[ubuntu/lunar-proposed] qemu 1:7.0+dfsg-7ubuntu4 (Accepted)

Nishit Majithia nishit.majithia at canonical.com
Tue Jan 3 06:38:16 UTC 2023 

qemu (1:7.0+dfsg-7ubuntu4) lunar; urgency=medium

  * SECURITY UPDATE: use-after-free vulnerability
    - debian/patches/CVE-2022-0216-*.patch: fix use-after-free in
      lsi_do_msgout
    - CVE-2022-0216
  * SECURITY UPDATE: heap overflow vulnerability
    - debian/patches/CVE-2022-2962.patch: tulip: Restrict DMA engine to
      memories
    - CVE-2022-2962
  * SECURITY UPDATE: integer underflow vulnerability
    - debian/patches/CVE-2022-3165.patch: fix integer underflow in
      vnc_client_cut_text_ext
    - CVE-2022-3165

Date: Fri, 09 Dec 2022 10:25:52 +0530
Changed-By: Nishit Majithia <nishit.majithia at canonical.com>
Maintainer: Ubuntu Developers <ubuntu-devel-discuss at lists.ubuntu.com>
Signed-By: Alex Murray <alex.murray at canonical.com>
https://launchpad.net/ubuntu/+source/qemu/1:7.0+dfsg-7ubuntu4
-------------- next part --------------
Format: 1.8
Date: Fri, 09 Dec 2022 10:25:52 +0530
Source: qemu
Built-For-Profiles: noudeb
Architecture: source
Version: 1:7.0+dfsg-7ubuntu4
Distribution: lunar
Urgency: medium
Maintainer: Ubuntu Developers <ubuntu-devel-discuss at lists.ubuntu.com>
Changed-By: Nishit Majithia <nishit.majithia at canonical.com>
Changes:
 qemu (1:7.0+dfsg-7ubuntu4) lunar; urgency=medium
 .
   * SECURITY UPDATE: use-after-free vulnerability
     - debian/patches/CVE-2022-0216-*.patch: fix use-after-free in
       lsi_do_msgout
     - CVE-2022-0216
   * SECURITY UPDATE: heap overflow vulnerability
     - debian/patches/CVE-2022-2962.patch: tulip: Restrict DMA engine to
       memories
     - CVE-2022-2962
   * SECURITY UPDATE: integer underflow vulnerability
     - debian/patches/CVE-2022-3165.patch: fix integer underflow in
       vnc_client_cut_text_ext
     - CVE-2022-3165
Checksums-Sha1:
 1554ec159c423b3829ab1a2e5f82d2227cb93359 6907 qemu_7.0+dfsg-7ubuntu4.dsc
 4390a96d7f37ab33a16ba51ab18863898daed82a 173992 qemu_7.0+dfsg-7ubuntu4.debian.tar.xz
 33599ace833dfd0dbfd678645ae296c51e7cb5ba 20890 qemu_7.0+dfsg-7ubuntu4_source.buildinfo
Checksums-Sha256:
 2553a505fe9f7fff92b654f7f9cd5a5593db68a762ece6d6482924ccc5ab92e6 6907 qemu_7.0+dfsg-7ubuntu4.dsc
 25aedbb560e0dbaee0617524f30513630415cefaaf7bd98d1d3be391b283b3c8 173992 qemu_7.0+dfsg-7ubuntu4.debian.tar.xz
 40e2cd6f99f1771513b26add0be4c010fcea81e1ef1fd78594c7729e91d561d7 20890 qemu_7.0+dfsg-7ubuntu4_source.buildinfo
Files:
 95cda8bfb9b89cd01b2da4404631549f 6907 otherosfs optional qemu_7.0+dfsg-7ubuntu4.dsc
 d0a4984af6d7a4538b32bb26118cdb29 173992 otherosfs optional qemu_7.0+dfsg-7ubuntu4.debian.tar.xz
 aadc1cc17cf46c6303ec5da2de1649f8 20890 otherosfs optional qemu_7.0+dfsg-7ubuntu4_source.buildinfo
Original-Maintainer: Debian QEMU Team <pkg-qemu-devel at lists.alioth.debian.org>

More information about the lunar-changes mailing list