[ubuntu/precise-security] qemu-kvm 1.0+noroms-0ubuntu14.27 (Accepted)
Marc Deslauriers
marc.deslauriers at canonical.com
Wed Feb 3 12:35:01 UTC 2016
qemu-kvm (1.0+noroms-0ubuntu14.27) precise-security; urgency=medium
* SECURITY UPDATE: vnc floating point exception
- debian/patches/CVE-2015-8504.patch: handle zero values in ui/vnc.c.
- CVE-2015-8504
* SECURITY UPDATE: paravirtualized drivers incautious about shared memory
contents
- debian/patches/CVE-2015-8550-1.patch: avoid double access in
hw/xen_blkif.h.
- debian/patches/CVE-2015-8550-2.patch: avoid reading twice in
hw/xenfb.c.
- CVE-2015-8550
* SECURITY UPDATE: infinite loop in ehci_advance_state
- debian/patches/CVE-2015-8558.patch: make idt processing more robust
in hw/usb-ehci.c.
- CVE-2015-8558
* SECURITY UPDATE: ne2000 OOB r/w in ioport operations
- debian/patches/CVE-2015-8743.patch: fix bounds check in ioport
operations in hw/ne2000.c.
- CVE-2015-8743
* SECURITY UPDATE: ahci use-after-free vulnerability in aio port commands
- debian/patches/CVE-2016-1568.patch: reset ncq object to unused on
error in hw/ide/ahci.c.
- CVE-2016-1568
* SECURITY UPDATE: firmware configuration device OOB rw access
- debian/patches/CVE-2016-1714.patch: avoid calculating invalid current
entry pointer in hw/fw_cfg.c.
- CVE-2016-1714
* SECURITY UPDATE: e1000 infinite loop
- debian/patches/CVE-2016-1981.patch: eliminate infinite loops on
out-of-bounds transfer start in hw/e1000.c.
- CVE-2016-1981
Date: 2016-02-02 14:21:12.951803+00:00
Changed-By: Marc Deslauriers <marc.deslauriers at canonical.com>
https://launchpad.net/ubuntu/+source/qemu-kvm/1.0+noroms-0ubuntu14.27
-------------- next part --------------
Sorry, changesfile not available.
More information about the Precise-changes
mailing list