Re: [PATCH] ati-vga: Fix checks in ati_2d

qemu-devel

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [PATCH] ati-vga: Fix checks in ati_2d_blt() to avoid crash

From:	P J P
Subject:	Re: [PATCH] ati-vga: Fix checks in ati_2d_blt() to avoid crash
Date:	Mon, 24 Aug 2020 18:56:17 +0530 (IST)

+-- On Sat, 22 Aug 2020, Philippe Mathieu-DaudÃ© wrote --+
| This points to a BZ#1847385 which is private:
| "You are not authorized to access bug #1847385.
| https://bugzilla.redhat.com/show_bug.cgi?id=1847385

CVE-2020-24352:
  -> https://bugzilla.redhat.com/show_bug.cgi?id=1847584

This is the pubic bug.

| Maybe we could improve the security process, when a CVE embargo
| expires, the public statement could point at the commit(s) fixing
| the bug.

Yes, we generally tag/log upstream fixes against the CVE bugs. It seems 
missing in this case, maybe because fix was sent upstream latter. Will fix it.


Thank you.
--
Prasad J Pandit / Red Hat Product Security Team
8685 545E B54C 486B C6EB 271E E285 8B5A F050 DE8D

[Prev in Thread]

Current Thread

[Next in Thread]

Re: [PATCH] ati-vga: Fix checks in ati_2d_blt() to avoid crash, Philippe Mathieu-Daudé, 2020/08/22
- Re: [PATCH] ati-vga: Fix checks in ati_2d_blt() to avoid crash, BALATON Zoltan, 2020/08/22
- Re: [PATCH] ati-vga: Fix checks in ati_2d_blt() to avoid crash, Michael Tokarev, 2020/08/24
- Re: [PATCH] ati-vga: Fix checks in ati_2d_blt() to avoid crash, P J P <=

Prev by Date: Re: [PATCH v6 3/4] qapi: add filter-node-name to block-stream
Next by Date: [Bug 1884719] Re: Function not implemented when using libaio
Previous by thread: Re: [PATCH] ati-vga: Fix checks in ati_2d_blt() to avoid crash
Next by thread: [Bug 1892581] [NEW] QEMU 5.1 no longer says anything about inaccessible devices
Index(es):
- Date
- Thread