Format: 1.8 Date: Tue, 28 Jul 2020 13:21:31 +0200 Source: qemu Binary: qemu qemu-block-extra qemu-guest-agent qemu-system qemu-system-arm qemu-system-common qemu-system-gui qemu-system-mips qemu-system-misc qemu-system-ppc qemu-system-s390x qemu-system-sparc qemu-system-x86 qemu-user qemu-user-binfmt qemu-user-static qemu-utils Architecture: riscv64 riscv64_translations Version: 1:5.0-5ubuntu3 Distribution: groovy-proposed Urgency: medium Maintainer: Launchpad Build Daemon Changed-By: Christian Ehrhardt Description: qemu - fast processor emulator, dummy package qemu-block-extra - extra block backend modules for qemu-system and qemu-utils qemu-guest-agent - Guest-side qemu-system agent qemu-system - QEMU full system emulation binaries qemu-system-arm - QEMU full system emulation binaries (arm) qemu-system-common - QEMU full system emulation binaries (common files) qemu-system-gui - QEMU full system emulation binaries (user interface and audio sup qemu-system-mips - QEMU full system emulation binaries (mips) qemu-system-misc - QEMU full system emulation binaries (miscellaneous) qemu-system-ppc - QEMU full system emulation binaries (ppc) qemu-system-s390x - QEMU full system emulation binaries (s390x) qemu-system-sparc - QEMU full system emulation binaries (sparc) qemu-system-x86 - QEMU full system emulation binaries (x86) qemu-user - QEMU user mode emulation binaries qemu-user-binfmt - QEMU user mode binfmt registration for qemu-user qemu-user-static - QEMU user mode emulation binaries (static version) qemu-utils - QEMU utilities Closes: 961297 961451 961887 964247 964289 964793 965109 965381 Launchpad-Bugs-Fixed: 1887763 Changes: qemu (1:5.0-5ubuntu3) groovy; urgency=medium . * d/p/ubuntu/lp-1887763-*: fix TCG sizing that OOMed many small CI environments (LP: #1887763) * Pick further changes for groovy from debian/master since 5.0-5 - ati-vga-check-mm_index-before-recursive-call-CVE-2020-13800.patch Closes: CVE-2020-13800, ati-vga allows guest OS users to trigger infinite recursion via a crafted mm_index value during ati_mm_read or ati_mm_write call. - revert-memory-accept-mismatching-sizes-in-memory_region_access_valid...patch Closes: CVE-2020-13754, possible OOB memory accesses in a bunch of qemu devices which uses min_access_size and max_access_size Memory API fields. Also closes: CVE-2020-13791 - exec-set-map-length-to-zero-when-returning-NULL-CVE-2020-13659.patch CVE-2020-13659: address_space_map in exec.c can trigger a NULL pointer dereference related to BounceBuffer - megasas-use-unsigned-type-for-reply_queue_head-and-check-index...patch Closes: #961887, CVE-2020-13362, megasas_lookup_frame in hw/scsi/megasas.c has an OOB read via a crafted reply_queue_head field from a guest OS user - megasas-use-unsigned-type-for-positive-numeric-fields.patch fix other possible