UbuntuUpdates.org

Package "qemu-system-data"

Name: qemu-system-data

Description:

QEMU full system emulation (data files)

Latest version: 1:6.2+dfsg-2ubuntu6.22
Release: jammy (22.04)
Level: updates
Repository: main
Head package: qemu
Homepage: http://www.qemu.org/

Links


Download "qemu-system-data"


Other versions of "qemu-system-data" in Jammy

Repository Area Version
base main 1:6.2+dfsg-2ubuntu6
security main 1:6.2+dfsg-2ubuntu6.22
proposed main 1:6.2+dfsg-2ubuntu6.23

Changelog

Version: 1:6.2+dfsg-2ubuntu6.22 2024-08-13 08:07:12 UTC

  qemu (1:6.2+dfsg-2ubuntu6.22) jammy-security; urgency=medium

  * SECURITY UPDATE: null dereference
    - debian/patches/CVE-2023-6683-1.patch: Check size before
      populating info->types data
    - debian/patches/CVE-2023-6683-2.patch: Check clipboard types
      for if a callback needs to be set
    - CVE-2023-6683
  * SECURITY UPDATE: stack based buffer overflow
    - debian/patches/CVE-2023-6693.patch: Correctly copy vnet header
      when flushing TX
    - CVE-2023-6693
  * SECURITY UPDATE: integer underflow
    - debian/patches/CVE-2024-24474.patch: Restrict non-DMA transfer
      length to that of available data
    - CVE-2024-24474

 -- Bruce Cable <email address hidden> Thu, 01 Aug 2024 13:08:05 +1000

Source diff to previous version
CVE-2023-6683 A flaw was found in the QEMU built-in VNC server while processing ClientCutText messages. The qemu_clipboard_request() function can be reached before
CVE-2023-6693 A stack based buffer overflow was found in the virtio-net device of QEMU. This issue occurs when flushing TX in the virtio_net_flush_tx function if g
CVE-2024-24474 QEMU before 8.2.0 has an integer underflow, and resultant buffer overflow, via a TI command when an expected non-DMA transfer length is less than the

Version: 1:6.2+dfsg-2ubuntu6.21 2024-06-06 15:07:15 UTC

  qemu (1:6.2+dfsg-2ubuntu6.21) jammy-security; urgency=medium

  * SECURITY REGRESSION: 9pfs restrictions on sockets (LP: #2065579)
    - debian/patches/ubuntu/lp-2065579-9pfs-allow-sockets.patch: allow
      sockets and FIFOs to be opened in hw/9pfs/9p-util.h. The fix for
      CVE-2023-2861 was too restrictive for some use-cases.

 -- Marc Deslauriers <email address hidden> Wed, 05 Jun 2024 12:25:53 -0400

Source diff to previous version
2065579 [UBUNTU 22.04] OS guest boot issues on 9p filesystem
CVE-2023-2861 A flaw was found in the 9p passthrough filesystem (9pfs) implementation in QEMU. The 9pfs server did not prohibit opening special files on the host s

Version: 1:6.2+dfsg-2ubuntu6.19 2024-04-18 19:07:10 UTC

  qemu (1:6.2+dfsg-2ubuntu6.19) jammy; urgency=medium

  * d/p/u/lp2012763-maxcpus-too-low.patch: Bump max_cpus to 1024 on
    amd64. (LP: #2012763)

 -- Sergio Durigan Junior <email address hidden> Mon, 18 Mar 2024 16:38:25 -0400

Source diff to previous version

Version: 1:6.2+dfsg-2ubuntu6.18 2024-04-04 20:06:53 UTC

  qemu (1:6.2+dfsg-2ubuntu6.18) jammy; urgency=medium

  * d/p/u/lp-2046439-s390x-*.patch: Fix emulation of
    "COMPARE HALFWORD RELATIVE LONG" on s390x.
    (LP: #2046439)

 -- Sergio Durigan Junior <email address hidden> Wed, 21 Feb 2024 15:44:50 -0500

Source diff to previous version
2046439 Wrong code execution of s390x code with qemu TCG

Version: 1:6.2+dfsg-2ubuntu6.17 2024-02-16 02:06:56 UTC

  qemu (1:6.2+dfsg-2ubuntu6.17) jammy; urgency=medium

  * d/rules: modify qemu-block-extra postinst to avoid
    restarting run-qemu.mount (LP: #2051153)

 -- Christian Ehrhardt <email address hidden> Mon, 29 Jan 2024 11:43:30 +0100

2051153 run-qemu.mount is restarted on upgrades



About   -   Send Feedback to @ubuntu_updates