Hello,

All types of video models are affected?

The default is cirrus.

On Mon, 09 May 2016 14:22:37 +0200 Salvatore Bonaccorso <car...@debian.org>
wrote:
> Source: qemu
> Version: 2.1+dfsg-1
> Severity: grave
> Tags: security upstream
>
> Hi,
>
> the following vulnerabilities were published for qemu.
>
> CVE-2016-3710[0]:
> incorrect banked access bounds checking in vga module
>
> CVE-2016-3712[1]:
> Out-of-bounds read when creating weird vga screen surface
>
> If you fix the vulnerabilities please also make sure to include the
> CVE (Common Vulnerabilities & Exposures) ids in your changelog entry.
>
> For further information see:
>
> [0] https://security-tracker.debian.org/tracker/CVE-2016-3710
> [1] https://security-tracker.debian.org/tracker/CVE-2016-3712
> [2] http://xenbits.xen.org/xsa/advisory-179.html
>
> Please adjust the affected versions in the BTS as needed.
>
> Regards,
> Salvatore
>
>

Reply via email to