[ubuntu/xenial-security] qemu 1:2.5+dfsg-5ubuntu10.38 (Accepted)
Steve Beattie
sbeattie at ubuntu.com
Tue May 14 17:03:35 UTC 2019
qemu (1:2.5+dfsg-5ubuntu10.38) xenial-security; urgency=medium
* SECURITY UPDATE: Add support for exposing md-clear functionality
to guests
- d/p/ubuntu/enable-md-clear.patch
- CVE-2018-12126, CVE-2018-12127, CVE-2018-12130, CVE-2019-11091
* SECURITY UPDATE: heap overflow when loading device tree blob
- d/p/ubuntu/CVE-2018-20815.patch: specify how large the buffer to
copy the device tree blob into is.
- CVE-2018-20815
* SECURITY UPDATE: information leak in SLiRP
- d/p/ubuntu/CVE-2019-9824.patch: check sscanf result when
emulating ident.
- CVE-2019-9824
qemu (1:2.5+dfsg-5ubuntu10.38~test.1) xenial-security; urgency=medium
* Add support for exposing md-clear functionality to guests
- d/u/enable-md-clear.patch
qemu (1:2.5+dfsg-5ubuntu10.37) xenial; urgency=medium
* d/p/lp1823458/add-VirtIONet-vhost_stopped-flag-to-prevent-multiple.patch,
d/p/lp1823458/do-not-call-vhost_net_cleanup-on-running-net-from-ch.patch:
- Prevent crash due to race condition on shutdown;
this is fixed differently upstream (starting in Bionic), but
the change is too large to backport into Xenial. These two very
small patches work around the problem in an unintrusive way.
(LP: #1823458)
Date: 2019-05-09 09:31:28.500762+00:00
Changed-By: Steve Beattie <sbeattie at ubuntu.com>
https://launchpad.net/ubuntu/+source/qemu/1:2.5+dfsg-5ubuntu10.38
-------------- next part --------------
Sorry, changesfile not available.
More information about the Xenial-changes
mailing list