[ubuntu-cloud-archive/kilo-proposed] qemu (Accepted)

James Page james.page at ubuntu.com
Fri Jul 31 11:21:15 UTC 2015

 qemu (1:2.2+dfsg-5expubuntu9.3~cloud0) trusty-kilo; urgency=medium
   * New update for the Ubuntu Cloud Archive.
 qemu (1:2.2+dfsg-5expubuntu9.3) vivid-security; urgency=medium
   * SECURITY UPDATE: out-of-bounds memory access in pit_ioport_read()
     - debian/patches/CVE-2015-3214.patch: ignore read in hw/timer/i8254.c.
     - CVE-2015-3214
   * SECURITY UPDATE: heap overflow when processing ATAPI commands
     - debian/patches/CVE-2015-5154.patch: check bounds and clear DRQ in
       hw/ide/core.c, make sure command is completed in hw/ide/atapi.c.
     - CVE-2015-5154
   * SECURITY UPDATE: buffer overflow in scsi_req_parse_cdb
     - debian/patches/CVE-2015-5158.patch: check length in
     - CVE-2015-5158

Date: Tue, 28 Jul 2015 17:01:39 +0000
Changed-By: Openstack Ubuntu Testing Bot <openstack-testing-bot at ubuntu.com>
Signed-By: Openstack Ubuntu Testing Bot
Published-By: James Page <james.page at ubuntu.com>

More information about the Cloud-archive-changes mailing list