Hi Philippe, On Wed, Nov 09, 2022 at 08:43:19AM +0100, Philippe Mathieu-Daudé wrote: > On 8/11/22 21:57, Stefan Hajnoczi wrote: > > I've dropped the SDHCI CVE fix due to the CI failure. > > > > The rest of the commits are still in the staging tree and I plan to > > include them in v7.2.0-rc0. > > Thank you Stefan, sorry for not catching that failure sooner.
I was looking through some older CVE's for qemu which are tracked still unfixed in Debian and noticed CVE-2022-3872 . Do you happen to know if the fix for CVE-2022-3872, the dropped one above, was ever fixed in another way? Or did that felt trough the cracks? Regards, Salvatore
