[ubuntu/vivid-security] qemu 1:2.2+dfsg-5expubuntu9.3 (Accepted)
Marc Deslauriers
marc.deslauriers at canonical.com
Tue Jul 28 16:21:26 UTC 2015
qemu (1:2.2+dfsg-5expubuntu9.3) vivid-security; urgency=medium
* SECURITY UPDATE: out-of-bounds memory access in pit_ioport_read()
- debian/patches/CVE-2015-3214.patch: ignore read in hw/timer/i8254.c.
- CVE-2015-3214
* SECURITY UPDATE: heap overflow when processing ATAPI commands
- debian/patches/CVE-2015-5154.patch: check bounds and clear DRQ in
hw/ide/core.c, make sure command is completed in hw/ide/atapi.c.
- CVE-2015-5154
* SECURITY UPDATE: buffer overflow in scsi_req_parse_cdb
- debian/patches/CVE-2015-5158.patch: check length in
hw/scsi/scsi-bus.c.
- CVE-2015-5158
Date: 2015-07-27 19:04:13.063009+00:00
Changed-By: Marc Deslauriers <marc.deslauriers at canonical.com>
https://launchpad.net/ubuntu/+source/qemu/1:2.2+dfsg-5expubuntu9.3
-------------- next part --------------
Sorry, changesfile not available.
More information about the Vivid-changes
mailing list