[Bug 1322204] Re: image format input validation fixes tracking bug

Mon, 08 Sep 2014 10:26:57 -0700 

This bug was fixed in the package qemu-kvm - 0.12.3+noroms-0ubuntu9.24

---------------
qemu-kvm (0.12.3+noroms-0ubuntu9.24) lucid-security; urgency=medium

  * SECURITY UPDATE: denial of service and possible code exection via
    incorrect image format validation (LP: #1322204)
    - debian/patches/CVE-2014-0142.patch: validate extent_size header field
      in block/bochs.c, validate s->tracks in block/parallels.c, validate
      block size in block/vpc.c, backport function to qemu-common.h,
      backport DIV_ROUND_UP to osdep.h.
    - CVE-2014-0142
  * SECURITY UPDATE: denial of service and possible code exection via
    incorrect image format validation (LP: #1322204)
    - debian/patches/CVE-2014-0143.patch: validate nb_sectors in
      block.c, validate catalog_size header field in block/bochs.c,
      prevent offsets_size integer overflow in block/cloop.c, fix catalog
      size integer overflow in block/parallels.c, validate new_l1_size in
      block/qcow2-cluster.c, use proper size in block/qcow2-refcount.c,
      check L1 snapshot table size in block/qcow2-snapshot.c, check active
      L1 table size in block/qcow2.c, define max size in block/qcow2.h.
    - CVE-2014-0143
  * SECURITY UPDATE: denial of service and possible code exection via
    incorrect image format validation (LP: #1322204)
    - debian/patches/CVE-2014-0144.patch: validate block sizes and offsets
      in block/cloop.c, check offset in block/curl.c, validate size in
      block/qcow2-refcount.c, check number of snapshots in
      block/qcow2-snapshot.c, check sizes and offsets in block/qcow2.c,
      move structs to block/qcow2.h, check sizes in block/vdi.c,
      prevent overflows in block/vpc.c.
    - CVE-2014-0144
  * SECURITY UPDATE: denial of service and possible code exection via
    incorrect image format validation (LP: #1322204)
    - debian/patches/CVE-2014-0145.patch: check chunk sizes in block/dmg.c,
      use correct size in block/qcow2-snapshot.c.
    - CVE-2014-0145
  * SECURITY UPDATE: denial of service and possible code exection via
    incorrect image format validation (LP: #1322204)
    - debian/patches/CVE-2014-0146.patch: calculate offsets properly in
      block/qcow2.c.
    - CVE-2014-0146
  * SECURITY UPDATE: denial of service and possible code exection via
    incorrect image format validation (LP: #1322204)
    - debian/patches/CVE-2014-0147.patch: use proper sizes in block/bochs.c.
    - CVE-2014-0147
  * SECURITY UPDATE: multiple buffer overflows on invalid state load
    - debian/patches: added large number of upstream patches pulled from
      git tree.
    - CVE-2013-4148
    - CVE-2013-4151
    - CVE-2013-4530
    - CVE-2013-4531
    - CVE-2013-4533
    - CVE-2013-4534
    - CVE-2013-4537
    - CVE-2013-4538
    - CVE-2013-4539
    - CVE-2013-4540
    - CVE-2013-6399
    - CVE-2014-0182
    - CVE-2014-0222
    - CVE-2014-0223
 -- Marc Deslauriers <marc.deslauri...@ubuntu.com>   Tue, 12 Aug 2014 14:35:45 
-0400

** Changed in: qemu-kvm (Ubuntu Lucid)
       Status: In Progress => Fix Released

** CVE added: http://www.cve.mitre.org/cgi-
bin/cvename.cgi?name=2013-4148

** CVE added: http://www.cve.mitre.org/cgi-
bin/cvename.cgi?name=2013-4151

** CVE added: http://www.cve.mitre.org/cgi-
bin/cvename.cgi?name=2013-4530

** CVE added: http://www.cve.mitre.org/cgi-
bin/cvename.cgi?name=2013-4531

** CVE added: http://www.cve.mitre.org/cgi-
bin/cvename.cgi?name=2013-4533

** CVE added: http://www.cve.mitre.org/cgi-
bin/cvename.cgi?name=2013-4534

** CVE added: http://www.cve.mitre.org/cgi-
bin/cvename.cgi?name=2013-4537

** CVE added: http://www.cve.mitre.org/cgi-
bin/cvename.cgi?name=2013-4538

** CVE added: http://www.cve.mitre.org/cgi-
bin/cvename.cgi?name=2013-4539

** CVE added: http://www.cve.mitre.org/cgi-
bin/cvename.cgi?name=2013-4540

** CVE added: http://www.cve.mitre.org/cgi-
bin/cvename.cgi?name=2013-6399

** CVE added: http://www.cve.mitre.org/cgi-
bin/cvename.cgi?name=2014-0182

** CVE added: http://www.cve.mitre.org/cgi-
bin/cvename.cgi?name=2014-0222

** CVE added: http://www.cve.mitre.org/cgi-
bin/cvename.cgi?name=2014-0223

-- 
You received this bug notification because you are a member of Ubuntu
Server Team, which is subscribed to qemu in Ubuntu.
https://bugs.launchpad.net/bugs/1322204

Title:
  image format input validation fixes tracking bug

To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/qemu/+bug/1322204/+subscriptions

-- 
Ubuntu-server-bugs mailing list
Ubuntu-server-bugs@lists.ubuntu.com
Modify settings or unsubscribe at: 
https://lists.ubuntu.com/mailman/listinfo/ubuntu-server-bugs

Reply via email to