[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: SLiRP: use-afte-free in ip_reass() [CVE-2020-1983]
From: |
Michael Tokarev |
Subject: |
Re: SLiRP: use-afte-free in ip_reass() [CVE-2020-1983] |
Date: |
Tue, 21 Apr 2020 15:56:48 +0300 |
User-agent: |
Mozilla/5.0 (X11; Linux x86_64; rv:68.0) Gecko/20100101 Thunderbird/68.7.0 |
21.04.2020 13:33, Daniel P. Berrangé wrote:
[]
> Admittedly this may be troublesome for Debian which, AFAICT, does not
> add new packages to pre-existing stable releases. Presumably someone
> can add it to the "backports" release archive if this is too hard to
> get into a stable release ? Failing that, users would have to build
> slirp themselves.
This wont be a problem for Debian really, exactly due to the reason you
mentioned - backports. I'm backporting libslirp and current qemu right
now.
Thanks!
/mjt