[ubuntu-cloud-archive/kilo-proposed] qemu (Accepted)
James Page
james.page at ubuntu.com
Fri Jul 31 11:21:15 UTC 2015
qemu (1:2.2+dfsg-5expubuntu9.3~cloud0) trusty-kilo; urgency=medium
.
* New update for the Ubuntu Cloud Archive.
.
qemu (1:2.2+dfsg-5expubuntu9.3) vivid-security; urgency=medium
.
* SECURITY UPDATE: out-of-bounds memory access in pit_ioport_read()
- debian/patches/CVE-2015-3214.patch: ignore read in hw/timer/i8254.c.
- CVE-2015-3214
* SECURITY UPDATE: heap overflow when processing ATAPI commands
- debian/patches/CVE-2015-5154.patch: check bounds and clear DRQ in
hw/ide/core.c, make sure command is completed in hw/ide/atapi.c.
- CVE-2015-5154
* SECURITY UPDATE: buffer overflow in scsi_req_parse_cdb
- debian/patches/CVE-2015-5158.patch: check length in
hw/scsi/scsi-bus.c.
- CVE-2015-5158
Date: Tue, 28 Jul 2015 17:01:39 +0000
Changed-By: Openstack Ubuntu Testing Bot <openstack-testing-bot at ubuntu.com>
Signed-By: Openstack Ubuntu Testing Bot
Published-By: James Page <james.page at ubuntu.com>
More information about the Cloud-archive-changes
mailing list