* Spectre/Meltdown fixes for ppc64 (LP: #1765364)
- debian/patches/lp1765364/*.patches: add backported capabilities and
spectre/meltdown commits.
* SECURITY UPDATE: race during file renaming in v9fs_wstat
- debian/patches/CVE-2018-19489.patch: add locks to hw/9pfs/9p.c.
- CVE-2018-19489
* SECURITY UPDATE: heap based buffer overflow in slirp
- debian/patches/CVE-2019-6778.patch: check data length while emulating
ident function in slirp/tcp_subr.c.
- CVE-2019-6778
-- Marc Deslauriers <email address hidden> Fri, 22 Mar 2019 14:19:08 -0400
This bug was fixed in the package qemu - 1:2.5+dfsg- 5ubuntu10. 36
--------------- dfsg-5ubuntu10. 36) xenial-security; urgency=medium
qemu (1:2.5+
* Spectre/Meltdown fixes for ppc64 (LP: #1765364) patches/ lp1765364/ *.patches: add backported capabilities and meltdown commits. patches/ CVE-2018- 19489.patch: add locks to hw/9pfs/9p.c. patches/ CVE-2019- 6778.patch: check data length while emulating
- debian/
spectre/
* SECURITY UPDATE: race during file renaming in v9fs_wstat
- debian/
- CVE-2018-19489
* SECURITY UPDATE: heap based buffer overflow in slirp
- debian/
ident function in slirp/tcp_subr.c.
- CVE-2019-6778
-- Marc Deslauriers <email address hidden> Fri, 22 Mar 2019 14:19:08 -0400