Source: qemu Version: 2.1+dfsg-1 Severity: important Tags: security upstream patch
Hi, the following vulnerability was published for qemu. CVE-2016-1922[0]: i386: null pointer dereference in vapic_write() If you fix the vulnerability please also make sure to include the CVE (Common Vulnerabilities & Exposures) id in your changelog entry. For further information see: [0] https://security-tracker.debian.org/tracker/CVE-2016-1922 [1] https://lists.gnu.org/archive/html/qemu-devel/2016-01/msg02812.html [2] https://bugzilla.redhat.com/show_bug.cgi?id=1283934 Please adjust the affected versions in the BTS as needed. I suspect that wheezy is not affected and the issue is possibly introduced after 4917cf44326a1bda2fd7f27303aff7a25ad86518 (v1.6.0-rc0). Can you double-check and/or confirm the right introducing version so that we can update the secuirty-tracker info? Regards, Salvatore