cases like in CVE-2020-13362 (#961887) - megasas-fix-possible-out-of-bounds-array-access.patch Some tracepoints use a guest-controlled value as an index into the mfi_frame_desc[] array. Thus a malicious guest could cause a very low impact OOB errors here - nbd-server-avoid-long-error-message-assertions-CVE-2020-10761.patch Closes: CVE-2020-10761, An assertion failure issue in the QEMU NBD Server. This flaw occurs when an nbd-client sends a spec-compliant request that is near the boundary of maximum permitted request length. A remote nbd-client could use this flaw to crash the qemu-nbd server resulting in a DoS. - es1370-check-total-frame-count-against-current-frame-CVE-2020-13361.patch Closes: CVE-2020-13361, es1370_transfer_audio in hw/audio/es1370.c does not properly validate the frame count, which allows guest OS users to trigger an out-of-bounds access during an es1370_write() operation - a few patches from the stable series: - fix-tulip-breakage.patch The tulip network driver in a qemu-system-hppa emulation is broken in the sense that bigger network packages aren't received any longer and thus even running e.g. "apt update" inside the VM fails. Fix this. - 9p-lock-directory-streams-with-a-CoMutex.patch Prevent deadlocks in 9pfs readdir code - net-do-not-include-a-newline-in-the-id-of-nic-device.patch Fix newline accidentally sneaked into id string of a nic - qemu-nbd-close-inherited-stderr.patch - virtio-balloon-fix-free-page-hinting-check-on-unreal.patch - virtio-balloon-fix-free-page-hinting-without-an-iothread.patch - virtio-balloon-unref-the-iothread-when-unrealizing.patch - acpi-tmr-allow-2-byte-reads.patch (Closes: #964247) - reapply CVE-2020-13253 fixed from upstream: sdcard-simplify-realize-a-bit.patch (preparation for the next patch) sdcard-dont-allow-invalid-SD-card-sizes.patch (half part of CVE-2020-13253) sdcard-update-coding-style-to-make-checkpatch-happy.patch (preparational) sdcard-dont-switch-to-ReceivingData-if-address-is-in..-CVE-2020-13253.patch Closes: #961297, CVE-2020-13253 - linux-user-refactor-ipc-syscall-and-support-of-semtimedop.patch (Closes: #965109) - linux-user-add-netlink-RTM_SETLINK-command.patch (Closes: #964289) - d/control: since qemu-system-data now contains module(s), it can't be multi-arch. Ditto for qemu-block-extra. - qemu-system-foo: depend on exact version of qemu-system-data, due to the latter having modules - acpi-allow-accessing-acpi-cnt-register-by-byte.patch' (Closes: #964793) This is another incarnation of the recent bugfix which actually enabled memory access constraints, like #964247 - acpi-accept-byte-and-word-access-to-core-ACPI-registers.patch this replace acpi-allow-accessing-acpi-cnt-register-by-byte.patch and acpi-tmr-allow-2-byte-reads.patch, a more complete fix - xhci-fix-valid.max_access_size-to-access-address-registers.patch