Ubuntu
qemu package

  1. Xenial (16.04)
  2. Bug #1581936
  3. Comment #19

Comment 19 for bug 1581936

Revision history for this message
Launchpad Janitor (janitor) wrote :

This bug was fixed in the package qemu - 1:2.5+dfsg-5ubuntu10.14

---------------
qemu (1:2.5+dfsg-5ubuntu10.14) xenial-security; urgency=medium

  * SECURITY UPDATE: denial of service via leak in virtFS
    - debian/patches/CVE-2017-7377.patch: fix file descriptor leak in
      hw/9pfs/virtio-9p.c.
    - CVE-2017-7377
  * SECURITY UPDATE: denial of service in cirrus_vga
    - debian/patches/CVE-2017-7718.patch: check parameters in
      hw/display/cirrus_vga_rop.h.
    - CVE-2017-7718
  * SECURITY UPDATE: code execution via cirrus_vga OOB r/w
    - debian/patches/CVE-2017-7980-1.patch: handle negative pitch in
      hw/display/cirrus_vga.c.
    - debian/patches/CVE-2017-7980-2.patch: allow zero source pitch in
      hw/display/cirrus_vga.c.
    - debian/patches/CVE-2017-7980-3.patch: fix blit address mask handling
      in hw/display/cirrus_vga.c.
    - debian/patches/CVE-2017-7980-4.patch: fix patterncopy checks in
      hw/display/cirrus_vga.c.
    - debian/patches/CVE-2017-7980-5.patch: revert allow zero source pitch
      in hw/display/cirrus_vga.c.
    - debian/patches/CVE-2017-7980-6.patch: stop passing around dst
      pointers in hw/display/cirrus_vga.c, hw/display/cirrus_vga_rop.h,
      hw/display/cirrus_vga_rop2.h.
    - debian/patches/CVE-2017-7980-7.patch: stop passing around src
      pointers in hw/display/cirrus_vga.c, hw/display/cirrus_vga_rop.h,
      hw/display/cirrus_vga_rop2.h.
    - debian/patches/CVE-2017-7980-8.patch: fix off-by-one in
      hw/display/cirrus_vga_rop.h.
    - debian/patches/CVE-2017-7980-9.patch: fix cirrus_invalidate_region in
      hw/display/cirrus_vga.c.
    - CVE-2017-7980
  * SECURITY UPDATE: denial of service via memory leak in virtFS
    - debian/patches/CVE-2017-8086.patch: fix leak in
      hw/9pfs/virtio-9p-xattr.c.
    - CVE-2017-8086
  * SECURITY UPDATE: denial of service via leak in audio
    - debian/patches/CVE-2017-8309.patch: release capture buffers in
      audio/audio.c.
    - CVE-2017-8309
  * SECURITY UPDATE: denial of service via leak in keyboard
    - debian/patches/CVE-2017-8379-1.patch: limit kbd queue depth in
      ui/input.c.
    - debian/patches/CVE-2017-8379-2.patch: don't queue delay if paused in
      ui/input.c.
    - CVE-2017-8379
  * SECURITY REGRESSION: Windows 7 VGA compatibility issue (LP: #1581936)
    - debian/patches/lp1581936.patch: add sr_vbe register set to
      hw/display/vga.c, hw/display/vga_int.h.

 -- Marc Deslauriers <email address hidden> Wed, 10 May 2017 10:09:29 -0400