[ubuntu/disco-proposed] qemu 1:3.1+dfsg-2ubuntu2 (Accepted)

Christian Ehrhardt christian.ehrhardt at canonical.com
Wed Feb 20 16:48:14 UTC 2019


qemu (1:3.1+dfsg-2ubuntu2) disco; urgency=medium

  * disable pvrdma - besides several security holes there are many other
    bugs there as well, and the amount of patches applied upstream after
    3.1 release is large (Closes, or actuallymakes unimportant again)
    - CVE-2018-20123
    - CVE-2018-20124
    - CVE-2018-20125
    - CVE-2018-20126
    - CVE-2018-20191
    - CVE-2018-20216
  * scsi-generic-avoid-possible-oob-access-to-r-buf-CVE-2019-6501.patch
    - CVE-2019-6501
  * slirp-check-data-length-while-emulating-ident-function-CVE-2019-6778.patch
    - CVE-2019-6778

Date: Tue, 19 Feb 2019 06:43:04 +0100
Changed-By: Christian Ehrhardt <christian.ehrhardt at canonical.com>
Maintainer: Ubuntu Developers <ubuntu-devel-discuss at lists.ubuntu.com>
https://launchpad.net/ubuntu/+source/qemu/1:3.1+dfsg-2ubuntu2
-------------- next part --------------
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

Format: 1.8
Date: Tue, 19 Feb 2019 06:43:04 +0100
Source: qemu
Binary: qemu qemu-system qemu-block-extra qemu-system-data qemu-system-common qemu-system-gui qemu-system-misc qemu-system-arm qemu-system-mips qemu-system-ppc qemu-system-sparc qemu-system-x86 qemu-user qemu-user-static qemu-user-binfmt qemu-utils qemu-guest-agent qemu-kvm qemu-system-s390x
Architecture: source
Version: 1:3.1+dfsg-2ubuntu2
Distribution: disco
Urgency: medium
Maintainer: Ubuntu Developers <ubuntu-devel-discuss at lists.ubuntu.com>
Changed-By: Christian Ehrhardt <christian.ehrhardt at canonical.com>
Description:
 qemu       - fast processor emulator, dummy package
 qemu-block-extra - extra block backend modules for qemu-system and qemu-utils
 qemu-guest-agent - Guest-side qemu-system agent
 qemu-kvm   - QEMU Full virtualization on x86 hardware
 qemu-system - QEMU full system emulation binaries
 qemu-system-arm - QEMU full system emulation binaries (arm)
 qemu-system-common - QEMU full system emulation binaries (common files)
 qemu-system-data - QEMU full system emulation (data files)
 qemu-system-gui - QEMU full system emulation binaries (user interface and audio sup
 qemu-system-mips - QEMU full system emulation binaries (mips)
 qemu-system-misc - QEMU full system emulation binaries (miscellaneous)
 qemu-system-ppc - QEMU full system emulation binaries (ppc)
 qemu-system-s390x - QEMU full system emulation binaries (s390x)
 qemu-system-sparc - QEMU full system emulation binaries (sparc)
 qemu-system-x86 - QEMU full system emulation binaries (x86)
 qemu-user  - QEMU user mode emulation binaries
 qemu-user-binfmt - QEMU user mode binfmt registration for qemu-user
 qemu-user-static - QEMU user mode emulation binaries (static version)
 qemu-utils - QEMU utilities
Changes:
 qemu (1:3.1+dfsg-2ubuntu2) disco; urgency=medium
 .
   * disable pvrdma - besides several security holes there are many other
     bugs there as well, and the amount of patches applied upstream after
     3.1 release is large (Closes, or actuallymakes unimportant again)
     - CVE-2018-20123
     - CVE-2018-20124
     - CVE-2018-20125
     - CVE-2018-20126
     - CVE-2018-20191
     - CVE-2018-20216
   * scsi-generic-avoid-possible-oob-access-to-r-buf-CVE-2019-6501.patch
     - CVE-2019-6501
   * slirp-check-data-length-while-emulating-ident-function-CVE-2019-6778.patch
     - CVE-2019-6778
Checksums-Sha1:
 84052ec2d54aa34ea493a9eb8faa9645b362b624 6825 qemu_3.1+dfsg-2ubuntu2.dsc
 3ce9dc63bddaa421018e1c9cb0e1188b400520fd 169532 qemu_3.1+dfsg-2ubuntu2.debian.tar.xz
 af276c98bf6dc714ca951094c2c796674d881341 9390 qemu_3.1+dfsg-2ubuntu2_source.buildinfo
Checksums-Sha256:
 f95167dd8be4d1c440f5eaab75b02cf9df44ad7d37c2df048029a4cc8da1d108 6825 qemu_3.1+dfsg-2ubuntu2.dsc
 9d140665daec04bb03957dc71ee2258873d7601ecd783da8ebd70f94aac5903c 169532 qemu_3.1+dfsg-2ubuntu2.debian.tar.xz
 a4a43f35c2513d78dd43059664f012f03f8dfc31451109eb88a0b25b7ef743c4 9390 qemu_3.1+dfsg-2ubuntu2_source.buildinfo
Files:
 1886517a179d1f7f39daa00b33c9dd60 6825 otherosfs optional qemu_3.1+dfsg-2ubuntu2.dsc
 b0cbdfe2c91d47a99683ea12226f986c 169532 otherosfs optional qemu_3.1+dfsg-2ubuntu2.debian.tar.xz
 67c1f94e116486238ab687808bd75353 9390 otherosfs optional qemu_3.1+dfsg-2ubuntu2_source.buildinfo
Original-Maintainer: Debian QEMU Team <pkg-qemu-devel at lists.alioth.debian.org>

-----BEGIN PGP SIGNATURE-----

iQIzBAEBCgAdFiEEktYY9mjyL47YC+71uj4pM4KAskIFAlxthF4ACgkQuj4pM4KA
skK38w//f73TIQRGU3FFENAFxlNN7nG/eWthrGyHAsIBle2Ke9G2HDqBlGltDbPU
Gm2kuhuYYm2Rh5COgljkslXrPAhrFgWYWPjLDfLCr4tViDlfk/3yzl0DspVXuYnu
cy4/OEWgWeuKl/q9cLA2MCMJThLmzgCETjf+wYuV5plcUpaAWEt2TEJtdmyvivWf
9nP2JXhwMYiXIwLKcR1EHb0g3rA4xsXuu9L6NTGtgPR5DuRFcmMhGXHGGj/eMNs9
OELQ61vhnVQKIIJ4HusfTMGaXsnst512spOPZNwEO9UuZ9fwCiQvrUPzczOFyMRs
QMnCjf26CVqLA9aVV/aBGr8Fib7M8hqt39hLjZa0MS6OLDY6XV6muu+XvuQ9Xupz
1AHQfTZzri8MK5EW2AcL6odq2C2stxSv3kXvM8iL5oTSDdEoLWOwYjXcuAdcGQtV
cp7Ica6rKYHZC+mNHTHrcKW2uKVAz/1f1Hf30Lv2A6JsMqUriw+/UZJ3VUwJ2G/V
p7Rm4ua2PUHbpVkIiuixIYEttuzCArY0k4z4rJY+UXhrvvNYNROKzapyYXA4f0ui
hOwofQyVymtwdl2+4PzdyibGsE7/X8eK6coyq3EqEr6fianB0mVMbUz2XsfBMiPJ
Kcgm1NHk55CJQcmp3GLK00ckyIkF+EKA8YR9hLJ9GzqH1mNrxMs=
=bT4G
-----END PGP SIGNATURE-----


More information about the Disco-changes mailing list