fix one more incarnation of the breakage after the CVE-2020-13754 fix - do not install outdated (0.12 and before) Changelog (Closes: #965381) - xgmac-fix-buffer-overflow-in-xgmac_enet_send-CVE-2020-15863.patch ARM-only XGMAC NIC, possible buffer overflow during packet transmission Closes: CVE-2020-15863 - sm501 OOB read/write due to integer overflow in sm501_2d_operation() List of patches: sm501-convert-printf-abort-to-qemu_log_mask.patch sm501-shorten-long-variable-names-in-sm501_2d_operation.patch sm501-use-BIT-macro-to-shorten-constant.patch sm501-clean-up-local-variables-in-sm501_2d_operation.patch sm501-replace-hand-written-implementation-with-pixman-CVE-2020-12829.patch Closes: #961451, CVE-2020-12829 - riscv-allow-64-bit-access-to-SiFive-CLINT.patch another fix for revert-memory-accept-.. CVE-2020-13754 - seabios-hppa-fno-ipa-sra.patch fix ftbfs with gcc-10 Checksums-Sha1: c2e318e8b87d6d7d34d1f19d7b2acbf95e961f83 170508 qemu-block-extra-dbgsym_5.0-5ubuntu3_riscv64.ddeb d1381ad8a7673cb4702101f4202c6b053b82847b 45068 qemu-block-extra_5.0-5ubuntu3_riscv64.deb 1050e2cfab6abf5754c27efca049e226de3d46bd 566852 qemu-guest-agent-dbgsym_5.0-5ubuntu3_riscv64.ddeb cc9c33982694d262c6dfb31e751b44c13423db52 190992 qemu-guest-agent_5.0-5ubuntu3_riscv64.deb fe59271dce55f2ee8f1f24eebbd3439f01fb3715 40558872 qemu-system-arm-dbgsym_5.0-5ubuntu3_riscv64.ddeb 56274ce6152c5deeed3a8fbe094a50d168626e7a 7174380 qemu-system-arm_5.0-5ubuntu3_riscv64.deb fd6df824ee0d64adbf82dbe0efe6383db26f973f 6186792 qemu-system-common-dbgsym_5.0-5ubuntu3_riscv64.ddeb c08d138852e46bf916ce088c00b30d1b7ae62979 1649076 qemu-system-common_5.0-5ubuntu3_riscv64.deb c213db18a51dde565144098f8ecc14f6eb6e5460 109816 qemu-system-gui-dbgsym_5.0-5ubuntu3_riscv64.ddeb 662bb21199727ac520daafd3942636b285f3ef2f 40336 qemu-system-gui_5.0-5ubuntu3_riscv64.deb a40dae271ae64e5161d1ebc51fe0ddf1da5042b4 66457988 qemu-system-mips-dbgsym_5.0-5ubuntu3_riscv64.ddeb 34d676e25f74183dd5665b0b3785cc39f969f7da 11695232 qemu-system-mips_5.0-5ubuntu3_riscv64.deb fac4d942383b2e784a928a90f1a4e86d44b08f0b 215786840 qemu-system-misc-dbgsym_5.0-5ubuntu3_riscv64.ddeb 445bd956201eca1a7676f73166c57ce36683101a 33824124 qemu-system-misc_5.0-5ubuntu3_riscv64.deb 1d3d62fc16b9b5c939dd67bc645f547b598d9513 34441240 qemu-system-ppc-dbgsym_5.0-5ubuntu3_riscv64.ddeb 59e668dedf8621afa22b6280e127e0493f0bbf8b 6287968 qemu-system-ppc_5.0-5ubuntu3_riscv64.deb dbb965bdc977b48c0a6f17a2a5785d3dffd903db 12338068 qemu-system-s390x-dbgsym_5.0-5ubuntu3_riscv64.ddeb a116a67bf6f078fc0c6bcc744fb42c9975cc85ed 2293156 qemu-system-s390x_5.0-5ubuntu3_riscv64.deb b5e75bf8ccb3ba809a9c60518a2a8a8b70738286 23890900 qemu-system-sparc-dbgsym_5.0-5ubuntu3_riscv64.ddeb bbbf2c136cd98160d30d2e98b81f05e3a981b481 4476780 qemu-system-sparc_5.0-5ubuntu3_riscv64.deb 