Univention Bugzilla – Bug 50063
qemu: Multiple issues (4.3)
Last modified: 2019-08-28 16:20:57 CEST
New Debian qemu 1:2.8+dfsg-6+deb9u8A~4.3.1.201908270838 fixes: This update addresses the following issues: * device_tree: heap buffer overflow while loading device tree blob (CVE-2018-20815) * qemu-bridge-helper ACL can be bypassed when names are too long (CVE-2019-13164) * slirp: heap buffer overflow during packet reassembly (CVE-2019-14378)
--- mirror/ftp/4.3/unmaintained/component/4.3-4-errata/source/qemu_2.8+dfsg-6+deb9u7A~4.3.0.201906241258.dsc +++ apt/ucs_4.3-0-errata4.3-4/source/qemu_2.8+dfsg-6+deb9u8A~4.3.4.20190827083.dsc @@ -1,4 +1,4 @@ -1:2.8+dfsg-6+deb9u7A~4.3.0.201906241258 [Mon, 24 Jun 2019 12:58:24 +0200] Univention builddaemon <buildd@univention.de>: +1:2.8+dfsg-6+deb9u8A~4.3.4.20190827083 [Tue, 27 Aug 2019 13:14:57 +0200] Univention builddaemon <buildd@univention.de>: * UCS auto build. The following patches have been applied to the original source package 0001-Disable-Xen-for-UCS @@ -13,6 +13,28 @@ 1007-0008-x86-Work-around-SMI-migration-breakages 1008-0009-migration-ram.c-do-not-set-postcopy_running-in-POSTC +1:2.8+dfsg-6+deb9u8 [Fri, 09 Aug 2019 13:41:43 +0300] Michael Tokarev <mjt@tls.msk.ru>: + + [ Michal Arbet ] + * Fix improper backport of CVE-2017-9524 fix that caused NBD + connections to hang (Closes: #873012). Thanks to Geoffrey Thomas. + - nbd-fully-initialize-client-in-case-of-failed-negotiation-CVE-2017-9524.patch: + Don't move nbd_set_handlers before nbd_negotiate. + - nbd-fix-regression-on-resiliency-to-port-scan-CVE-2017-9524.patch: + Refresh. + + [ Michael Tokarev ] + * slirp-fix-heap-overflow-in-ip_reass-on-big-packet-input-CVE-2019-14378.patch + bugfix in user-level networking + Closes: #933741, CVE-2019-14378 + * qemu-bridge-helper-restrict-interface-name-to-IFNAMSIZ-CVE-2019-13164.patch + Closes: #931351, CVE-2019-13164 + * integrate fix-md-clear-backport.patch into enable-md-clear.patch + Thanks Moritz Mühlenhoff and Vincent Tondellier + * device_tree-dont-use-load_image-CVE-2018-20815.patch + fix unlikely overflow via saved image file size + Closes: CVE-2018-20815 + 1:2.8+dfsg-6+deb9u7 [Wed, 05 Jun 2019 23:33:57 +0200] Moritz Mühlenhoff <jmm@debian.org>: * Fix the md_clear backport, thanks to Vincent Tondellier (Closes: #929067) <http://10.200.17.11/4.3-4/#8671156918269261476>
OK: yaml OK: announce_errata OK: patch OK: piuparts [4.3-4] 4297b3b588 Bug #50063: qemu 1:2.8+dfsg-6+deb9u8A~4.3.4.201908270838 doc/errata/staging/qemu.yaml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) [4.3-4] 8a34a050e3 Bug #50063: qemu_1:2.8+dfsg-6+deb9u8A~4.3.1.201908270838 doc/errata/staging/qemu.yaml | 18 ++++++++++++++++++ 1 file changed, 18 insertions(+)
<http://errata.software-univention.de/ucs/4.3/567.html>