Control: severity -1 minor 02.06.2013 22:53, Michael Gilbert wrote: > Package: qemu > Severity: serious > version: 1.5.0+dfsg-1 > Tags: security > > Hi, > An out-of-bounds issue in virtio was published for qemu: > https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2013-2016
Yes, that's the case. However, the issue is so small, -- they wern't sure it is worth assigning a CVE# for it. I even forgot to include the fix for it to the latest 1.5.0-3 release. Setting severity as that. > I've checked squeeze and wheezy (both qemu and qemu-kvm). They are > both not affected. Thank you for that! > If you fix the vulnerability please also make sure to include the > CVE (Common Vulnerabilities & Exposures) id in your changelog entry. Yes, sure. Thank you for the bugreport and the diagnostics! /mjt -- To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org