[ubuntu/disco-proposed] qemu 1:2.12+dfsg-3ubuntu9 (Accepted)
Christian Ehrhardt
christian.ehrhardt at canonical.com
Mon Nov 26 15:26:18 UTC 2018
qemu (1:2.12+dfsg-3ubuntu9) disco; urgency=medium
[ Marc Deslauriers ]
* SECURITY UPDATE: integer overflow in NE2000 NIC emulation
- debian/patches/CVE-2018-10839.patch: use proper type in
hw/net/ne2000.c.
- CVE-2018-10839
* SECURITY UPDATE: integer overflow via crafted QMP command
- debian/patches/CVE-2018-12617.patch: check bytes count read by
guest-file-read in qga/commands-posix.c.
- CVE-2018-12617
* SECURITY UPDATE: OOB heap buffer r/w access in NVM Express Controller
- debian/patches/CVE-2018-16847.patch: check size in hw/block/nvme.c.
- CVE-2018-16847
* SECURITY UPDATE: buffer overflow in rtl8139
- debian/patches/CVE-2018-17958.patch: use proper type in
hw/net/rtl8139.c.
- CVE-2018-17958
* SECURITY UPDATE: buffer overflow in pcnet
- debian/patches/CVE-2018-17962.patch: use proper type in
hw/net/pcnet.c.
- CVE-2018-17962
* SECURITY UPDATE: DoS via large packet sizes
- debian/patches/CVE-2018-17963.patch: check size in net/net.c.
- CVE-2018-17963
* SECURITY UPDATE: DoS in lsi53c895a
- debian/patches/CVE-2018-18849.patch: check message length value is
valid in hw/scsi/lsi53c895a.c.
- CVE-2018-18849
* SECURITY UPDATE: Out-of-bounds r/w stack access in ppc64
- debian/patches/CVE-2018-18954.patch: check size before data buffer
access in hw/ppc/pnv_lpc.c.
- CVE-2018-18954
* SECURITY UPDATE: race condition in 9p
- debian/patches/CVE-2018-19364-1.patch: use write lock in
hw/9pfs/cofile.c.
- debian/patches/CVE-2018-19364-2.patch: use write lock in
hw/9pfs/9p.c.
- CVE-2018-19364
[ Christian Ehrhardt]
* debian/patches/ubuntu/lp1787405-*: Support guest dedicated Crypto
Adapters on s390x (LP: #1787405)
* enable opengl for vfio-MDEV support (LP: #1804766)
- d/control-in: set --enable-opengl
- d/control-in: add gl related build-dependencies
Date: Wed, 21 Nov 2018 13:17:01 -0500
Changed-By: Christian Ehrhardt <christian.ehrhardt at canonical.com>
Maintainer: Ubuntu Developers <ubuntu-devel-discuss at lists.ubuntu.com>
https://launchpad.net/ubuntu/+source/qemu/1:2.12+dfsg-3ubuntu9
-------------- next part --------------
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512
Format: 1.8
Date: Wed, 21 Nov 2018 13:17:01 -0500
Source: qemu
Binary: qemu qemu-system qemu-block-extra qemu-system-data qemu-system-common qemu-system-gui qemu-system-misc qemu-system-arm qemu-system-mips qemu-system-ppc qemu-system-sparc qemu-system-x86 qemu-user qemu-user-static qemu-user-binfmt qemu-utils qemu-guest-agent qemu-kvm qemu-system-s390x
Architecture: source
Version: 1:2.12+dfsg-3ubuntu9
Distribution: disco
Urgency: medium
Maintainer: Ubuntu Developers <ubuntu-devel-discuss at lists.ubuntu.com>
Changed-By: Christian Ehrhardt <christian.ehrhardt at canonical.com>
Description:
qemu - fast processor emulator, dummy package
qemu-block-extra - extra block backend modules for qemu-system and qemu-utils
qemu-guest-agent - Guest-side qemu-system agent
qemu-kvm - QEMU Full virtualization on x86 hardware
qemu-system - QEMU full system emulation binaries
qemu-system-arm - QEMU full system emulation binaries (arm)
qemu-system-common - QEMU full system emulation binaries (common files)
qemu-system-data - QEMU full system emulation (data files)
qemu-system-gui - QEMU full system emulation binaries (user interface and audio sup
qemu-system-mips - QEMU full system emulation binaries (mips)
qemu-system-misc - QEMU full system emulation binaries (miscellaneous)
qemu-system-ppc - QEMU full system emulation binaries (ppc)
qemu-system-s390x - QEMU full system emulation binaries (s390x)
qemu-system-sparc - QEMU full system emulation binaries (sparc)
qemu-system-x86 - QEMU full system emulation binaries (x86)
qemu-user - QEMU user mode emulation binaries
qemu-user-binfmt - QEMU user mode binfmt registration for qemu-user
qemu-user-static - QEMU user mode emulation binaries (static version)
qemu-utils - QEMU utilities
Launchpad-Bugs-Fixed: 1787405 1804766
Changes:
qemu (1:2.12+dfsg-3ubuntu9) disco; urgency=medium
.
[ Marc Deslauriers ]
* SECURITY UPDATE: integer overflow in NE2000 NIC emulation
- debian/patches/CVE-2018-10839.patch: use proper type in
hw/net/ne2000.c.
- CVE-2018-10839
* SECURITY UPDATE: integer overflow via crafted QMP command
- debian/patches/CVE-2018-12617.patch: check bytes count read by
guest-file-read in qga/commands-posix.c.
