Univention Bugzilla – Bug 57149
qemu: Multiple issues (5.0)
Last modified: 2024-03-27 13:56:42 CET
New Debian qemu 1:3.1+dfsg-8+deb10u12 fixes: This update addresses the following issues: 1:3.1+dfsg-8+deb10u12 (Mon, 11 Mar 2024 16:57:08 +0200) * Non-maintainer upload by the LTS Team. * CVE-2023-2861: 9pfs did not prohibit opening special files on the host side * CVE-2023-3354: remote unauthenticated clients could cause denial of service in VNC server * CVE-2023-5088: IDE guest I/O operation addressed to an arbitrary disk offset might get targeted to offset 0 instead
--- mirror/ftp/pool/main/q/qemu/qemu_3.1+dfsg-8+deb10u11.dsc +++ apt/ucs_5.0-0-errata5.0-7/source/qemu_3.1+dfsg-8+deb10u12.dsc @@ -1,3 +1,13 @@ +1:3.1+dfsg-8+deb10u12 [Mon, 11 Mar 2024 16:57:08 +0200] Adrian Bunk <bunk@debian.org>: + + * Non-maintainer upload by the LTS Team. + * CVE-2023-2861: 9pfs did not prohibit opening special files + on the host side + * CVE-2023-3354: remote unauthenticated clients could cause + denial of service in VNC server + * CVE-2023-5088: IDE guest I/O operation addressed to an arbitrary + disk offset might get targeted to offset 0 instead + 1:3.1+dfsg-8+deb10u11 [Thu, 05 Oct 2023 14:39:20 +0100] Sean Whitton <spwhitton@spwhitton.name>: * Non-maintainer upload by the LTS Security Team. <http://piuparts.knut.univention.de/5.0-7/#8809427289651141871>
OK: bug OK: yaml OK: announce_errata OK: patch OK: piuparts [5.0-7] 04b229e0d4 Bug #57149: qemu 1:3.1+dfsg-8+deb10u12 doc/errata/staging/qemu.yaml | 37 +++++++++++++++++++------------------ 1 file changed, 19 insertions(+), 18 deletions(-) [5.0-7] c6b5c15b15 Bug #57149: qemu 1:3.1+dfsg-8+deb10u12 doc/errata/staging/qemu.yaml | 25 ++++++++++++++++++------- 1 file changed, 18 insertions(+), 7 deletions(-) [5.0-7] 0cece50518 Bug #57149: qemu 1:3.1+dfsg-8+deb10u12 doc/errata/staging/qemu.yaml | 20 ++++++++++++++++++++ 1 file changed, 20 insertions(+)
<https://errata.software-univention.de/#/?erratum=5.0x1007>