[ubuntu/trusty-security] qemu 2.0.0+dfsg-2ubuntu1.46 (Accepted)
Steve Beattie
sbeattie at ubuntu.com
Tue May 14 17:03:38 UTC 2019
qemu (2.0.0+dfsg-2ubuntu1.46) trusty-security; urgency=medium
* SECURITY UPDATE: Add support for exposing md-clear functionality
to guests
- d/p/ubuntu/enable-md-clear.patch
- CVE-2018-12126, CVE-2018-12127, CVE-2018-12130, CVE-2019-11091
* SECURITY UPDATE: heap overflow when loading device tree blob
- d/p/ubuntu/CVE-2018-20815.patch: specify how large the buffer to
copy the device tree blob into is.
- d/p/ubuntu/CVE-2018-20815-prereq-1.patch: Add load_image_size()
to replace load_image()
- d/p/ubuntu/CVE-2018-20815-prereq-2.patch: Read as long as possible
in load_image_size()
- CVE-2018-20815
* SECURITY UPDATE: information leak in SLiRP
- d/p/ubuntu/CVE-2019-9824.patch: check sscanf result when
emulating ident.
- CVE-2019-9824
Date: 2019-05-09 17:28:12.382140+00:00
Changed-By: Steve Beattie <sbeattie at ubuntu.com>
https://launchpad.net/ubuntu/+source/qemu/2.0.0+dfsg-2ubuntu1.46
-------------- next part --------------
Sorry, changesfile not available.
More information about the Trusty-changes
mailing list