UbuntuUpdates.org

Package "qemu"

Name: qemu

Description:

This package is just an umbrella for a group of other packages, it has no description.
Description samples from packages in group:

  • extra block backend modules for qemu-system and qemu-utils
  • QEMU Full virtualization on x86 hardware
  • QEMU full system emulation binaries (arm)
  • QEMU full system emulation binaries (common files)

Latest version: 1:3.1+dfsg-2ubuntu3.2
Release: disco (19.04)
Level: updates
Repository: main

Links

Save this URL for the latest version of "qemu": https://www.ubuntuupdates.org/qemu



Other versions of "qemu" in Disco

Repository Area Version
base main 1:3.1+dfsg-2ubuntu3
base universe 1:3.1+dfsg-2ubuntu3
security main 1:3.1+dfsg-2ubuntu3.1
security universe 1:3.1+dfsg-2ubuntu3.1
updates universe 1:3.1+dfsg-2ubuntu3.2
proposed universe 1:3.1+dfsg-2ubuntu3.3
proposed main 1:3.1+dfsg-2ubuntu3.3

Packages in group

Deleted packages are displayed in grey.


Changelog

Version: 1:3.1+dfsg-2ubuntu3.2 2019-06-25 01:07:42 UTC

  qemu (1:3.1+dfsg-2ubuntu3.2) disco; urgency=medium

  * d/p/ubuntu/define-ubuntu-machine-types.patch: fix wily machine type being
    broken since 2.11 due to 2.3/2.4 version mismatch in its definition to
    fix migrations from old machines (LP: #1829868).
  * d/p/ubuntu/lp-1830704-s390x-cpumodel-ignore-csske-for-expansion.patch
    toleration for future machines (LP: #1830704
  * d/control-in, d/control: add versioned dependencies to libseccomp 2.4 as
    any rebuild against 2.4 as it is in proposed right now will otherwise
    crash (LP: #1830859).

 -- Christian Ehrhardt <email address hidden> Tue, 28 May 2019 10:52:47 +0200

Source diff to previous version
1829868 migration from qemu 2.5 to qemu 2.11 fails for pc-i440fx-wily machines
1830704 [UBUNTU] QEMU toleration patch to ensure cpu detection in a nested KVM
1830859 new libseccomp 2.4 (in proposed) makes rebuilds need but not generate a dependency to 2.4

Version: 1:3.1+dfsg-2ubuntu3.1 2019-05-14 19:07:46 UTC

  qemu (1:3.1+dfsg-2ubuntu3.1) disco-security; urgency=medium

  * SECURITY UPDATE: Add support for exposing md-clear functionality
    to guests
    - d/p/ubuntu/enable-md-clear.patch
    - d/p/ubuntu/enable-md-no.patch
    - CVE-2018-12126, CVE-2018-12127, CVE-2018-12130, CVE-2019-11091
  * SECURITY UPDATE: heap overflow when loading device tree blob
    - d/p/ubuntu/CVE-2018-20815.patch: specify how large the buffer to
      copy the device tree blob into is.
    - CVE-2018-20815
  * SECURITY UPDATE: device driver denial of service via NULL pointer
    dereference
    - d/p/ubuntu/CVE-2019-5008.patch: Define skeleton 'power_mem_read'
      routine
    - CVE-2019-5008
  * SECURITY UPDATE: information leak in SLiRP
    - d/p/ubuntu/CVE-2019-9824.patch: check sscanf result when
      emulating ident.
    - CVE-2019-9824

 -- Steve Beattie <email address hidden> Wed, 08 May 2019 09:52:43 -0700

CVE-2018-12126 MSBDS Microarchitectural Store Buffer Data Sampling
CVE-2018-12127 MLPDS Microarchitectural Load Port Data Sampling
CVE-2018-12130 MFBDS Microarchitectural Fill Buffer Data Sampling
CVE-2019-11091 MDSUM Microarchitectural Data Sampling Uncacheable Memory
CVE-2018-20815 device_tree: heap buffer overflow while loading device tree blob
CVE-2019-5008 hw/sparc64/sun4u.c in QEMU 3.1.50 is vulnerable to a NULL pointer dereference, which allows the attacker to cause a denial of service via a device dr



About   -   Send Feedback to @ubuntu_updates