On Thu, Sep 08, 2016 at 07:29:55AM +0200, Guido Günther wrote: > > If you find useful information on e.g. howto reproduce the bug or about > the proper upstream fix use > > NOTE: > > See e.g. this entry from the top of the current data/CVE/list: > > > CVE-2016-7155 [scsi: pvscsi: OOB read and infinite loop while setting > descriptor rings] > - qemu <unfixed> > - qemu-kvm <removed> > NOTE: Upstream patch: > https://lists.gnu.org/archive/html/qemu-devel/2016-09/msg00050.html > NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=1373462 > NOTE: http://www.openwall.com/lists/oss-security/2016/09/06/2 >
Thanks for the explanation. It looks like someone already annotated icu, so I will keep this in mind for next time. Regards, -Roberto -- Roberto C. Sánchez http://people.connexer.com/~roberto http://www.connexer.com
