~paelzer/ubuntu/+source/qemu:bug-1847361-miss-old-so-on-upgrade-SRU-EOAN

Last commit made on 2020-04-22
Get this branch:
git clone -b bug-1847361-miss-old-so-on-upgrade-SRU-EOAN https://git.launchpad.net/~paelzer/ubuntu/+source/qemu
Only Christian Ehrhardt  can upload to this branch. If you are Christian Ehrhardt  please log in for upload directions.

Branch merges

Branch information

Name:
bug-1847361-miss-old-so-on-upgrade-SRU-EOAN
Repository:
lp:~paelzer/ubuntu/+source/qemu

Recent commits

6f6d396... by Christian Ehrhardt  on 2020-03-02

changelog: allow qemu to load old modules post upgrade (LP: #1847361)

Signed-off-by: Christian Ehrhardt <email address hidden>

1cf1bb3... by Christian Ehrhardt  on 2020-03-13

d/rules: enable --enable-module-upgrades where --enable-modules is set

Signed-off-by: Christian Ehrhardt <email address hidden>

e4d0974... by Christian Ehrhardt  on 2020-03-13

d/rules: generate maintainer scripts matching package version

Signed-off-by: Christian Ehrhardt <email address hidden>

885f572... by Christian Ehrhardt  on 2020-03-03

d/qemu-block-extra.*.in, d/qemu-system-gui.*.in: save shared objects on upgrade

Signed-off-by: Christian Ehrhardt <email address hidden>

84c7e2f... by Christian Ehrhardt  on 2020-03-02

d/p/ubuntu/lp-1847361-modules-load-upgrade.patch: allow qemu to load old modules post upgrade (LP: #1847361)

Signed-off-by: Christian Ehrhardt <email address hidden>

0471802... by Marc Deslauriers on 2020-02-11

Import patches-unapplied version 1:4.0+dfsg-0ubuntu9.4 to ubuntu/eoan-security

Imported using git-ubuntu import.

Changelog parent: c01a0f48ab96a0afc0f93ff50c54ae39c565cb7f

New changelog entries:
  * SECURITY UPDATE: OOB heap access via unexpected iSCSI Server response
    - debian/patches/ubuntu/CVE-2020-1711.patch: cap block count from GET
      LBA STATUS in block/iscsi.c.
    - CVE-2020-1711
  * SECURITY UPDATE: heap-based overflow in slirp networking
    - debian/patches/ubuntu/CVE-2020-7039-1.patch: fix oob issue in
      slirp/src/tcp_subr.c.
    - debian/patches/ubuntu/CVE-2020-7039-2.patch: use correct size while
      emulating IRC commands in slirp/src/tcp_subr.c.
    - debian/patches/ubuntu/CVE-2020-7039-3.patch: use correct size while
      emulating commands in slirp/src/tcp_subr.c.
    - CVE-2020-7039
  * SECURITY UPDATE: buffer overflow via incorrect snprintf return codes
    - debian/patches/ubuntu/CVE-2020-8608-1.patch: add slirp_fmt() helpers
      to slirp/src/util.c, slirp/src/util.h.
    - debian/patches/ubuntu/CVE-2020-8608-2.patch: fix unsafe snprintf()
      usages in slirp/src/tcp_subr.c.
    - CVE-2020-8608

c01a0f4... by Dan Streetman on 2020-01-22

Import patches-unapplied version 1:4.0+dfsg-0ubuntu9.3 to ubuntu/eoan-proposed

Imported using git-ubuntu import.

Changelog parent: 885a75a32e6120b1c7650484d54fec407129a430

New changelog entries:
  * d/p/lp1859527-virtio-blk-fix-out-of-bounds-access-to-bitmap-in-not.patch:
    fix bitmap index to prevent OOB access when # of vqs > 64 (LP: #1859527)

885a75a... by Christian Ehrhardt  on 2019-10-21

Import patches-unapplied version 1:4.0+dfsg-0ubuntu9.2 to ubuntu/eoan-proposed

Imported using git-ubuntu import.

Changelog parent: 19a7330b6d571d272990baeb07e8b9aa7ed75255

New changelog entries:
  * d/p/ubuntu/lp-1848556-curl-Handle-success-in-multi_check_completion.patch:
    fix a potential hang when qemu or qemu-img where accessing http backed
    disks via libcurl (LP: #1848556)
  * d/p/u/lp-1848497-virtio-balloon-fix-QEMU-4.0-config-size-migration-in.patch:
    fix migration issue from qemu <4.0 when using virtio-balloon (LP: #1848497)

19a7330... by Steve Beattie on 2019-11-08

Import patches-unapplied version 1:4.0+dfsg-0ubuntu9.1 to ubuntu/eoan-security

Imported using git-ubuntu import.

Changelog parent: 47f2ca308f040c840b63217a89528747d5be15b1

New changelog entries:
  * SECURITY UPDATE: infinite loop when executing LSI scsi adapter
    emulator scripts
    - d/p/u/CVE-2019-12068.patch: Move the existing loop exit
    - CVE-2019-12068
  * SECURITY UPDATE: null pointer dereference in qxl display driver
    - d/p/u/CVE-2019-12155.patch: qxl: check release info object
    - CVE-2019-12155
  * SECURITY UPDATE: qemu-bridge-helper interface name buffer overflow
    - d/p/u/CVE-2019-13164.patch: qemu-bridge-helper: restrict
      interface name to IFNAMSIZ
    - CVE-2019-13164
  * SECURITY UPDATE: heap overflow in slirp
    - d/p/u/CVE-2019-14378.patch: slirp: Fix heap overflow in ip_reass
      on big packet input
    - CVE-2019-14378
  * SECURITY UPDATE: use after free vulnerability in slirp
    - d/p/u/CVE-2019-15890.patch: slirp: ip_reass: Fix use after free
    - CVE-2019-15890
  * Add support for exposing "taa-no" flag to guests:
    - d/p/u/CVE-2019-11135-taa-no.patch
    - CVE-2019-11135
  * Add support for exposing "pschange-mc-no" to guests:
    - d/p/u/pschange-mce.patch

47f2ca3... by Christian Ehrhardt  on 2019-09-24

Import patches-unapplied version 1:4.0+dfsg-0ubuntu9 to ubuntu/eoan-proposed

Imported using git-ubuntu import.

Upload parent: c1a855ad86dd5997ad8e38f15805b41184236133