666956e14f77eb593d317a7e193d6788722308ee 32288580 qemu-system-x86-dbgsym_5.0-5ubuntu3_riscv64.ddeb 558cbee2354e9200e0adf4df6446be912f8888d8 6040888 qemu-system-x86_5.0-5ubuntu3_riscv64.deb fa882e48f2313c4ffadfae5acb3d0239754c4f4b 12244 qemu-system_5.0-5ubuntu3_riscv64.deb 4223fceabb880e162dfdefe844023bd82707286e 3204 qemu-user-binfmt_5.0-5ubuntu3_riscv64.deb ce4518b1914ed7c1885803bcf44126109f2e1f2a 157191680 qemu-user-dbgsym_5.0-5ubuntu3_riscv64.ddeb 806635b599665d5d14036025ac9822d3172c611d 168528868 qemu-user-static-dbgsym_5.0-5ubuntu3_riscv64.ddeb 4f631ca61ef860e51e8ea828ec0531abf6f01225 17968608 qemu-user-static_5.0-5ubuntu3_riscv64.deb be6126477647195ead4bd6fe6ea62426a6cd7df6 14663304 qemu-user_5.0-5ubuntu3_riscv64.deb 72f2aae07292d981c89bbd292e36b859ed8af7d8 10036536 qemu-utils-dbgsym_5.0-5ubuntu3_riscv64.ddeb 0c66330c87b3eb0b5c3f3b6a44f1f17f803831d1 875804 qemu-utils_5.0-5ubuntu3_riscv64.deb 52950cdc340fbf806a58aeca21a8e41cd09d431e 27817 qemu_5.0-5ubuntu3_riscv64.buildinfo 968dbc19de6a9ebf17d73eb72d5318f30e0b1d54 18388 qemu_5.0-5ubuntu3_riscv64.deb 80be6548a796f2d8744bd69c3b20ced02420aaf6 5302 qemu_5.0-5ubuntu3_riscv64_translations.tar.gz Checksums-Sha256: 1a44f81d5cf89ec8559520dbfa8546d62701c9c38616f3ca06898e9d24de4431 170508 qemu-block-extra-dbgsym_5.0-5ubuntu3_riscv64.ddeb ac2e2d045be2db030b16707661ee612ba6b3a2485f29d2e5fd0e6159c2ae1326 45068 qemu-block-extra_5.0-5ubuntu3_riscv64.deb c44b9837b13a9574424457d5b1ae08426d3fe4422a83a7cafaf5cbcb03c267d9 566852 qemu-guest-agent-dbgsym_5.0-5ubuntu3_riscv64.ddeb 99fd714de474e6c4ea7caa7f9ad999e9188cbd5aaa2b0b7586a9d116f9f27ccf 190992 qemu-guest-agent_5.0-5ubuntu3_riscv64.deb 2dbbc99672f6565b447c1624809becfa1fba6b0a1aca6b1433d07a7f6de6c923 40558872 qemu-system-arm-dbgsym_5.0-5ubuntu3_riscv64.ddeb fcf6d812631b20af0afcf8c3903f0402c2bc4263436a2a53d4e4e6d6643438c5 7174380 qemu-system-arm_5.0-5ubuntu3_riscv64.deb 1a492fdb97aac7657e5e0e26292c9d4e596377a24e69401c184190e2c3d535b1 6186792 qemu-system-common-dbgsym_5.0-5ubuntu3_riscv64.ddeb 1c265481b1c996c88ba9307fab2ac4951913349be53c7cbc0e2e7bcf08d15b78 1649076 qemu-system-common_5.0-5ubuntu3_riscv64.deb 1e6ba2c13c3193162577a376b23c54caf32d20395ef0224af52cb1b1fbd0a1b9 109816 qemu-system-gui-dbgsym_5.0-5ubuntu3_riscv64.ddeb ac50a36de7dd84da6edb6a8eb295b4ed2c8602b0be7c4d95ffaa2f7432cf8797 40336 qemu-system-gui_5.0-5ubuntu3_riscv64.deb 43aa82c8809161017077da336088cf4f637bcd7d8403b7cb50a71ca80a75ba7e 66457988 qemu-system-mips-dbgsym_5.0-5ubuntu3_riscv64.ddeb 6a641dd3532ae26ac7c8e6af439bed93691862dd6a9ade282f951d5bf04ab3c7 11695232 qemu-system-mips_5.0-5ubuntu3_riscv64.deb f234750fad768371c751d608d0a14b85f4ef43b711e6f949840cdbcb43349ec5 215786840 qemu-system-misc-dbgsym_5.0-5ubuntu3_riscv64.ddeb 1b5154966054c4f67c19d559c581a8f39d36d3fcf5c7314b858b90467b17bf81 33824124 