FEDORA-2021-b96947cc69 — security update for libslirp

unpushed

libslirp-4.3.1-4.fc33

FEDORA-2021-b96947cc69 created by elmarco 3 years ago for Fedora 33

Fix CVE-2021-3592 CVE-2021-3593 CVE-2021-3594 CVE-2021-3595 out-of-bounds access

This update has been submitted for testing by elmarco.

3 years ago

This update's test gating status has been changed to 'failed'.

3 years ago

This update's test gating status has been changed to 'waiting'.

3 years ago

This update's test gating status has been changed to 'failed'.

3 years ago

This update's test gating status has been changed to 'passed'.

3 years ago

This update has been pushed to testing.

3 years ago

dimitrisk commented & provided feedback 3 years ago

karma

Had to distro-sync back, same problem as FEDORA-2021-99f48ecd5d

Bodhi is disabling automatic push to stable due to negative karma. The maintainer may push manually if they determine that the issue is not severe.

3 years ago

elmarco commented 3 years ago

This update has been unpushed.

Please login to add feedback.

Metadata

Type

security

Severity

low

Karma

-1

Signed

Content Type

RPM

Test Gating

passed

Autopush Settings

Unstable by Karma

-3

Stable by Karma

disabled

Stable by Time

disabled

Thresholds

Minimum Karma

Minimum Testing

14 days

Dates

submitted

3 years ago

in testing

3 years ago

Builds

libslirp-4.3.1-4.fc33

BZ#1972243 CVE-2021-3595 libslirp: QEMU: slirp: invalid pointer initialization may lead to information disclosure (tftp) [fedora-all]

BZ#1972249 CVE-2021-3592 libslirp: QEMU: slirp: invalid pointer initialization may lead to information disclosure (bootp) [fedora-all]

BZ#1972250 CVE-2021-3593 libslirp: QEMU: slirp: invalid pointer initialization may lead to information disclosure (udp6) [fedora-all]

BZ#1972252 CVE-2021-3594 libslirp: QEMU: slirp: invalid pointer initialization may lead to information disclosure (udp) [fedora-all]

libslirp-4.3.1-4.fc33

Automated Test Results

passed