This bug was fixed in the package qemu - 2.1+dfsg-4ubuntu6.3
--------------- qemu (2.1+dfsg-4ubuntu6.3) utopic-security; urgency=medium
* SECURITY UPDATE: code execution via savevm data - debian/patches/CVE-2014-7840.patch: validate parameters in arch_init.c. - CVE-2014-7840 * SECURITY UPDATE: code execution via cirrus vga blit regions (LP: #1400775) - debian/patches/CVE-2014-8106.patch: properly validate blit regions in hw/display/cirrus_vga.c. - CVE-2014-8106 -- Marc Deslauriers <email address hidden> Wed, 10 Dec 2014 15:53:57 -0500
This bug was fixed in the package qemu - 2.1+dfsg-4ubuntu6.3
--------------- 4ubuntu6. 3) utopic-security; urgency=medium
qemu (2.1+dfsg-
* SECURITY UPDATE: code execution via savevm data patches/ CVE-2014- 7840.patch: validate parameters in patches/ CVE-2014- 8106.patch: properly validate blit regions in display/ cirrus_ vga.c.
- debian/
arch_init.c.
- CVE-2014-7840
* SECURITY UPDATE: code execution via cirrus vga blit regions
(LP: #1400775)
- debian/
hw/
- CVE-2014-8106
-- Marc Deslauriers <email address hidden> Wed, 10 Dec 2014 15:53:57 -0500