diff options
| author | Salvatore Bonaccorso <carnil@debian.org> | 2020-11-27 06:02:37 +0100 |
|---|---|---|
| committer | Salvatore Bonaccorso <carnil@debian.org> | 2020-11-27 06:02:37 +0100 |
| commit | 9e901ef17bcb0d31a6196bd7b598c1b8ace4d601 (patch) | |
| tree | 32a8d342b37747a84d12953ada32f695f7190437 | |
| parent | 21e65b511b0d8523617bdba4901ca61d62129b24 (diff) | |
Add CVE-2020-291{29,30}/libslirp
| -rw-r--r-- | data/CVE/list | 10 |
1 files changed, 8 insertions, 2 deletions
diff --git a/data/CVE/list b/data/CVE/list index dc5746778e..3e2f1994bd 100644 --- a/data/CVE/list +++ b/data/CVE/list @@ -1,7 +1,13 @@ CVE-2020-29130 (slirp.c in libslirp through 4.3.1 has a buffer over-read because it tr ...) - TODO: check + - libslirp <unfixed> + - qemu 1:4.1-2 + NOTE: https://lists.freedesktop.org/archives/slirp/2020-November/000115.html + NOTE: qemu 1:4.1-2 switched to system libslirp, marking that version as fixed. CVE-2020-29129 (ncsi.c in libslirp through 4.3.1 has a buffer over-read because it tri ...) - TODO: check + - libslirp <unfixed> + - qemu 1:4.1-2 + NOTE: https://lists.freedesktop.org/archives/slirp/2020-November/000115.html + NOTE: qemu 1:4.1-2 switched to system libslirp, marking that version as fixed. CVE-2020-29128 (petl before 1.68, in some configurations, allows resolution of entitie ...) TODO: check CVE-2020-29127 |