[ubuntu-cloud-archive/queens-updates] qemu (Accepted)

[Corey Bryant]

 qemu (1:2.11+dfsg-1ubuntu7.34~cloud0) xenial-queens; urgency=medium
 .
   * New update for the Ubuntu Cloud Archive.
 .
 qemu (1:2.11+dfsg-1ubuntu7.34) bionic-security; urgency=medium
 .
   * SECURITY UPDATE: heap buffer overflow in sdhci_sdma_transfer_multi_blocks()
     - debian/patches/CVE-2020-17380.patch: fix DMA Transfer Block Size
       field in hw/sd/sdhci.c.
     - CVE-2020-17380
     - CVE-2020-25085
   * SECURITY UPDATE: use-after-free via unchecked return value
     - debian/patches/CVE-2020-25084.patch: check return value of
       'usb_packet_map' in hw/usb/hcd-xhci.c.
     - CVE-2020-25084
   * SECURITY UPDATE: out-of-bound access issue
     - debian/patches/CVE-2020-25624.patch: check len and frame_number
       variables in hw/usb/hcd-ohci.c.
     - CVE-2020-25624
   * SECURITY UPDATE: infinite loop when a TD list has a loop
     - debian/patches/CVE-2020-25625.patch: check for processed TD before
       retire in hw/usb/hcd-ohci.c.
     - CVE-2020-25625
   * SECURITY UPDATE: assertion failure through usb_packet_unmap()
     - debian/patches/CVE-2020-25723.patch: check return value of
       'usb_packet_map' in hw/usb/hcd-ehci.c.
     - CVE-2020-25723
   * SECURITY UPDATE: assertion failure
     - debian/patches/CVE-2020-27617.patch: remove an assert call in
       eth_get_gso_type in net/eth.c.
     - CVE-2020-27617

Date: Tue, 01 Dec 2020 04:26:50 +0000
Changed-By: Openstack Ubuntu Testing Bot <openstack-testing-bot at ubuntu.com>
Signed-By: Openstack Ubuntu Testing Bot
Published-By: Corey Bryant <corey.bryant at canonical.com>