Re: qemu - CVE-2018-19665: bt subsystem mishandles negative length variables

To: debian-lts@lists.debian.org
Subject: Re: qemu - CVE-2018-19665: bt subsystem mishandles negative length variables
From: Adrian Zaugg <adi@ente.limmat.ch>
Date: Sun, 27 Jan 2019 13:32:03 +0100
Message-id: <[🔎] 6a9ed1d9-16d8-cf08-ad62-f73be524f7d3@ente.limmat.ch>
In-reply-to: <[🔎] 20190112165201.GA2479@hle-laptop.local>
References: <[🔎] 20190112165201.GA2479@hle-laptop.local>



On 1/12/19 5:52 PM, Hugo Lefeuvre wrote:

the subsystem doesn't seem to be very actively maintained and that the user
base is quite small, it is maybe better to mark this no-dsa in stretch and

Please don't forget thet Debian has derivates that do not get summed upin popcon.d.o. So the user base might be bigger than assumed.


Regards, Adrian.

Reply to:

Follow-Ups:
- Re: qemu - CVE-2018-19665: bt subsystem mishandles negative length variables
  - From: Hugo Lefeuvre <hle@debian.org>

References:
- qemu - CVE-2018-19665: bt subsystem mishandles negative length variables
  - From: Hugo Lefeuvre <hle@debian.org>

Prev by Date: Re: Python3.4
Next by Date: Re: [SECURITY] [DSA 4371-1] apt security update
Previous by thread: qemu - CVE-2018-19665: bt subsystem mishandles negative length variables
Next by thread: Re: qemu - CVE-2018-19665: bt subsystem mishandles negative length variables
Index(es):
- Date
- Thread