qemu-system-misc_5.0-5ubuntu3_riscv64.deb 7637cdcbd7bce3da306a7eb507da2ed4830244ab8b58a2acfbe5d084c5b397cc 34441240 qemu-system-ppc-dbgsym_5.0-5ubuntu3_riscv64.ddeb 6c1393467f42f41ef67e9823179f796fdddd65883a9dfa980c5a3d4e3ab72d9c 6287968 qemu-system-ppc_5.0-5ubuntu3_riscv64.deb 4690282dfcf2ac7e5ab36aca50011f2c5fda5421ee3db025e06e1bf1d257bb61 12338068 qemu-system-s390x-dbgsym_5.0-5ubuntu3_riscv64.ddeb 0abe9be0e0dd61a5bf30c1fb348c0090aae6b3403051a3ba72bbb70ea1176ccf 2293156 qemu-system-s390x_5.0-5ubuntu3_riscv64.deb e03e57f1c5d1310de009babc9aa8200bd16d7ae0a5c3b128523f592168ddecea 23890900 qemu-system-sparc-dbgsym_5.0-5ubuntu3_riscv64.ddeb 8eef66c4edb8627598d21458fe11b9ae579d456b6774f02c5718a32ab74be474 4476780 qemu-system-sparc_5.0-5ubuntu3_riscv64.deb 72cdcd0693cf0ce185cce79084fa65093a7dcc1c4aa7f7dc2c06cb26a8cc2db9 32288580 qemu-system-x86-dbgsym_5.0-5ubuntu3_riscv64.ddeb e4f5713c030f2c8586579d577301ae25999cda4c97f2d2c45d83be4f0067b771 6040888 qemu-system-x86_5.0-5ubuntu3_riscv64.deb 0d4336937b768a58a337cf080d1ed675e65d9879e78f384416c742080ce5c249 12244 qemu-system_5.0-5ubuntu3_riscv64.deb 292a12f446a56dbb49e8d040a9f9dad1e9bb6b679e075f77bd8d22942b6c5b53 3204 qemu-user-binfmt_5.0-5ubuntu3_riscv64.deb f77ba34eca03a7ce21831065545d808c86e0b8068e519b1734d70d64afeef706 157191680 qemu-user-dbgsym_5.0-5ubuntu3_riscv64.ddeb d9943cde44b7db6e6b7c6a0dd163002cdf73dabc1854eb81846a23f63944f589 168528868 qemu-user-static-dbgsym_5.0-5ubuntu3_riscv64.ddeb d11cdf06e1a0867f15944ed579b5cd6f2cade341c8f07cd69450accedf382f49 17968608 qemu-user-static_5.0-5ubuntu3_riscv64.deb bcbcf66db55c590585c362a9fb9c1e2490845f7234845c788ccd7433db9b456c 14663304 qemu-user_5.0-5ubuntu3_riscv64.deb 056a46a50505fc83aeb481d1bac018c3a8093ad6c02f4bec68e142437f61aa5e 10036536 qemu-utils-dbgsym_5.0-5ubuntu3_riscv64.ddeb 52a281135f5d05e4f7a52f000da1f773c2932fc566f52c106f8f7d5dab9f961a 875804 qemu-utils_5.0-5ubuntu3_riscv64.deb ef50dac6778926725d27fe97154f07dcec20a89c7427b5175b08162906a43862 27817 qemu_5.0-5ubuntu3_riscv64.buildinfo 2b44c9bc82873e0b8e0f57319eefef004b8b2ddae76f4455d631cd89fca45485 18388 qemu_5.0-5ubuntu3_riscv64.deb fd9e9418ddec1cf0e217a52ab52835d0b31ee8e88d7ffa2ac4aa86572e9eb042 5302 qemu_5.0-5ubuntu3_riscv64_translations.tar.gz Files: 63a085ddcceea6070e794344790869a8 170508 debug optional qemu-block-extra-dbgsym_5.0-5ubuntu3_riscv64.ddeb 1c6c9385c47dab978da2a59884c78b18 45068 otherosfs optional qemu-block-extra_5.0-5ubuntu3_riscv64.deb 5e144d125bb841220820650714a055a4 566852 debug optional qemu-guest-agent-dbgsym_5.0-5ubuntu3_riscv64.ddeb ee20eb2f84004948b5a9542a7102eb12 190992 otherosfs optional qemu-guest-agent_5.0-5ubuntu3_riscv64.deb c8495baa9f856bc8b0ea36d0e38253ec 40558872 debug optional qemu-system-arm-dbgsym_5.0-5ubuntu3_riscv64.ddeb 2ab6840a67c6a1bf418495d35fcc708a 7174380 otherosfs optional