[ubuntu-cloud-archive/ussuri-updates] qemu (Accepted)

[Corey Bryant]

 qemu (1:4.2-3ubuntu6.13~cloud0) bionic-ussuri; urgency=medium
 .
   * New update for the Ubuntu Cloud Archive.
 .
 qemu (1:4.2-3ubuntu6.13) focal; urgency=medium
 .
   * d/p/u/lp-1903864-tpm_emulator-Report-an-error-if-chardev-is-missing.patch:
     fix tpm-emulator: parameter 'chardev' is missing (LP: #1903864)
   * d/p/u/lp-1913395-*: qemu s390x/pci: Honor vfio DMA limiting (LP: #1913395)
 .
 qemu (1:4.2-3ubuntu6.12) focal-security; urgency=medium
 .
   * SECURITY UPDATE: heap overread in iscsi_aio_ioctl_cb
     - debian/patches/ubuntu/CVE-2020-11947.patch: fix heap-buffer-overflow
       in block/iscsi.c.
     - CVE-2020-11947
   * SECURITY UPDATE: use-after-free in e1000e
     - debian/patches/ubuntu/CVE-2020-15859.patch: forbid the reentrant RX
       in net/queue.c.
     - CVE-2020-15859
   * SECURITY UPDATE: OOB write to MSI-X table
     - debian/patches/ubuntu/CVE-2020-27821.patch: clamp cached translation
       in case it points to an MMIO region in exec.c.
     - CVE-2020-27821
   * SECURITY UPDATE: infinite loop in e1000e
     - debian/patches/ubuntu/CVE-2020-28916.patch: advance desc_offset in
       case of null descriptor in hw/net/e1000e_core.c.
     - CVE-2020-28916
   * SECURITY UPDATE: out of bounds read in atapi
     - debian/patches/ubuntu/CVE-2020-29443-1.patch: assert that the buffer
       pointer is in range in hw/ide/atapi.c.
     - debian/patches/ubuntu/CVE-2020-29443-2.patch: check logical block
       address and read size in hw/ide/atapi.c.
     - CVE-2020-29443
   * SECURITY UPDATE: use after free in 9p
     - debian/patches/ubuntu/CVE-2021-20181.patch: fully restart unreclaim
       loop in hw/9pfs/9p.c.
     - CVE-2021-20181

Date: Thu, 11 Feb 2021 17:57:15 +0000
Changed-By: Openstack Ubuntu Testing Bot <openstack-testing-bot at ubuntu.com>
Signed-By: Openstack Ubuntu Testing Bot
Published-By: Corey Bryant <corey.bryant at canonical.com>