Package "qemu"

Name:	qemu
Description:	fast processor emulator
Latest version:	1:2.5+dfsg-5ubuntu10.42
Release:	xenial (16.04)
Level:	updates
Repository:	universe
Homepage:	http://www.qemu.org/

Links

Save this URL for the latest version of "qemu": https://www.ubuntuupdates.org/qemu

Raw Package Information

All versions of this package

Bug fixes

List of files in package

Repository home page

Download "qemu"

32-bit deb package

64-bit deb package

APT INSTALL

Other versions of "qemu" in Xenial

Repository	Area	Version
base	universe	1:2.5+dfsg-5ubuntu10
base	main	1:2.5+dfsg-5ubuntu10
security	main	1:2.5+dfsg-5ubuntu10.42
security	universe	1:2.5+dfsg-5ubuntu10.42
updates	main	1:2.5+dfsg-5ubuntu10.42

Packages in group

Deleted packages are displayed in grey.

Changelog

Version: 1:2.5+dfsg-5ubuntu10.42 2019-11-14 01:07:15 UTC

qemu (1:2.5+dfsg-5ubuntu10.42) xenial-security; urgency=medium * SECURITY UPDATE: infinite loop when executing LSI scsi adapter emulator scripts - d/p/CVE-2019-12068.patch: Move the existing loop exit - CVE-2019-12068 * SECURITY UPDATE: null pointer dereference in qxl display driver - d/p/CVE-2019-12155.patch: qxl: check release info object - CVE-2019-12155 * SECURITY UPDATE: qemu-bridge-helper interface name buffer overflow - d/p/CVE-2019-13164.patch: qemu-bridge-helper: restrict interface name to IFNAMSIZ - CVE-2019-13164 * SECURITY UPDATE: heap overflow in slirp - d/p/CVE-2019-14378.patch: slirp: Fix heap overflow in ip_reass on big packet input - CVE-2019-14378 * SECURITY UPDATE: use after free vulnerability in slirp - d/p/CVE-2019-15890.patch: slirp: ip_reass: Fix use after free - CVE-2019-15890 -- Steve Beattie <email address hidden> Mon, 04 Nov 2019 13:30:56 -0800

Source diff to previous version

CVE-2019-12068	In QEMU 1:4.1-1, 1:2.1+dfsg-12+deb8u6, 1:2.8+dfsg-6+deb9u8, 1:3.1+dfsg-8~deb10u1, 1:3.1+dfsg-8+deb10u2, and 1:2.1+dfsg-12+deb8u12 (fixed), when execu
CVE-2019-12155	interface_release_resource in hw/display/qxl.c in QEMU 4.0.0 has a NULL pointer dereference.
CVE-2019-13164	qemu-bridge-helper.c in QEMU 4.0.0 does not ensure that a network interface name (obtained from bridge.conf or a --br=bridge option) is limited to th
CVE-2019-14378	ip_reass in ip_input.c in libslirp 4.0.0 has a heap-based buffer overflow via a large packet because it mishandles a case involving the first fragmen
CVE-2019-15890	libslirp 4.0.0, as used in QEMU 4.1.0, has a use-after-free in ip_reass in ip_input.c.

Version: 1:2.5+dfsg-5ubuntu10.41 2019-07-30 17:07:08 UTC

qemu (1:2.5+dfsg-5ubuntu10.41) xenial; urgency=medium * d/p/ubuntu/lp-1830243-s390-bios-Skip-bootmap-signature-entries.patch: tolerate guests with secure boot loaders (LP: #1830243) -- Christian Ehrhardt <email address hidden> Thu, 04 Jul 2019 14:47:56 +0200

Source diff to previous version

1830243

[19.10 FEAT] KVM: Secure Linux Boot Toleration - qemu

Version: 1:2.5+dfsg-5ubuntu10.40 2019-06-20 23:06:20 UTC

qemu (1:2.5+dfsg-5ubuntu10.40) xenial; urgency=medium * Restore patches that caused regression - d/p/lp1823458/add-VirtIONet-vhost_stopped-flag-to-prevent-multiple.patch - d/p/lp1823458/do-not-call-vhost_net_cleanup-on-running-net-from-ch.patch * Fix regression introduced by above patches (LP: #1829380) - d/p/lp1829380.patch [ Rafael David Tinoco ] * d/p/lp1828288/target-i386-Set-AMD-alias-bits-after-filtering-CPUID.patch - Fix issues with CPUID_EXT2_AMD_ALIASES allowing guests using cpu passthrough to boot. (LP: #1828288) -- Dan Streetman <email address hidden> Thu, 16 May 2019 14:29:56 -0400

Source diff to previous version

1829380	race condition between vhost_net_stop and CHR_EVENT_CLOSED on shutdown crashes qemu (fix regression)
1828288	QEMU might fail to start on AMD CPUs when 'host-passthrough' is used

Version: 1:2.5+dfsg-5ubuntu10.39 2019-05-16 17:07:21 UTC

qemu (1:2.5+dfsg-5ubuntu10.39) xenial-security; urgency=medium * Disable patches from 1:2.5+dfsg-5ubuntu10.37 to prevent regression (LP: #1829245) - d/p/lp1823458/add-VirtIONet-vhost_stopped-flag-to-prevent-multiple.patch - d/p/lp1823458/do-not-call-vhost_net_cleanup-on-running-net-from-ch.patch -- Marc Deslauriers <email address hidden> Thu, 16 May 2019 07:11:54 -0400

Source diff to previous version

1829245

Networking issues after upgrade to 1:2.5+dfsg-5ubuntu10.37

Version: 1:2.5+dfsg-5ubuntu10.38 2019-05-14 19:07:34 UTC

qemu (1:2.5+dfsg-5ubuntu10.38) xenial-security; urgency=medium * SECURITY UPDATE: Add support for exposing md-clear functionality to guests - d/p/ubuntu/enable-md-clear.patch - CVE-2018-12126, CVE-2018-12127, CVE-2018-12130, CVE-2019-11091 * SECURITY UPDATE: heap overflow when loading device tree blob - d/p/ubuntu/CVE-2018-20815.patch: specify how large the buffer to copy the device tree blob into is. - CVE-2018-20815 * SECURITY UPDATE: information leak in SLiRP - d/p/ubuntu/CVE-2019-9824.patch: check sscanf result when emulating ident. - CVE-2019-9824

CVE-2018-12126	MSBDS Microarchitectural Store Buffer Data Sampling
CVE-2018-12127	MLPDS Microarchitectural Load Port Data Sampling
CVE-2018-12130	MFBDS Microarchitectural Fill Buffer Data Sampling
CVE-2019-11091	MDSUM Microarchitectural Data Sampling Uncacheable Memory
CVE-2018-20815	device_tree: heap buffer overflow while loading device tree blob

← Previous 1 2 Next →

About - Send Feedback to @ubuntu_updates

Package "qemu"

Links

Download "qemu"

Other versions of "qemu" in Xenial

Packages in group

Changelog

Tweets

Share this page

Bookmarks

Latest updates

proposed

PPA updates