This bug was fixed in the package qemu - 2.0.0+dfsg-2ubuntu1.9
--------------- qemu (2.0.0+dfsg-2ubuntu1.9) trusty-security; urgency=medium
* SECURITY UPDATE: code execution via savevm data - debian/patches/CVE-2014-7840.patch: validate parameters in arch_init.c. - CVE-2014-7840 * SECURITY UPDATE: code execution via cirrus vga blit regions (LP: #1400775) - debian/patches/CVE-2014-8106.patch: properly validate blit regions in hw/display/cirrus_vga.c. - CVE-2014-8106 -- Marc Deslauriers <email address hidden> Wed, 10 Dec 2014 16:00:51 -0500
This bug was fixed in the package qemu - 2.0.0+dfsg- 2ubuntu1. 9
--------------- dfsg-2ubuntu1. 9) trusty-security; urgency=medium
qemu (2.0.0+
* SECURITY UPDATE: code execution via savevm data patches/ CVE-2014- 7840.patch: validate parameters in patches/ CVE-2014- 8106.patch: properly validate blit regions in display/ cirrus_ vga.c.
- debian/
arch_init.c.
- CVE-2014-7840
* SECURITY UPDATE: code execution via cirrus vga blit regions
(LP: #1400775)
- debian/
hw/
- CVE-2014-8106
-- Marc Deslauriers <email address hidden> Wed, 10 Dec 2014 16:00:51 -0500