qemu-kvm 1.0+noroms-0ubuntu14.17 source package in Ubuntu
Changelog
qemu-kvm (1.0+noroms-0ubuntu14.17) precise-security; urgency=medium
* SECURITY UPDATE: denial of service and possible code exection via
incorrect image format validation (LP: #1322204)
- debian/patches/CVE-2014-0142.patch: validate extent_size header field
in block/bochs.c, validate s->tracks in block/parallels.c, validate
block size in block/vpc.c, backport function to qemu-common.h.
- CVE-2014-0142
* SECURITY UPDATE: denial of service and possible code exection via
incorrect image format validation (LP: #1322204)
- debian/patches/CVE-2014-0143.patch: validate nb_sectors in
block.c, validate catalog_size header field in block/bochs.c,
prevent offsets_size integer overflow in block/cloop.c, fix catalog
size integer overflow in block/parallels.c, validate new_l1_size in
block/qcow2-cluster.c, use proper size in block/qcow2-refcount.c,
check L1 snapshot table size in block/qcow2-snapshot.c, check active
L1 table size in block/qcow2.c, define max size in block/qcow2.h.
- CVE-2014-0143
* SECURITY UPDATE: denial of service and possible code exection via
incorrect image format validation (LP: #1322204)
- debian/patches/CVE-2014-0144.patch: validate block sizes and offsets
in block/cloop.c, check offset in block/curl.c, validate size in
block/qcow2-refcount.c, check number of snapshots in
block/qcow2-snapshot.c, check sizes and offsets in block/qcow2.c,
move structs to block/qcow2.h, check sizes in block/vdi.c,
prevent overflows in block/vpc.c.
- CVE-2014-0144
* SECURITY UPDATE: denial of service and possible code exection via
incorrect image format validation (LP: #1322204)
- debian/patches/CVE-2014-0145.patch: check chunk sizes in block/dmg.c,
use correct size in block/qcow2-snapshot.c.
- CVE-2014-0145
* SECURITY UPDATE: denial of service and possible code exection via
incorrect image format validation (LP: #1322204)
- debian/patches/CVE-2014-0146.patch: calculate offsets properly in
block/qcow2.c.
- CVE-2014-0146
* SECURITY UPDATE: denial of service and possible code exection via
incorrect image format validation (LP: #1322204)
- debian/patches/CVE-2014-0147.patch: use proper sizes in block/bochs.c,
properly calculate refcounts in block/qcow2-refcount.c, block/qcow2.c.
- CVE-2014-0147
* SECURITY UPDATE: multiple buffer overflows on invalid state load
- debian/patches: added large number of upstream patches pulled from
git tree.
- CVE-2013-4148
- CVE-2013-4151
- CVE-2013-4527
- CVE-2013-4529
- CVE-2013-4530
- CVE-2013-4531
- CVE-2013-4532
- CVE-2013-4533
- CVE-2013-4534
- CVE-2013-4535
- CVE-2013-4536
- CVE-2013-4537
- CVE-2013-4538
- CVE-2013-4539
- CVE-2013-4540
- CVE-2013-4541
- CVE-2013-6399
- CVE-2014-0182
- CVE-2014-0222
- CVE-2014-0223
- CVE-2014-3461
-- Marc Deslauriers <email address hidden> Tue, 12 Aug 2014 13:30:27 -0400
Upload details
- Uploaded by:
- Marc Deslauriers
- Uploaded to:
- Precise
- Original maintainer:
- Ubuntu Developers
- Architectures:
- any all
- Section:
- misc
- Urgency:
- Medium Urgency
See full publishing history Publishing
| Series | Published | Component | Section |
|---|
Downloads
| File | Size | SHA-256 Checksum |
|---|---|---|
| qemu-kvm_1.0+noroms.orig.tar.gz | 4.7 MiB | 23eecd98460012904455fc94036ff58b99719a595447dc747c6933cc2b4375bf |
| qemu-kvm_1.0+noroms-0ubuntu14.17.diff.gz | 105.6 KiB | c975b0e91426543549da226c3442dc2752debcfb5c85703f831d96b066ce9fea |
| qemu-kvm_1.0+noroms-0ubuntu14.17.dsc | 2.2 KiB | beb7b48a6ad3a747117d523157e8b00ca568ec222ea93ada1d39f7b8c8b45d16 |
Available diffs
Binary packages built by this source
- kvm: dummy transitional package from kvm to qemu-kvm
This transitional package helps users transition from the kvm package to the
qemu-kvm package. Once this package and its dependencies are installed you
can safely remove it.
- qemu: dummy transitional package from qemu to qemu-kvm
This transitional package helps users transition from the qemu package to the
qemu-kvm package. Once this package and its dependencies are installed you
can safely remove it.
- qemu-common: qemu common functionality (bios, documentation, etc)
This package pulls in the various binary bios rom blobs needed to boot
the various emulated architectures, as well as the documentation.
- qemu-kvm: Full virtualization on i386 and amd64 hardware
Using KVM, one can run multiple virtual PCs, each running unmodified Linux or
Windows images. Each virtual machine has private virtualized hardware: a
network card, disk, graphics adapter, etc.
.
KVM (for Kernel-based Virtual Machine) is a full virtualization solution for
Linux hosts on x86 (32 and 64-bit) hardware.
.
KVM is intended for systems where the processor has hardware support for
virtualization, see below for details. All combinations of 32-bit and 64-bit
host and guest systems are supported, except 64-bit guests on 32-bit hosts.
.
KVM requires your system to support hardware virtualization, provided by AMD's
SVM capability or Intel's VT. To find out if your processor has the necessary
support:
.
egrep "flags.*:.*(svm| vmx)" /proc/cpuinfo
.
If it prints anything, the processor provides hardware virtualization
support and is suitable for use with KVM. Without hardware support, you can
use qemu emulation instead.
.
KVM consists of two loadable kernel modules (kvm.ko and either kvm-amd.ko or
kvm-intel.ko) and a userspace component. This package contains the userspace
component, and you can get the kernel modules from the standard kernel images.
.
This package contains support for running virtualized and emulated x86 and
x86-64 machines only. Support for other architectures is provided by the
qemu-linaro source package.
- qemu-utils: qemu utilities
This package provides some utilities for which full qemu-kvm is not needed,
in particular qemu-nbd and qemu-img.
