[ubuntu-cloud-archive/queens-updates] qemu (Accepted)
Corey Bryant
corey.bryant at canonical.com
Mon Mar 1 17:26:27 UTC 2021
qemu (1:2.11+dfsg-1ubuntu7.35~cloud0) xenial-queens; urgency=medium
.
* New update for the Ubuntu Cloud Archive.
.
qemu (1:2.11+dfsg-1ubuntu7.35) bionic-security; urgency=medium
.
* SECURITY UPDATE: heap overread in iscsi_aio_ioctl_cb
- debian/patches/CVE-2020-11947.patch: fix heap-buffer-overflow in
block/iscsi.c.
- CVE-2020-11947
* SECURITY UPDATE: use-after-free in e1000e
- debian/patches/CVE-2020-15859.patch: forbid the reentrant RX in
net/queue.c.
- CVE-2020-15859
* SECURITY UPDATE: infinite loop in e1000e
- debian/patches/CVE-2020-28916.patch: advance desc_offset in case of
null descriptor in hw/net/e1000e_core.c.
- CVE-2020-28916
* SECURITY UPDATE: out of bounds read in atapi
- debian/patches/CVE-2020-29443-1.patch: assert that the buffer pointer
is in range in hw/ide/atapi.c.
- debian/patches/CVE-2020-29443-2.patch: check logical block address
and read size in hw/ide/atapi.c.
- CVE-2020-29443
* SECURITY UPDATE: use after free in 9p
- debian/patches/CVE-2021-20181.patch: fully restart unreclaim loop in
hw/9pfs/9p.c.
- CVE-2021-20181
Date: Tue, 09 Feb 2021 04:26:02 +0000
Changed-By: Openstack Ubuntu Testing Bot <openstack-testing-bot at ubuntu.com>
Signed-By: Openstack Ubuntu Testing Bot
Published-By: Corey Bryant <corey.bryant at canonical.com>
More information about the Cloud-archive-changes
mailing list