qemu-kvm 0.12.3+noroms-0ubuntu9.24 source package in Ubuntu
Changelog
qemu-kvm (0.12.3+noroms-0ubuntu9.24) lucid-security; urgency=medium * SECURITY UPDATE: denial of service and possible code exection via incorrect image format validation (LP: #1322204) - debian/patches/CVE-2014-0142.patch: validate extent_size header field in block/bochs.c, validate s->tracks in block/parallels.c, validate block size in block/vpc.c, backport function to qemu-common.h, backport DIV_ROUND_UP to osdep.h. - CVE-2014-0142 * SECURITY UPDATE: denial of service and possible code exection via incorrect image format validation (LP: #1322204) - debian/patches/CVE-2014-0143.patch: validate nb_sectors in block.c, validate catalog_size header field in block/bochs.c, prevent offsets_size integer overflow in block/cloop.c, fix catalog size integer overflow in block/parallels.c, validate new_l1_size in block/qcow2-cluster.c, use proper size in block/qcow2-refcount.c, check L1 snapshot table size in block/qcow2-snapshot.c, check active L1 table size in block/qcow2.c, define max size in block/qcow2.h. - CVE-2014-0143 * SECURITY UPDATE: denial of service and possible code exection via incorrect image format validation (LP: #1322204) - debian/patches/CVE-2014-0144.patch: validate block sizes and offsets in block/cloop.c, check offset in block/curl.c, validate size in block/qcow2-refcount.c, check number of snapshots in block/qcow2-snapshot.c, check sizes and offsets in block/qcow2.c, move structs to block/qcow2.h, check sizes in block/vdi.c, prevent overflows in block/vpc.c. - CVE-2014-0144 * SECURITY UPDATE: denial of service and possible code exection via incorrect image format validation (LP: #1322204) - debian/patches/CVE-2014-0145.patch: check chunk sizes in block/dmg.c, use correct size in block/qcow2-snapshot.c. - CVE-2014-0145 * SECURITY UPDATE: denial of service and possible code exection via incorrect image format validation (LP: #1322204) - debian/patches/CVE-2014-0146.patch: calculate offsets properly in block/qcow2.c. - CVE-2014-0146 * SECURITY UPDATE: denial of service and possible code exection via incorrect image format validation (LP: #1322204) - debian/patches/CVE-2014-0147.patch: use proper sizes in block/bochs.c. - CVE-2014-0147 * SECURITY UPDATE: multiple buffer overflows on invalid state load - debian/patches: added large number of upstream patches pulled from git tree. - CVE-2013-4148 - CVE-2013-4151 - CVE-2013-4530 - CVE-2013-4531 - CVE-2013-4533 - CVE-2013-4534 - CVE-2013-4537 - CVE-2013-4538 - CVE-2013-4539 - CVE-2013-4540 - CVE-2013-6399 - CVE-2014-0182 - CVE-2014-0222 - CVE-2014-0223 -- Marc Deslauriers <email address hidden> Tue, 12 Aug 2014 14:35:45 -0400
Upload details
- Uploaded by:
- Marc Deslauriers
- Uploaded to:
- Lucid
- Original maintainer:
- Ubuntu Developers
- Architectures:
- i386 amd64 powerpc s390 lpia all armel sparc
- Section:
- misc
- Urgency:
- Medium Urgency
See full publishing history Publishing
Series | Published | Component | Section |
---|
Downloads
File | Size | SHA-256 Checksum |
---|---|---|
qemu-kvm_0.12.3+noroms.orig.tar.gz | 3.7 MiB | f5db4af3cd2bd01bc4142b8e0c7cc7da7c8231382512d99dd5e0c3acda30aa6d |
qemu-kvm_0.12.3+noroms-0ubuntu9.24.diff.gz | 88.9 KiB | 75e6d28cce7fe5350dcbc541ca244009a2fe06b818773ade0069e3cc805fbf0e |
qemu-kvm_0.12.3+noroms-0ubuntu9.24.dsc | 2.1 KiB | a3b5d4907e209af694c69f3c8eb9410c25116f96b28c43f4f3f6580b3d5e4dc0 |
Available diffs
Binary packages built by this source
- kvm: No summary available for kvm in ubuntu lucid.
No description available for kvm in ubuntu lucid.
- qemu: No summary available for qemu in ubuntu lucid.
No description available for qemu in ubuntu lucid.
- qemu-arm-static: No summary available for qemu-arm-static in ubuntu lucid.
No description available for qemu-arm-static in ubuntu lucid.
- qemu-common: No summary available for qemu-common in ubuntu lucid.
No description available for qemu-common in ubuntu lucid.
- qemu-kvm: No summary available for qemu-kvm in ubuntu lucid.
No description available for qemu-kvm in ubuntu lucid.
- qemu-kvm-extras: No summary available for qemu-kvm-extras in ubuntu lucid.
No description available for qemu-kvm-extras in ubuntu lucid.
- qemu-kvm-extras-static: No summary available for qemu-kvm-extras-static in ubuntu lucid.
No description available for qemu-kvm-
extras- static in ubuntu lucid.