ubuntu/+source/qemu:applied/ubuntu/xenial-security

Last commit made on 2020-02-18
Get this branch:
git clone -b applied/ubuntu/xenial-security https://git.launchpad.net/ubuntu/+source/qemu
Members of Ubuntu Server Dev import team can upload to this branch. Log in for directions.

Branch merges

Branch information

Name:
applied/ubuntu/xenial-security
Repository:
lp:ubuntu/+source/qemu

Recent commits

c152442... by Marc Deslauriers on 2020-02-13

Import patches-applied version 1:2.5+dfsg-5ubuntu10.43 to applied/ubuntu/xenial-security

Imported using git-ubuntu import.

Changelog parent: 7fe4061ca1d1debb5b8565d599a23b9cac604673
Unapplied parent: fc7a1058e5cdd45eea5bab28afb524849964da8c

New changelog entries:
  * SECURITY UPDATE: OOB heap access via unexpected iSCSI Server response
    - debian/patches/CVE-2020-1711.patch: cap block count from GET LBA
      STATUS in block/iscsi.c.
    - CVE-2020-1711
  * SECURITY UPDATE: heap-based overflow in slirp networking
    - debian/patches/CVE-2020-7039-1.patch: fix oob issue in
      slirp/tcp_subr.c.
    - debian/patches/CVE-2020-7039-2.patch: use correct size while
      emulating IRC commands in slirp/tcp_subr.c.
    - debian/patches/CVE-2020-7039-3.patch: use correct size while
      emulating commands in slirp/tcp_subr.c.
    - CVE-2020-7039
  * SECURITY UPDATE: buffer overflow via incorrect snprintf return codes
    - debian/patches/CVE-2020-8608-1.patch: add slirp_fmt() helpers to
      slirp/slirp.c, slirp/slirp.h.
    - debian/patches/CVE-2020-8608-2.patch: fix unsafe snprintf() usages in
      slirp/tcp_subr.c.
    - CVE-2020-8608

fc7a105... by Marc Deslauriers on 2020-02-13

[PATCH] tcp_emu: fix unsafe snprintf() usages

Gbp-Pq: CVE-2020-8608-2.patch.

60102d6... by Marc Deslauriers on 2020-02-13

[PATCH] util: add slirp_fmt() helpers

Gbp-Pq: CVE-2020-8608-1.patch.

db5a156... by Marc Deslauriers on 2020-02-13

[PATCH] slirp: use correct size while emulating commands

Gbp-Pq: CVE-2020-7039-3.patch.

7f4695e... by Marc Deslauriers on 2020-02-13

[PATCH] slirp: use correct size while emulating IRC commands

Gbp-Pq: CVE-2020-7039-2.patch.

5adb548... by Marc Deslauriers on 2020-02-13

[PATCH] tcp_emu: Fix oob access

Gbp-Pq: CVE-2020-7039-1.patch.

5594192... by Marc Deslauriers on 2020-02-13

[PATCH] iscsi: Cap block count from GET LBA STATUS (CVE-2020-1711)

Gbp-Pq: CVE-2020-1711.patch.

b26365d... by Marc Deslauriers on 2020-02-13

[PATCH] slirp: ip_reass: Fix use after free

Gbp-Pq: CVE-2019-15890.patch.

71d471d... by Marc Deslauriers on 2020-02-13

[PATCH] slirp: Fix heap overflow in ip_reass on big packet input

Gbp-Pq: CVE-2019-14378.patch.

6bde096... by Marc Deslauriers on 2020-02-13

[PATCH] qemu-bridge-helper: restrict interface name to IFNAMSIZ

Gbp-Pq: CVE-2019-13164.patch.