qemu (1:2.2+dfsg-5expubuntu9.4) vivid-security; urgency=medium
* SECURITY UPDATE: process heap memory disclosure
- debian/patches/CVE-2015-5165.patch: check sizes in hw/net/rtl8139.c.
- CVE-2015-5165
* SECURITY UPDATE: privilege escalation via block device unplugging
- debian/patches/CVE-2015-5166.patch: properly unhook from BlockBackend
in hw/ide/piix.c.
- CVE-2015-5166
* SECURITY UPDATE: privilege escalation via memory corruption in vnc
- debian/patches/CVE-2015-5225.patch: use bytes per scanline to apply
limits in ui/vnc.c.
- CVE-2015-5225
* SECURITY UPDATE: denial of service via virtio-serial
- debian/patches/CVE-2015-5745.patch: don't assume a specific layout
for control messages in hw/char/virtio-serial-bus.c.
- CVE-2015-5745
Date: 2015-08-25 17:41:14.829742+00:00
Changed-By: Marc Deslauriers <[email protected]>
Signed-By: Ubuntu Archive Robot
<[email protected]>
https://launchpad.net/ubuntu/+source/qemu/1:2.2+dfsg-5expubuntu9.4
Sorry, changesfile not available.
--
Vivid-changes mailing list
[email protected]
Modify settings or unsubscribe at:
https://lists.ubuntu.com/mailman/listinfo/vivid-changes