ubuntu/+source/qemu:applied/ubuntu/disco-security

Last commit made on 2019-11-13
Get this branch:
git clone -b applied/ubuntu/disco-security https://git.launchpad.net/ubuntu/+source/qemu
Members of Ubuntu Server Dev import team can upload to this branch. Log in for directions.

Branch merges

Branch information

Name:
applied/ubuntu/disco-security
Repository:
lp:ubuntu/+source/qemu

Recent commits

9922662... by Steve Beattie on 2019-11-07

Import patches-applied version 1:3.1+dfsg-2ubuntu3.6 to applied/ubuntu/disco-security

Imported using git-ubuntu import.

Changelog parent: 601a4c9cdd09a083fae24699fa8dbf13a9126a59
Unapplied parent: 0c32c471dcc7bfbdd4761395354eeb6bb164c6bf

New changelog entries:
  * SECURITY UPDATE: infinite loop when executing LSI scsi adapter
    emulator scripts
    - d/p/u/CVE-2019-12068.patch: Move the existing loop exit
    - CVE-2019-12068
  * SECURITY UPDATE: null pointer dereference in qxl display driver
    - d/p/u/CVE-2019-12155.patch: qxl: check release info object
    - CVE-2019-12155
  * SECURITY UPDATE: qemu-bridge-helper interface name buffer overflow
    - d/p/u/CVE-2019-13164.patch: qemu-bridge-helper: restrict
      interface name to IFNAMSIZ
    - CVE-2019-13164
  * SECURITY UPDATE: heap overflow in slirp
    - d/p/u/CVE-2019-14378.patch: slirp: Fix heap overflow in ip_reass
      on big packet input
    - CVE-2019-14378
  * SECURITY UPDATE: use after free vulnerability in slirp
    - d/p/u/CVE-2019-15890.patch: slirp: ip_reass: Fix use after free
    - CVE-2019-15890
  * Add support for exposing "taa-no" flag to guests:
    - d/p/u/CVE-2019-11135-taa-no.patch
    - CVE-2019-11135
  * Add support for exposing "pschange-mc-no" to guests:
    - d/p/u/pschange-mce.patch

0c32c47... by Steve Beattie on 2019-11-07

[PATCH] slirp: ip_reass: Fix use after free

Gbp-Pq: ubuntu/CVE-2019-15890.patch.

eef07ff... by Steve Beattie on 2019-11-07

[PATCH] slirp: Fix heap overflow in ip_reass on big packet input

Gbp-Pq: ubuntu/CVE-2019-14378.patch.

437b2e5... by Steve Beattie on 2019-11-07

[PATCH] qemu-bridge-helper: restrict interface name to IFNAMSIZ

Gbp-Pq: ubuntu/CVE-2019-13164.patch.

cf8ae78... by Steve Beattie on 2019-11-07

[PATCH] qxl: check release info object

Gbp-Pq: ubuntu/CVE-2019-12155.patch.

0eb223e... by Steve Beattie on 2019-11-07

[PATCH] scsi: lsi: exit infinite loop while executing script

Gbp-Pq: ubuntu/CVE-2019-12068.patch.

8fb59b7... by Steve Beattie on 2019-11-07

[PATCH] target/i386: Export ARCH_CAP_PSCHANGE_MC_NO bit to guests

Gbp-Pq: ubuntu/pschange-mce.patch.

1c9dc91... by Steve Beattie on 2019-11-07

[RFC PATCH] target/i386: Export TAA_NO bit to guests

Gbp-Pq: ubuntu/CVE-2019-11135-taa-no.patch.

cffe2ce... by Steve Beattie on 2019-11-07

[PATCH] s390x/cpumodel: also change name of vxbeh

Gbp-Pq: ubuntu/lp-1836154-s390x-cpumodel-also-change-name-of-vxbeh.patch.

2fb5b6d... by Steve Beattie on 2019-11-07

[PATCH] s390x/cpumodel: remove esort from the default model

Gbp-Pq: ubuntu/lp-1836154-s390x-cpumodel-remove-esort-from-the-default-model.patch.