[ubuntu-cloud-archive/liberty-proposed] qemu (Accepted)
James Page
james.page at ubuntu.com
Fri Dec 11 20:18:40 UTC 2015
qemu (1:2.3+dfsg-5ubuntu9.1~cloud0) trusty-liberty; urgency=medium
.
* New update for the Ubuntu Cloud Archive.
.
qemu (1:2.3+dfsg-5ubuntu9.1) wily-security; urgency=medium
.
* SECURITY UPDATE: denial of service via jumbo frame flood in virtio
- debian/patches/CVE-2015-7295.patch: drop truncated packets in
hw/net/virtio-net.c, hw/virtio/virtio.c, include/hw/virtio/virtio.h.
- CVE-2015-7295
* SECURITY UPDATE: loopback mode heap overflow vulnerability in pcnet
- debian/patches/CVE-2015-7504.patch: leave room for CRC code in
hw/net/pcnet.c.
- CVE-2015-7504
* SECURITY UPDATE: non-loopback mode buffer overflow in pcnet
- debian/patches/CVE-2015-7512.patch: check packet length in
hw/net/pcnet.c.
- CVE-2015-7512
* SECURITY UPDATE: infinite loop in eepro100
- debian/patches/CVE-2015-8345.patch: prevent endless loop in
hw/net/eepro100.c.
- CVE-2015-8345
Date: Fri, 11 Dec 2015 14:59:40 +0000
Changed-By: Openstack Ubuntu Testing Bot <openstack-testing-bot at ubuntu.com>
Signed-By: Openstack Ubuntu Testing Bot
Published-By: James Page <james.page at ubuntu.com>
More information about the Cloud-archive-changes
mailing list