Univention Bugzilla – Bug 38744
qemu-kvm: multiple issues (4.0)
Last modified: 2015-07-28 15:48:56 CEST
Upstream Debian package version 1.1.2+dfsg-6+deb7u8 fixes these issues: * A privileged guest user in a guest with an AMD PCNet ethernet card enabled can potentially use this flaw to execute arbitrary code on the host with the privileges of the hosting QEMU process (CVE-2015-3209) * QEMU's user mode networking stack uses predictable temporary file names when the -smb option is used. An unprivileged user can use this flaw to cause a denial of service (CVE-2015-4037)
*** Bug 38668 has been marked as a duplicate of this bug. ***
repo_admin.py -U -p qemu-kvm -d wheezy -r 4.0-0-0 -s errata4.0-2 build-package-ng -r 4.0-0-0 -P ucs -s errata4.0-2 --no-pbuilder-update -p qemu-kvm Package: qemu-kvm Version: 1.1.2+dfsg-6.47.201506231351 Branch: ucs_4.0-0 Scope: errata4.0-2 r61426 | Bug #33279: qemu-kvm errata4.0-2 YAML 2015-06-23-qemu-kvm.yaml OK: apt-cache policy qemu-kvm OK: deb-ver-comp 1.1.2+dfsg-6.44.201505131916 1.1.2+dfsg-6.47.201506231351 OK: zless /usr/share/doc/qemu-kvm/changelog.Debian.gz OK: univention-install qemu-kvm=1.1.2+dfsg-6.44.201505131916 OK: univention-install qemu-kvm=1.1.2+dfsg-6.47.201506231351 OK: apt-get remove qemu-kvm OK: univention-install qemu-kvm OK: apt-get purge qemu-kvm OK: univention-install qemu-kvm OK: apt-get remove qemu-kvm OK: apt-get purge qemu-kvm OK: amd64 i386 OK: <model type='pcnet'/>
(In reply to Philipp Hahn from comment #2) > repo_admin.py -U -p qemu-kvm -d wheezy -r 4.0-0-0 -s errata4.0-2 > build-package-ng -r 4.0-0-0 -P ucs -s errata4.0-2 --no-pbuilder-update -p > qemu-kvm > > Package: qemu-kvm > Version: 1.1.2+dfsg-6.47.201506231351 > Branch: ucs_4.0-0 > Scope: errata4.0-2 > > r61426 | Bug #33279: qemu-kvm errata4.0-2 YAML > 2015-06-23-qemu-kvm.yaml > > OK: apt-cache policy qemu-kvm > OK: deb-ver-comp 1.1.2+dfsg-6.44.201505131916 1.1.2+dfsg-6.47.201506231351 > OK: zless /usr/share/doc/qemu-kvm/changelog.Debian.gz > OK: univention-install qemu-kvm=1.1.2+dfsg-6.44.201505131916 > OK: univention-install qemu-kvm=1.1.2+dfsg-6.47.201506231351 > OK: apt-get remove qemu-kvm > OK: univention-install qemu-kvm > OK: apt-get purge qemu-kvm > OK: univention-install qemu-kvm > OK: apt-get remove qemu-kvm > OK: apt-get purge qemu-kvm > OK: amd64 i386 > OK: <model type='pcnet'/> OK r62426 Update yaml OK: Installation + Upgrade OK: Previous VMs and snapshots work fine OK: New instance creation -> Verified
<http://errata.univention.de/ucs/4.0/259.html>