[ubuntu-cloud-archive/liberty-proposed] qemu (Accepted)
James Page
james.page at ubuntu.com
Mon Aug 3 08:13:55 UTC 2015
qemu (1:2.3+dfsg-5ubuntu3~cloud0) trusty-liberty; urgency=medium
.
* New update for the Ubuntu Cloud Archive.
.
qemu (1:2.3+dfsg-5ubuntu3) wily; urgency=medium
.
* SECURITY UPDATE: out-of-bounds memory access in pit_ioport_read()
- debian/patches/CVE-2015-3214.patch: ignore read in hw/timer/i8254.c.
- CVE-2015-3214
* SECURITY UPDATE: heap overflow when processing ATAPI commands
- debian/patches/CVE-2015-5154.patch: check bounds and clear DRQ in
hw/ide/core.c, make sure command is completed in hw/ide/atapi.c.
- CVE-2015-5154
* SECURITY UPDATE: buffer overflow in scsi_req_parse_cdb
- debian/patches/CVE-2015-5158.patch: check length in
hw/scsi/scsi-bus.c.
- CVE-2015-5158
Date: Fri, 31 Jul 2015 09:03:17 +0200
Changed-By: James Page <james.page at ubuntu.com>
Signed-By: James Page <james.page at ubuntu.com>
Published-By: James Page <james.page at ubuntu.com>
More information about the Cloud-archive-changes
mailing list