- CVE-2018-12617
* SECURITY UPDATE: OOB heap buffer r/w access in NVM Express Controller
- debian/patches/CVE-2018-16847.patch: check size in hw/block/nvme.c.
- CVE-2018-16847
* SECURITY UPDATE: buffer overflow in rtl8139
- debian/patches/CVE-2018-17958.patch: use proper type in
hw/net/rtl8139.c.
- CVE-2018-17958
* SECURITY UPDATE: buffer overflow in pcnet
- debian/patches/CVE-2018-17962.patch: use proper type in
hw/net/pcnet.c.
- CVE-2018-17962
* SECURITY UPDATE: DoS via large packet sizes
- debian/patches/CVE-2018-17963.patch: check size in net/net.c.
- CVE-2018-17963
* SECURITY UPDATE: DoS in lsi53c895a
- debian/patches/CVE-2018-18849.patch: check message length value is
valid in hw/scsi/lsi53c895a.c.
- CVE-2018-18849
* SECURITY UPDATE: Out-of-bounds r/w stack access in ppc64
- debian/patches/CVE-2018-18954.patch: check size before data buffer
access in hw/ppc/pnv_lpc.c.
- CVE-2018-18954
* SECURITY UPDATE: race condition in 9p
- debian/patches/CVE-2018-19364-1.patch: use write lock in
hw/9pfs/cofile.c.
- debian/patches/CVE-2018-19364-2.patch: use write lock in
hw/9pfs/9p.c.
- CVE-2018-19364
.
[ Christian Ehrhardt]
* debian/patches/ubuntu/lp1787405-*: Support guest dedicated Crypto
Adapters on s390x (LP: #1787405)
* enable opengl for vfio-MDEV support (LP: #1804766)
- d/control-in: set --enable-opengl
- d/control-in: add gl related build-dependencies
Checksums-Sha1:
be2dcbb1b5ffcac0f5f9377953701ab696035821 6730 qemu_2.12+dfsg-3ubuntu9.dsc
a9e826a66bc3c155871fe2afef575d7f57afffa9 148812 qemu_2.12+dfsg-3ubuntu9.debian.tar.xz
dd826f101440dca54503367c26eeec4f4f3d834e 9257 qemu_2.12+dfsg-3ubuntu9_source.buildinfo
Checksums-Sha256:
9fde733b5af8d405267048e964575fb9fbe49c1ffc3e56e846ac1fc66dfb0524 6730 qemu_2.12+dfsg-3ubuntu9.dsc
ddd21b4daa27b8789e87c18b14c77ce1a55848f530344326e96de6a1832ea592 148812 qemu_2.12+dfsg-3ubuntu9.debian.tar.xz
c3bf59d69d4a97f1fafee5984125c095c058684eca7ae4605a1ed81324d667b1 9257 qemu_2.12+dfsg-3ubuntu9_source.buildinfo
Files:
f145a5958f3cc5e695a35b46835eb66b 6730 otherosfs optional qemu_2.12+dfsg-3ubuntu9.dsc
712267bcface784373d4126cc6f49cef 148812 otherosfs optional qemu_2.12+dfsg-3ubuntu9.debian.tar.xz
3c9c6d999b58c3747480420b19a36bae 9257 otherosfs optional qemu_2.12+dfsg-3ubuntu9_source.buildinfo
Original-Maintainer: Debian QEMU Team <pkg-qemu-devel at lists.alioth.debian.org>
-----BEGIN PGP SIGNATURE-----
iQIzBAEBCgAdFiEEktYY9mjyL47YC+71uj4pM4KAskIFAlv8B0oACgkQuj4pM4KA
skKbmw/7B8rGVdS2ngRY1F9JFC6QVAOGtnKlgNKkPDjvFQMmoEAEhCetNRI1F8ND
+d8Pdu0OeGFjW0kDc+eEHs1INRU+uYGJOxLWREZzjc6dXdn5C5sLsv9tqQBx5EQD
4lj/Jvyz9dWzWVByevOPeXsVwCy46p+th+8LJjt/sX2c1zox+/rjCAuJKGrbg3YN
fZOLoSGPgM+WqWeOn7qeYowkSSERMBx1asBB8VRzAeLk/5DnZYW8Vu+ksXg7hQ8a
o0K6jfMLFItM/QFqXM+ibmm0mB5UuAKyCe7Gb8p1v+Q7UETrZOGLxcMOSskwYs8Q
TLluFU6wv1C4uXVmor7fk4BS79CoVnuXRbKRMOA0+ERaHrpbh3Xo4aXxGuQ5J+mK
t5I75rUDe9BDYqBQMeuNjFMTtNiL6q6gDJjNVFeCgXsrDj7ffY8rZL8puWLcMHj1
TNLzH0RKFKxkl/ppkUaYuKD6ihOhEAb5wMcIpuP6HProQjbENHPaAU7rijQYzRM+
G7+qdIulCw3+U6u75DxaRjw1wxkHyUaAA0aJ7iHGY6WQtX9yjFYAKbfNkL4F93UB
zSrbf2iaAH7A3dlnffmFR6eiGHFqus20jEd/QnuGRk7xsi117IPs/tXN380NqST9
PUQlui4zrMxQw3NE9rpVuVH0G7EyhuEvp3x4R5j+TAUsnXPAcWI=
=hfX5
-----END PGP SIGNATURE-----
More information about the Disco-changes
mailing list