Univention Bugzilla – Bug 49584
qemu: Multiple issues (4.3)
Last modified: 2019-06-24 13:34:55 CEST
New Debian qemu 1:2.8+dfsg-6+deb9u6A~4.3.4.201906031044 fixes: This update addresses the following issues: * 1:2.8+dfsg-6+deb9u6 (Wed, 29 May 2019 14:39:09 +0300) [ Moritz Mühlenhoff <jmm@debian.org> ] * slirp-correct-size-computation-concatenating-mbuf-CVE-2018-11806.patch , CVE-2018-11806) * qga-check-bytes-count-read-by-guest-file-read-CVE-2018-12617.patch , CVE-2018-12617) * usb-mtp-use-O_NOFOLLOW-and-O_CLOEXEC-CVE-2018-16872.patch , CVE-2018-16872) * rtl8139-fix-possible-out-of-bound-access-CVE-2018-17958.patch , CVE-2018-17958) * lsi53c895a-check-message-length-value-is-valid-CVE-2018-18849.patch , CVE-2018-18849) * ppc-pnv-check-size-before-data-buffer-access-CVE-2018-18954.patch , CVE-2018-18954) * 9p-write-lock-path-in-v9fs-co_open2.patch 9p-take-write-lock-on-fid-path-updates-CVE-2018-19364.patch , CVE-2018-19364) * 9p-fix-QEMU-crash-when-renaming-files-CVE-2018-19489.patch , CVE-2018-19489) * i2c-ddc-fix-oob-read-CVE-2019-3812.patch , CVE-2019-3812) * slirp-check-data-length-while-emulating-ident-function-CVE-2019-6778.patch , CVE-2019-6778) * slirp-check-sscanf-result-when-emulating-ident-CVE-2019-9824.patch (Closes: CVE-2019-9824) [ Michael Tokarev ] * enable-md-clear.patch define new CPUID for MDS (Closes: CVE-2018-12126, CVE-2018-12127, CVE-2018-12130, CVE-2019-11091) * qxl-check-release-info-object-CVE-2019-12155.patch fixes null-pointer deref in qxl cleanup code , CVE-2019-12155)
--- mirror/ftp/4.3/unmaintained/4.3-4/source/qemu_2.8+dfsg-6+deb9u5A~4.3.0.201811261055.dsc +++ apt/ucs_4.3-0-errata4.3-4/source/qemu_2.8+dfsg-6+deb9u6A~4.3.0.201906031137.dsc @@ -1,4 +1,4 @@ -1:2.8+dfsg-6+deb9u5A~4.3.0.201811261055 [Mon, 26 Nov 2018 10:55:43 +0100] Univention builddaemon <buildd@univention.de>: +1:2.8+dfsg-6+deb9u6A~4.3.0.201906031137 [Mon, 03 Jun 2019 11:37:43 +0200] Univention builddaemon <buildd@univention.de>: * UCS auto build. The following patches have been applied to the original source package 0001-Disable-Xen-for-UCS @@ -13,6 +13,42 @@ 1007-0008-x86-Work-around-SMI-migration-breakages 1008-0009-migration-ram.c-do-not-set-postcopy_running-in-POSTC +1:2.8+dfsg-6+deb9u6 [Wed, 29 May 2019 14:39:09 +0300] Michael Tokarev <mjt@tls.msk.ru>: + + [ Moritz Mühlenhoff <jmm@debian.org> ] + * slirp-correct-size-computation-concatenating-mbuf-CVE-2018-11806.patch + (Closes: #901017, CVE-2018-11806) + * qga-check-bytes-count-read-by-guest-file-read-CVE-2018-12617.patch + (Closes: #902725, CVE-2018-12617) + * usb-mtp-use-O_NOFOLLOW-and-O_CLOEXEC-CVE-2018-16872.patch + (Closes: #916397, CVE-2018-16872) + * rtl8139-fix-possible-out-of-bound-access-CVE-2018-17958.patch + (Closes: #911499, CVE-2018-17958) + * lsi53c895a-check-message-length-value-is-valid-CVE-2018-18849.patch + (Closes: #912535, CVE-2018-18849) + * ppc-pnv-check-size-before-data-buffer-access-CVE-2018-18954.patch + (Closes: #914604, CVE-2018-18954) + * 9p-write-lock-path-in-v9fs-co_open2.patch + 9p-take-write-lock-on-fid-path-updates-CVE-2018-19364.patch + (Closes: #914599, CVE-2018-19364) + * 9p-fix-QEMU-crash-when-renaming-files-CVE-2018-19489.patch + (Closes: #914727, CVE-2018-19489) + * i2c-ddc-fix-oob-read-CVE-2019-3812.patch + (Closes: #922635, CVE-2019-3812) + * slirp-check-data-length-while-emulating-ident-function-CVE-2019-6778.patch + (Closes: #921525, CVE-2019-6778) + * slirp-check-sscanf-result-when-emulating-ident-CVE-2019-9824.patch + (Closes: CVE-2019-9824) + + [ Michael Tokarev ] + * enable-md-clear.patch + define new CPUID for MDS + (Closes: #929067) + (Closes: CVE-2018-12126, CVE-2018-12127, CVE-2018-12130, CVE-2019-11091) + * qxl-check-release-info-object-CVE-2019-12155.patch + fixes null-pointer deref in qxl cleanup code + (Closes: #929353, CVE-2019-12155) + 1:2.8+dfsg-6+deb9u5 [Thu, 08 Nov 2018 16:41:45 +0100] Moritz Mühlenhoff <jmm@debian.org>: * Backport SSBD support (Closes: #908682) <http://10.200.17.11/4.3-4/#3705739909493113808>
OK: yaml OK: announce_errata OK: patch OK: piuparts OK: diff <(qemu-system-x86_64 -cpu \?) < arat md-clear > arat [4.3-4] 21037aa685 Bug #49584: qemu 1:2.8+dfsg-6+deb9u6A~4.3.4.201906031044 doc/errata/staging/qemu.yaml | 51 ++++++++++++++++++++++++++++++++++++++++++++ 1 file changed, 51 insertions(+)
<http://errata.software-univention.de/ucs/4.3/525.html>