[ubuntu/cosmic-proposed] qemu 1:2.11+dfsg-1ubuntu9 (Accepted)

Marc Deslauriers marc.deslauriers at ubuntu.com
Wed May 16 18:58:14 UTC 2018 

qemu (1:2.11+dfsg-1ubuntu9) cosmic; urgency=medium

  * SECURITY UPDATE: out-of-bounds access during migration via ps2
    - debian/patches/ubuntu/CVE-2017-16845.patch: check PS2Queue pointers
      in post_load routine in hw/input/ps2.c.
    - CVE-2017-16845
  * SECURITY UPDATE: arbitrary code execution via load_multiboot
    - debian/patches/ubuntu/CVE-2018-7550.patch: handle bss_end_addr being
      zero in hw/i386/multiboot.c.
    - CVE-2018-7550
  * SECURITY UPDATE: denial of service in Cirrus CLGD 54xx VGA
    - debian/patches/ubuntu/CVE-2018-7858.patch: fix region calculation in
      hw/display/vga.c.
    - CVE-2018-7858

Date: Wed, 16 May 2018 14:14:20 -0400
Changed-By: Marc Deslauriers <marc.deslauriers at ubuntu.com>
Maintainer: Ubuntu Developers <ubuntu-devel-discuss at lists.ubuntu.com>
https://launchpad.net/ubuntu/+source/qemu/1:2.11+dfsg-1ubuntu9
-------------- next part --------------
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

Format: 1.8
Date: Wed, 16 May 2018 14:14:20 -0400
Source: qemu
Binary: qemu qemu-system qemu-block-extra qemu-system-common qemu-system-misc qemu-system-arm qemu-system-mips qemu-system-ppc qemu-system-sparc qemu-system-x86 qemu-user qemu-user-static qemu-user-binfmt qemu-utils qemu-guest-agent qemu-kvm qemu-system-s390x
Architecture: source
Version: 1:2.11+dfsg-1ubuntu9
Distribution: cosmic
Urgency: medium
Maintainer: Ubuntu Developers <ubuntu-devel-discuss at lists.ubuntu.com>
Changed-By: Marc Deslauriers <marc.deslauriers at ubuntu.com>
Description:
 qemu       - fast processor emulator
 qemu-block-extra - extra block backend modules for qemu-system and qemu-utils
 qemu-guest-agent - Guest-side qemu-system agent
 qemu-kvm   - QEMU Full virtualization on x86 hardware
 qemu-system - QEMU full system emulation binaries
 qemu-system-arm - QEMU full system emulation binaries (arm)
 qemu-system-common - QEMU full system emulation binaries (common files)
 qemu-system-mips - QEMU full system emulation binaries (mips)
 qemu-system-misc - QEMU full system emulation binaries (miscellaneous)
 qemu-system-ppc - QEMU full system emulation binaries (ppc)
 qemu-system-s390x - QEMU full system emulation binaries (s390x)
 qemu-system-sparc - QEMU full system emulation binaries (sparc)
 qemu-system-x86 - QEMU full system emulation binaries (x86)
 qemu-user  - QEMU user mode emulation binaries
 qemu-user-binfmt - QEMU user mode binfmt registration for qemu-user
 qemu-user-static - QEMU user mode emulation binaries (static version)
 qemu-utils - QEMU utilities
Changes:
 qemu (1:2.11+dfsg-1ubuntu9) cosmic; urgency=medium
 .
   * SECURITY UPDATE: out-of-bounds access during migration via ps2
     - debian/patches/ubuntu/CVE-2017-16845.patch: check PS2Queue pointers
       in post_load routine in hw/input/ps2.c.
     - CVE-2017-16845
   * SECURITY UPDATE: arbitrary code execution via load_multiboot
     - debian/patches/ubuntu/CVE-2018-7550.patch: handle bss_end_addr being
       zero in hw/i386/multiboot.c.
     - CVE-2018-7550
   * SECURITY UPDATE: denial of service in Cirrus CLGD 54xx VGA
     - debian/patches/ubuntu/CVE-2018-7858.patch: fix region calculation in
       hw/display/vga.c.
     - CVE-2018-7858
Checksums-Sha1:
 b329f4f4aaf9d2191b468bf2a3965243fbf76a84 6572 qemu_2.11+dfsg-1ubuntu9.dsc
 9fc24d0460c409bb31564cda82ebe6aa000cef91 231024 qemu_2.11+dfsg-1ubuntu9.debian.tar.xz
 0cf14848e112aca73f81906b06d66d836541abe2 14457 qemu_2.11+dfsg-1ubuntu9_source.buildinfo
Checksums-Sha256:
 9bbcc469bd9c893cf26c1d4617f05c5c0b055b58fdf648b1ea0e9e0caa177021 6572 qemu_2.11+dfsg-1ubuntu9.dsc
 2b3ecbddd6d9002249725fed24e742fa9a6629521bf25e9e7d01e80af1936461 231024 qemu_2.11+dfsg-1ubuntu9.debian.tar.xz
 463a4a92237fdf4cebc1d4fecde10a3fa9d535ab102b78571a859b541677ae70 14457 qemu_2.11+dfsg-1ubuntu9_source.buildinfo
Files:
 820e284a7db84c3d36bad5dd4bf15730 6572 otherosfs optional qemu_2.11+dfsg-1ubuntu9.dsc
 f2c6cac3cac5c5550a19487c8ebc882c 231024 otherosfs optional qemu_2.11+dfsg-1ubuntu9.debian.tar.xz
 6e258db1284fbcde0cb10cc3ef73024e 14457 otherosfs optional qemu_2.11+dfsg-1ubuntu9_source.buildinfo
Original-Maintainer: Debian QEMU Team <pkg-qemu-devel at lists.alioth.debian.org>

