[ubuntu-cloud-archive/havana-proposed] qemu (Accepted)
James Page
james.page at ubuntu.com
Mon Feb 10 13:50:37 UTC 2014
qemu (1.5.0+dfsg-3ubuntu5.3~cloud0) precise-havana; urgency=low
.
* New update for the Ubuntu Cloud Archive.
.
qemu (1.5.0+dfsg-3ubuntu5.3) saucy-security; urgency=medium
.
* SECURITY UPDATE: denial of service via virtio device hot-plugging
- debian/patches/CVE-2013-4377.patch: backport upstream commits to
refactor virtio device unplugging.
- CVE-2013-4377
* SECURITY UPDATE: privilege escalation via REPORT LUNS
- debian/patches/CVE-2013-4344.patch: support more than 256 LUNS in
hw/scsi/scsi-bus.c, include/hw/scsi/scsi.h.
- CVE-2013-4344
* SECURITY UPDATE: denial of service in qdisk PV disk backend
- debian/patches/CVE-2013-4375.patch: mark ioreq as mapped before
unmapping in error case in hw/block/xen_disk.c.
- CVE-2013-4375
Date: Fri, 31 Jan 2014 00:06:03 -0500
Changed-By: Openstack Ubuntu Testing Bot <openstack-testing-bot at ubuntu.com>
Signed-By: Openstack Ubuntu Testing Bot
Published-By: James Page <james.page at ubuntu.com>
More information about the Cloud-archive-changes
mailing list