ubuntu/+source/qemu:applied/ubuntu/eoan-security

Last commit made on 2020-02-18
Get this branch:
git clone -b applied/ubuntu/eoan-security https://git.launchpad.net/ubuntu/+source/qemu
Members of Ubuntu Server Dev import team can upload to this branch. Log in for directions.

Branch merges

Branch information

Name:
applied/ubuntu/eoan-security
Repository:
lp:ubuntu/+source/qemu

Recent commits

f797fa3... by Marc Deslauriers on 2020-02-11

Import patches-applied version 1:4.0+dfsg-0ubuntu9.4 to applied/ubuntu/eoan-security

Imported using git-ubuntu import.

Changelog parent: 28bf1ef0fb1aa33a5acfd993f6aef20dd3dd44d2
Unapplied parent: c05bc3addcf3e0c788133dac436537b7e4c59471

New changelog entries:
  * SECURITY UPDATE: OOB heap access via unexpected iSCSI Server response
    - debian/patches/ubuntu/CVE-2020-1711.patch: cap block count from GET
      LBA STATUS in block/iscsi.c.
    - CVE-2020-1711
  * SECURITY UPDATE: heap-based overflow in slirp networking
    - debian/patches/ubuntu/CVE-2020-7039-1.patch: fix oob issue in
      slirp/src/tcp_subr.c.
    - debian/patches/ubuntu/CVE-2020-7039-2.patch: use correct size while
      emulating IRC commands in slirp/src/tcp_subr.c.
    - debian/patches/ubuntu/CVE-2020-7039-3.patch: use correct size while
      emulating commands in slirp/src/tcp_subr.c.
    - CVE-2020-7039
  * SECURITY UPDATE: buffer overflow via incorrect snprintf return codes
    - debian/patches/ubuntu/CVE-2020-8608-1.patch: add slirp_fmt() helpers
      to slirp/src/util.c, slirp/src/util.h.
    - debian/patches/ubuntu/CVE-2020-8608-2.patch: fix unsafe snprintf()
      usages in slirp/src/tcp_subr.c.
    - CVE-2020-8608

c05bc3a... by Marc Deslauriers on 2020-02-11

[PATCH] tcp_emu: fix unsafe snprintf() usages

Gbp-Pq: ubuntu/CVE-2020-8608-2.patch.

94ca4b2... by Marc Deslauriers on 2020-02-11

[PATCH] util: add slirp_fmt() helpers

Gbp-Pq: ubuntu/CVE-2020-8608-1.patch.

fff1a8a... by Marc Deslauriers on 2020-02-11

[PATCH] slirp: use correct size while emulating commands

Gbp-Pq: ubuntu/CVE-2020-7039-3.patch.

388e7d2... by Marc Deslauriers on 2020-02-11

[PATCH] slirp: use correct size while emulating IRC commands

Gbp-Pq: ubuntu/CVE-2020-7039-2.patch.

0c2286e... by Marc Deslauriers on 2020-02-11

[PATCH] tcp_emu: Fix oob access

Gbp-Pq: ubuntu/CVE-2020-7039-1.patch.

1d4ed4b... by Marc Deslauriers on 2020-02-11

[PATCH] iscsi: Cap block count from GET LBA STATUS (CVE-2020-1711)

Gbp-Pq: ubuntu/CVE-2020-1711.patch.

591ea55... by Marc Deslauriers on 2020-02-11

[PATCH] virtio-blk: fix out-of-bounds access to bitmap in

Gbp-Pq: lp1859527-virtio-blk-fix-out-of-bounds-access-to-bitmap-in-not.patch.

4e71ff5... by Marc Deslauriers on 2020-02-11

[PATCH] virtio-balloon: fix QEMU 4.0 config size migration

Gbp-Pq: ubuntu/lp-1848497-virtio-balloon-fix-QEMU-4.0-config-size-migration-in.patch.

98241f5... by Marc Deslauriers on 2020-02-11

[PATCH] curl: Handle success in multi_check_completion

Gbp-Pq: ubuntu/lp-1848556-curl-Handle-success-in-multi_check_completion.patch.