UbuntuUpdates.org

Package "qemu"

Name: qemu

Description:

fast processor emulator, dummy package
Latest version: 1:3.1+dfsg-2ubuntu3.2
Release: disco (19.04)
Level: updates
Repository: universe
Homepage: http://www.qemu.org/

Links

Save this URL for the latest version of "qemu": https://www.ubuntuupdates.org/qemu

All versions of this package
Bug fixes

List of files in package
Repository home page

Download "qemu"

32-bit deb package
64-bit deb package
APT INSTALL

Other versions of "qemu" in Disco

Repository Area Version
base main 1:3.1+dfsg-2ubuntu3
base universe 1:3.1+dfsg-2ubuntu3
security main 1:3.1+dfsg-2ubuntu3.1
security universe 1:3.1+dfsg-2ubuntu3.1
updates main 1:3.1+dfsg-2ubuntu3.2
proposed universe 1:3.1+dfsg-2ubuntu3.3
proposed main 1:3.1+dfsg-2ubuntu3.3

Packages in group

Deleted packages are displayed in grey.


Changelog

Version: 1:3.1+dfsg-2ubuntu3.2 2019-06-25 01:07:42 UTC

  qemu (1:3.1+dfsg-2ubuntu3.2) disco; urgency=medium

  * d/p/ubuntu/define-ubuntu-machine-types.patch: fix wily machine type being
    broken since 2.11 due to 2.3/2.4 version mismatch in its definition to
    fix migrations from old machines (LP: #1829868).
  * d/p/ubuntu/lp-1830704-s390x-cpumodel-ignore-csske-for-expansion.patch
    toleration for future machines (LP: #1830704
  * d/control-in, d/control: add versioned dependencies to libseccomp 2.4 as
    any rebuild against 2.4 as it is in proposed right now will otherwise
    crash (LP: #1830859).

 -- Christian Ehrhardt <email address hidden> Tue, 28 May 2019 10:52:47 +0200
Source diff to previous version
1829868 migration from qemu 2.5 to qemu 2.11 fails for pc-i440fx-wily machines
1830704 [UBUNTU] QEMU toleration patch to ensure cpu detection in a nested KVM
1830859 new libseccomp 2.4 (in proposed) makes rebuilds need but not generate a dependency to 2.4

Version: 1:3.1+dfsg-2ubuntu3.1 2019-05-14 19:07:47 UTC

  qemu (1:3.1+dfsg-2ubuntu3.1) disco-security; urgency=medium

  * SECURITY UPDATE: Add support for exposing md-clear functionality
    to guests
    - d/p/ubuntu/enable-md-clear.patch
    - d/p/ubuntu/enable-md-no.patch
    - CVE-2018-12126, CVE-2018-12127, CVE-2018-12130, CVE-2019-11091
  * SECURITY UPDATE: heap overflow when loading device tree blob
    - d/p/ubuntu/CVE-2018-20815.patch: specify how large the buffer to
      copy the device tree blob into is.
    - CVE-2018-20815
  * SECURITY UPDATE: device driver denial of service via NULL pointer
    dereference
    - d/p/ubuntu/CVE-2019-5008.patch: Define skeleton 'power_mem_read'
      routine
    - CVE-2019-5008
  * SECURITY UPDATE: information leak in SLiRP
    - d/p/ubuntu/CVE-2019-9824.patch: check sscanf result when
      emulating ident.
    - CVE-2019-9824

 -- Steve Beattie <email address hidden> Wed, 08 May 2019 09:52:43 -0700
CVE-2018-12126 MSBDS Microarchitectural Store Buffer Data Sampling
CVE-2018-12127 MLPDS Microarchitectural Load Port Data Sampling
CVE-2018-12130 MFBDS Microarchitectural Fill Buffer Data Sampling
CVE-2019-11091 MDSUM Microarchitectural Data Sampling Uncacheable Memory
CVE-2018-20815 device_tree: heap buffer overflow while loading device tree blob
CVE-2019-5008 hw/sparc64/sun4u.c in QEMU 3.1.50 is vulnerable to a NULL pointer dereference, which allows the attacker to cause a denial of service via a device dr


About   -   Send Feedback to @ubuntu_updates