UbuntuUpdates.org

Package "libslirp"

Name: libslirp

Description:

This package is just an umbrella for a group of other packages, it has no description.
Description samples from packages in group:

  • General purpose TCP-IP emulator library (development files)
  • General purpose TCP-IP emulator library

Latest version: 4.4.0-1ubuntu0.21.10.1
Release: impish (21.10)
Level: security
Repository: main

Links



Other versions of "libslirp" in Impish

Repository Area Version
base main 4.4.0-1build1
updates main 4.4.0-1ubuntu0.21.10.1

Packages in group

Deleted packages are displayed in grey.


Changelog

Version: 4.4.0-1ubuntu0.21.10.1 2021-10-26 15:06:26 UTC

  libslirp (4.4.0-1ubuntu0.21.10.1) impish-security; urgency=medium

  * SECURITY UPDATE: data leak in bootp_input()
    - debian/patches/CVE-2021-3592-1.patch: add mtod_check() to src/mbuf.*.
    - debian/patches/CVE-2021-3592-2.patch: limit vendor-specific area to
      input packet memory buffer in src/bootp.*, src/mbuf.*.
    - debian/patches/CVE-2021-3592-3.patch: check bootp_input buffer size
      in src/bootp.c.
    - debian/patches/CVE-2021-3592-4.patch: fix regression in dhcp in
      src/bootp.c.
    - CVE-2021-3592
  * SECURITY UPDATE: data leak in udp6_input()
    - debian/patches/CVE-2021-3593.patch: check udp6_input buffer size in
      src/udp6.c.
    - CVE-2021-3593
  * SECURITY UPDATE: data leak in udp_input()
    - debian/patches/CVE-2021-3594.patch: check upd_input buffer size in
      src/udp.c.
    - CVE-2021-3594
  * SECURITY UPDATE: data leak in tftp_input()
    - debian/patches/CVE-2021-3595-1.patch: check tftp_input buffer size in
      src/tftp.c.
    - debian/patches/CVE-2021-3595-2.patch: introduce a header structure in
      src/tftp.*.
    - CVE-2021-3595

 -- Marc Deslauriers <email address hidden> Tue, 26 Oct 2021 08:40:24 -0400

CVE-2021-3592 An invalid pointer initialization issue was found in the SLiRP networking implementation of QEMU. The flaw exists in the bootp_input() function and c
CVE-2021-3593 An invalid pointer initialization issue was found in the SLiRP networking implementation of QEMU. The flaw exists in the udp6_input() function and co
CVE-2021-3594 An invalid pointer initialization issue was found in the SLiRP networking implementation of QEMU. The flaw exists in the udp_input() function and cou
CVE-2021-3595 An invalid pointer initialization issue was found in the SLiRP networking implementation of QEMU. The flaw exists in the tftp_input() function and co



About   -   Send Feedback to @ubuntu_updates