qemu-system-arm_5.0-5ubuntu3_riscv64.deb 54ca413200b79309b590cd16c095f82e 6186792 debug optional qemu-system-common-dbgsym_5.0-5ubuntu3_riscv64.ddeb 324abc6f2a8e6375aa12568b7cc46ae6 1649076 otherosfs optional qemu-system-common_5.0-5ubuntu3_riscv64.deb dc7638f4bf3a4eba016f9f5a924ebf9b 109816 debug optional qemu-system-gui-dbgsym_5.0-5ubuntu3_riscv64.ddeb d82d3ff1e26ecb10e892123da18a1225 40336 otherosfs optional qemu-system-gui_5.0-5ubuntu3_riscv64.deb 8a4fc4af02bc94783020d6ae8703311d 66457988 debug optional qemu-system-mips-dbgsym_5.0-5ubuntu3_riscv64.ddeb d56acaab55e09ef3c7dc1e26771a3327 11695232 otherosfs optional qemu-system-mips_5.0-5ubuntu3_riscv64.deb aa84ce2f54fcde0bedcdc900b5a0f61b 215786840 debug optional qemu-system-misc-dbgsym_5.0-5ubuntu3_riscv64.ddeb 9f54ad2ff88395c68c92f1c352c1647c 33824124 otherosfs optional qemu-system-misc_5.0-5ubuntu3_riscv64.deb 9b63d09bbd54f35ce58669db047b2b09 34441240 debug optional qemu-system-ppc-dbgsym_5.0-5ubuntu3_riscv64.ddeb 5e169313473dbb1c5318b2846927ccf5 6287968 otherosfs optional qemu-system-ppc_5.0-5ubuntu3_riscv64.deb 27ff2516f43d9c0fcd37f6b91c238fa1 12338068 debug optional qemu-system-s390x-dbgsym_5.0-5ubuntu3_riscv64.ddeb b39eb245b85b276c5d28dcacf5df7dab 2293156 otherosfs optional qemu-system-s390x_5.0-5ubuntu3_riscv64.deb ead689238e46a42b1ddba6729432775b 23890900 debug optional qemu-system-sparc-dbgsym_5.0-5ubuntu3_riscv64.ddeb 08204c1c8ae249bd4043ddb2f0cadb3c 4476780 otherosfs optional qemu-system-sparc_5.0-5ubuntu3_riscv64.deb 61df557eb8e2b60c9f4a24a14eeb3378 32288580 debug optional qemu-system-x86-dbgsym_5.0-5ubuntu3_riscv64.ddeb e70f5e88272508db20f87d622e5547ce 6040888 otherosfs optional qemu-system-x86_5.0-5ubuntu3_riscv64.deb f0fa6ad026d0ba0ce8859bd47da30893 12244 otherosfs optional qemu-system_5.0-5ubuntu3_riscv64.deb 52bc12c60d9e00db73768982f8b3b0e6 3204 otherosfs optional qemu-user-binfmt_5.0-5ubuntu3_riscv64.deb aacf91aea8218228a78c7612522ea5cd 157191680 debug optional qemu-user-dbgsym_5.0-5ubuntu3_riscv64.ddeb 0a8fbd2ed4722bb172602dd7ab21f154 168528868 debug optional qemu-user-static-dbgsym_5.0-5ubuntu3_riscv64.ddeb f5561ac4b9fb73aa8c8f5a1f730760ab 17968608 otherosfs optional qemu-user-static_5.0-5ubuntu3_riscv64.deb 660c544be6f4722b8e1aad17e3a7aee1 14663304 otherosfs optional qemu-user_5.0-5ubuntu3_riscv64.deb 1000115ed7b5117a95c9e83ea26c69ce 10036536 debug optional qemu-utils-dbgsym_5.0-5ubuntu3_riscv64.ddeb ba00a4ec6a35f49d3aaf082d5d6e5969 875804 otherosfs optional qemu-utils_5.0-5ubuntu3_riscv64.deb 88efc4823f1f2b26848549fce74faa91 27817 otherosfs optional qemu_5.0-5ubuntu3_riscv64.buildinfo dc04d86f9d7b4f842cc6f87410010b37 18388 oldlibs optional qemu_5.0-5ubuntu3_riscv64.deb 6d85c3498c8b452536e1358231fae2a4 5302 raw-translations - qemu_5.0-5ubuntu3_riscv64_translations.tar.gz Original-Maintainer: Debian QEMU Team