[ubuntu/xenial-updates] qemu 1:2.5+dfsg-5ubuntu10.36 (Accepted)

Ubuntu Archive Robot cjwatson+ubuntu-archive-robot at chiark.greenend.org.uk
Wed Mar 27 12:58:34 UTC 2019


qemu (1:2.5+dfsg-5ubuntu10.36) xenial-security; urgency=medium

  * Spectre/Meltdown fixes for ppc64 (LP: #1765364)
    - debian/patches/lp1765364/*.patches: add backported capabilities and
      spectre/meltdown commits.
  * SECURITY UPDATE: race during file renaming in v9fs_wstat
    - debian/patches/CVE-2018-19489.patch: add locks to hw/9pfs/9p.c.
    - CVE-2018-19489
  * SECURITY UPDATE: heap based buffer overflow in slirp
    - debian/patches/CVE-2019-6778.patch: check data length while emulating
      ident function in slirp/tcp_subr.c.
    - CVE-2019-6778

Date: 2019-03-22 23:44:28.575403+00:00
Changed-By: Marc Deslauriers <marc.deslauriers at canonical.com>
Signed-By: Ubuntu Archive Robot <cjwatson+ubuntu-archive-robot at chiark.greenend.org.uk>
https://launchpad.net/ubuntu/+source/qemu/1:2.5+dfsg-5ubuntu10.36
-------------- next part --------------
Sorry, changesfile not available.


More information about the Xenial-changes mailing list