Hi,

On Wed, Aug 25, 2021 at 01:57:03PM +0000, Debian Bug Tracking System wrote:
> This is an automatic notification regarding your Bug report
> which was filed against the qemu package:
> 
> #984449: CVE-2021-3392
> 
> It has been closed by Michael Tokarev <[email protected]>.
> 
> Their explanation is attached below along with your original report.
> If this explanation is unsatisfactory and you have not received a
> better one in a separate message then please contact Michael Tokarev 
> <[email protected]> by
> replying to this email.
> 
> 
> -- 
> 984449: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=984449
> Debian Bug Tracking System
> Contact [email protected] with problems

> Date: Wed, 25 Aug 2021 16:55:01 +0300
> From: Michael Tokarev <[email protected]>
> To: [email protected]
> Subject: Fixed by 5.2+dfsg-10
> User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:78.0) Gecko/20100101
>  Thunderbird/78.13.0
> Message-ID: <[email protected]>
> 
> Version: 1:5.2+dfsg-10
> 
> This issue has been fixed by 5.2+dfsg-10 release, by this change:
> 
>   * mptsas-remove-unused-MPTSASState.pending-CVE-2021-3392.patch
>     fix possible use-after-free in mptsas_free_request
>     (Cloese: #984449, CVE-2021-3392)
> 
> I dunno why it hasn't been closed automatically.

There is a typo in the Closes marker, thus got not added to the Closes
field.

Thanks for notifying.

Regards,
Salvatore

Reply via email to