-----BEGIN PGP SIGNATURE-----

iQIzBAEBCgAdFiEEUMSg3c8x5FLOsZtRZWnYVadEvpMFAlr8fK4ACgkQZWnYVadE
vpMpwg/+Ks+YXidJA//Zc92kqGNRS0LO2oGI5UvbR6/ngFFGQw+Iaty1XovDC9/g
TpxGwcyUirfFx8FIlqzUWR1xezxt+5l/h0083uCQVVOaqGPKUtz+Jcpo0Kw8ddew
Fng6eCKvsB6gEzN6QlToS53kxVT+Zwdk4NxVfL0XnnUHvjTtzFiMTRGz4YEyyw9o
/Skr8NmnHxmBnszXDPCuS6keB5fOOX1pbpjXaZwaG5khNYV3U4gtU06lEN6wl0eZ
xja8ziMcqXsw83aiUDMFZThof9P7nf9/0ZSB5H2Nj0v7Vbx0B3fHgi+lchx1e1J6
seMT9S5+b7R4o8n8cVyAHS79BzAwW5yAuSfghWBFyHgeu4y4jVOUASqEx02EPaII
BX4A2JLc0VRO4aDbY/6J46kpUT4so+vItIJ6Z+60qzB5dn6hcLhQtfKiM1PeDmO4
rnjLstG7nwdWWD1MoTsVUdSmZbYQlKCUNNtlw/kvZgxKRNjZ77+VGCpAf31IyMv4
zGl1FSOMuCl4I6Sd/9I6wB2MmUe3f4pOx/8PLrrCLFTSdWzbMlTUpr7VDREfEnMQ
ClU+td0eT0VTVJhqdmxPYBmrLp0E00mHLl2spXuFj+v/C7wYsOjysDjOYO+NSVhc
10attXyfadONeU+6yPq+k63NCRpTnoayGyU4Cf+pQnrcHpztFS4=
=JK6V
-----END PGP SIGNATURE-----

More information about the Cosmic-changes mailing list