UbuntuUpdates.org

Package "qemu"

Name: qemu

Description:

This package is just an umbrella for a group of other packages, it has no description.
Description samples from packages in group:

  • extra block backend modules for qemu-system and qemu-utils
  • QEMU Full virtualization
  • QEMU full system emulation binaries
  • QEMU full system emulation binaries (arm)

Latest version: 1:2.5+dfsg-5ubuntu10.40
Release: xenial (16.04)
Level: updates
Repository: main

Links

Save this URL for the latest version of "qemu": https://www.ubuntuupdates.org/qemu



Other versions of "qemu" in Xenial

Repository Area Version
base universe 1:2.5+dfsg-5ubuntu10
base main 1:2.5+dfsg-5ubuntu10
security main 1:2.5+dfsg-5ubuntu10.39
security universe 1:2.5+dfsg-5ubuntu10.39
updates universe 1:2.5+dfsg-5ubuntu10.40

Packages in group

Deleted packages are displayed in grey.


Changelog

Version: 1:2.5+dfsg-5ubuntu10.40 2019-06-20 23:06:19 UTC

  qemu (1:2.5+dfsg-5ubuntu10.40) xenial; urgency=medium

  * Restore patches that caused regression
    - d/p/lp1823458/add-VirtIONet-vhost_stopped-flag-to-prevent-multiple.patch
    - d/p/lp1823458/do-not-call-vhost_net_cleanup-on-running-net-from-ch.patch
  * Fix regression introduced by above patches (LP: #1829380)
    - d/p/lp1829380.patch

  [ Rafael David Tinoco ]
  * d/p/lp1828288/target-i386-Set-AMD-alias-bits-after-filtering-CPUID.patch
    - Fix issues with CPUID_EXT2_AMD_ALIASES allowing guests using
      cpu passthrough to boot. (LP: #1828288)

 -- Dan Streetman <email address hidden> Thu, 16 May 2019 14:29:56 -0400

Source diff to previous version
1829380 race condition between vhost_net_stop and CHR_EVENT_CLOSED on shutdown crashes qemu (fix regression)
1828288 QEMU might fail to start on AMD CPUs when 'host-passthrough' is used

Version: 1:2.5+dfsg-5ubuntu10.39 2019-05-16 17:07:18 UTC

  qemu (1:2.5+dfsg-5ubuntu10.39) xenial-security; urgency=medium

  * Disable patches from 1:2.5+dfsg-5ubuntu10.37 to prevent regression
    (LP: #1829245)
    - d/p/lp1823458/add-VirtIONet-vhost_stopped-flag-to-prevent-multiple.patch
    - d/p/lp1823458/do-not-call-vhost_net_cleanup-on-running-net-from-ch.patch

 -- Marc Deslauriers <email address hidden> Thu, 16 May 2019 07:11:54 -0400

Source diff to previous version
1829245 Networking issues after upgrade to 1:2.5+dfsg-5ubuntu10.37

Version: 1:2.5+dfsg-5ubuntu10.38 2019-05-14 19:07:27 UTC

  qemu (1:2.5+dfsg-5ubuntu10.38) xenial-security; urgency=medium

  * SECURITY UPDATE: Add support for exposing md-clear functionality
    to guests
    - d/p/ubuntu/enable-md-clear.patch
    - CVE-2018-12126, CVE-2018-12127, CVE-2018-12130, CVE-2019-11091
  * SECURITY UPDATE: heap overflow when loading device tree blob
    - d/p/ubuntu/CVE-2018-20815.patch: specify how large the buffer to
      copy the device tree blob into is.
    - CVE-2018-20815
  * SECURITY UPDATE: information leak in SLiRP
    - d/p/ubuntu/CVE-2019-9824.patch: check sscanf result when
      emulating ident.
    - CVE-2019-9824

Source diff to previous version
CVE-2018-12126 MSBDS Microarchitectural Store Buffer Data Sampling
CVE-2018-12127 MLPDS Microarchitectural Load Port Data Sampling
CVE-2018-12130 MFBDS Microarchitectural Fill Buffer Data Sampling
CVE-2019-11091 MDSUM Microarchitectural Data Sampling Uncacheable Memory
CVE-2018-20815 device_tree: heap buffer overflow while loading device tree blob

Version: 1:2.5+dfsg-5ubuntu10.37 2019-05-13 12:07:27 UTC

  qemu (1:2.5+dfsg-5ubuntu10.37) xenial; urgency=medium

  * d/p/lp1823458/add-VirtIONet-vhost_stopped-flag-to-prevent-multiple.patch,
    d/p/lp1823458/do-not-call-vhost_net_cleanup-on-running-net-from-ch.patch:
    - Prevent crash due to race condition on shutdown;
      this is fixed differently upstream (starting in Bionic), but
      the change is too large to backport into Xenial. These two very
      small patches work around the problem in an unintrusive way.
      (LP: #1823458)

 -- Dan Streetman <email address hidden> Tue, 23 Apr 2019 05:19:55 -0400

Source diff to previous version

Version: 1:2.5+dfsg-5ubuntu10.36 2019-03-27 14:06:37 UTC

  qemu (1:2.5+dfsg-5ubuntu10.36) xenial-security; urgency=medium

  * Spectre/Meltdown fixes for ppc64 (LP: #1765364)
    - debian/patches/lp1765364/*.patches: add backported capabilities and
      spectre/meltdown commits.
  * SECURITY UPDATE: race during file renaming in v9fs_wstat
    - debian/patches/CVE-2018-19489.patch: add locks to hw/9pfs/9p.c.
    - CVE-2018-19489
  * SECURITY UPDATE: heap based buffer overflow in slirp
    - debian/patches/CVE-2019-6778.patch: check data length while emulating
      ident function in slirp/tcp_subr.c.
    - CVE-2019-6778

 -- Marc Deslauriers <email address hidden> Fri, 22 Mar 2019 14:19:08 -0400

1765364 Backport spectre/meltdown fixes on qemu for ppc64 into 16.04 and possibly 14.04 LTS releases
CVE-2018-19489 v9fs_wstat in hw/9pfs/9p.c in QEMU allows guest OS users to cause a denial of service (crash) because of a race condition during file renaming.
CVE-2019-6778 In QEMU 3.0.0, tcp_emu in slirp/tcp_subr.c has a heap-based buffer overflow.



About   -   Send Feedback to @ubuntu_updates