UbuntuUpdates.org

Package "qemu"

Name: qemu

Description:

This package is just an umbrella for a group of other packages, it has no description.
Description samples from packages in group:

  • extra block backend modules for qemu-system and qemu-utils
  • QEMU full system emulation binaries
  • QEMU full system emulation binaries (arm)
  • QEMU full system emulation binaries (common files)
Latest version: 1:9.0.2+ds-4ubuntu5.2
Release: oracular (24.10)
Level: updates
Repository: main

Links

All versions of this package
Bug fixes

List of files in package
Repository home page

Other versions of "qemu" in Oracular

Repository Area Version
base universe 1:9.0.2+ds-4ubuntu5
base main 1:9.0.2+ds-4ubuntu5
security main 1:9.0.2+ds-4ubuntu5.1
security universe 1:9.0.2+ds-4ubuntu5.1
updates universe 1:9.0.2+ds-4ubuntu5.2
proposed main 1:9.0.2+ds-4ubuntu5.2
proposed universe 1:9.0.2+ds-4ubuntu5.2

Packages in group

Deleted packages are displayed in grey.


Changelog

Version: 1:9.0.2+ds-4ubuntu5.2 2025-01-22 21:06:55 UTC

  qemu (1:9.0.2+ds-4ubuntu5.2) oracular; urgency=medium

  * d/p/u/lp-2091099-fix-9p-regression-cve-2023-2861.patch: Fix
    regression regarding CVE-2023-2861 affecting 9p filesystems.
    (LP: #2091099)

 -- Sergio Durigan Junior <email address hidden> Tue, 07 Jan 2025 18:18:14 -0500
Source diff to previous version
2091099 [UBUNTU 24.04] OS guest boot issues on 9p filesystem
CVE-2023-2861 A flaw was found in the 9p passthrough filesystem (9pfs) implementation in QEMU. The 9pfs server did not prohibit opening special files on the host s

Version: 1:9.0.2+ds-4ubuntu5.1 2024-11-11 01:07:00 UTC

  qemu (1:9.0.2+ds-4ubuntu5.1) oracular-security; urgency=medium

  * SECURITY UPDATE: denial of service
    - debian/patches/CVE-2024-4693.patch: virtio-pci: Fix the use of
      an uninitialized irqfd
    - CVE-2024-4693
  * SECURITY UPDATE: heap buffer overflow
    - debian/patches/CVE-2024-7730.patch: add max size bounds check in
      input cb
    - CVE-2024-7730

 -- Bruce Cable <email address hidden> Wed, 23 Oct 2024 19:27:58 +1100
CVE-2024-4693 A flaw was found in the QEMU Virtio PCI Bindings (hw/virtio/virtio-pci.c). An improper release and use of the irqfd for vector 0 during the boot proc


About   -   Send Feedback to @ubuntu_updates