[ubuntu/lucid-security] qemu-kvm 0.12.3+noroms-0ubuntu9.9 (Accepted)
Jamie Strandboge
jamie at ubuntu.com
Fri Jun 10 05:04:05 UTC 2011
qemu-kvm (0.12.3+noroms-0ubuntu9.9) lucid-security; urgency=low
* SECURITY UPDATE: fix heap buffer overflow from unaligned requests
- virtio-blk-fail-unaligned-access-CVE-2011-1750-52c050236e.diff:
patch from Debian
- CVE-2011-1750
* SECURITY UPDATE: verify no_hotplug attribute when handling hot-unplug
requests
- CVE-2011-1751-prep-pci-cleanly-backout-of-pci_qdev_init-925fe64ae7.diff:
Moving common code to a separate function and using it from another
place to fix a memory leak. Backported by Debian
- CVE-2011-1751-prep-hotplug-0-acpi_piix4-qdevfy-e8ec0571e1.diff: This
qdevifies acpi_piix4 device. Backported by Debian
- CVE-2011-1751-prep-hotplug-1-pci-allow-devices-being-tagged-as-not-hotpluggable-180c22e18b.diff:
Introduce a "no_hotplug" attribute and check it in common places
to ensure such devices wont be hot-(un)plugged. This needs the
pci-cleanly-backout-of-pci_qdev_init patch mentioned above. Backported
by Debian
- CVE-2011-1751-prep-hotplug-2-piix-tag-as-not-hotpluggable-0965f12da6.diff:
Backported by Debian
- CVE-2011-1751-prep-hotplug-3-vga-tag-as-not-hotplugable-be92bbf73d.diff:
Mark certain devices as non-hotpluggable. Backported by Debian
- CVE-2011-1751-hotplug-4-ignore-pci-hotplug-requests-for-unpluggable-devices.diff:
Verifies the no_hotplug attribute when handling hot-unplug request from
guest. Backported by Debian
Date: Sun, 29 May 2011 08:35:24 -0500
Changed-By: Jamie Strandboge <jamie at ubuntu.com>
Maintainer: Ubuntu Developers <ubuntu-devel-discuss at lists.ubuntu.com>
https://launchpad.net/ubuntu/lucid/+source/qemu-kvm/0.12.3+noroms-0ubuntu9.9
-------------- next part --------------
Format: 1.8
Date: Sun, 29 May 2011 08:35:24 -0500
Source: qemu-kvm
Binary: qemu-kvm qemu-common qemu-kvm-extras qemu-kvm-extras-static qemu-arm-static kvm qemu
Architecture: source
Version: 0.12.3+noroms-0ubuntu9.9
Distribution: lucid-security
Urgency: low
Maintainer: Ubuntu Developers <ubuntu-devel-discuss at lists.ubuntu.com>
Changed-By: Jamie Strandboge <jamie at ubuntu.com>
Description:
kvm - dummy transitional pacakge from kvm to qemu-kvm
qemu - dummy transitional pacakge from qemu to qemu-kvm
qemu-arm-static - dummy transitional package for qemu-kvm-extras-static
qemu-common - qemu common functionality (bios, documentation, etc)
qemu-kvm - Full virtualization on i386 and amd64 hardware
qemu-kvm-extras - fast processor emulator binaries for non-x86 architectures
qemu-kvm-extras-static - static QEMU user mode emulation binaries
Changes:
qemu-kvm (0.12.3+noroms-0ubuntu9.9) lucid-security; urgency=low
.
* SECURITY UPDATE: fix heap buffer overflow from unaligned requests
- virtio-blk-fail-unaligned-access-CVE-2011-1750-52c050236e.diff:
patch from Debian
- CVE-2011-1750
* SECURITY UPDATE: verify no_hotplug attribute when handling hot-unplug
requests
- CVE-2011-1751-prep-pci-cleanly-backout-of-pci_qdev_init-925fe64ae7.diff:
Moving common code to a separate function and using it from another
place to fix a memory leak. Backported by Debian
- CVE-2011-1751-prep-hotplug-0-acpi_piix4-qdevfy-e8ec0571e1.diff: This
qdevifies acpi_piix4 device. Backported by Debian
- CVE-2011-1751-prep-hotplug-1-pci-allow-devices-being-tagged-as-not-hotpluggable-180c22e18b.diff:
Introduce a "no_hotplug" attribute and check it in common places
to ensure such devices wont be hot-(un)plugged. This needs the
pci-cleanly-backout-of-pci_qdev_init patch mentioned above. Backported
by Debian
- CVE-2011-1751-prep-hotplug-2-piix-tag-as-not-hotpluggable-0965f12da6.diff:
Backported by Debian
- CVE-2011-1751-prep-hotplug-3-vga-tag-as-not-hotplugable-be92bbf73d.diff:
Mark certain devices as non-hotpluggable. Backported by Debian
- CVE-2011-1751-hotplug-4-ignore-pci-hotplug-requests-for-unpluggable-devices.diff:
Verifies the no_hotplug attribute when handling hot-unplug request from
guest. Backported by Debian
Checksums-Sha1:
27d4ef42cff70de754da66fba09aa473c47c4604 2157 qemu-kvm_0.12.3+noroms-0ubuntu9.9.dsc
6733327dbdcc491d80007e5def099eecf642cd38 65661 qemu-kvm_0.12.3+noroms-0ubuntu9.9.diff.gz
Checksums-Sha256:
5359e3e6de1f40090b0205839583daa2f8351c9a3e1e4dabbc0c19323124cad0 2157 qemu-kvm_0.12.3+noroms-0ubuntu9.9.dsc
1bcb5409c7e394f750c1c124aeaf6a8ace9f29a972fbed57a4d27be39280997a 65661 qemu-kvm_0.12.3+noroms-0ubuntu9.9.diff.gz
Files:
d505661f1800e0960d4bc6cfa866a525 2157 misc optional qemu-kvm_0.12.3+noroms-0ubuntu9.9.dsc
65adda2321da678d179d54a996bc7648 65661 misc optional qemu-kvm_0.12.3+noroms-0ubuntu9.9.diff.gz
More information about the Lucid-changes
mailing list