Format: 1.8
Date: Tue, 12 Aug 2014 13:30:27 -0400
Source: qemu-kvm
Binary: qemu-kvm qemu-utils qemu-common kvm qemu
Architecture: amd64
Version: 1.0+noroms-0ubuntu14.17
Distribution: precise
Urgency: medium
Maintainer: Ubuntu/amd64 Build Daemon <buildd@phianna.buildd>
Changed-By: Marc Deslauriers <marc.deslauriers@ubuntu.com>
Description: 
 kvm        - dummy transitional package from kvm to qemu-kvm
 qemu       - dummy transitional package from qemu to qemu-kvm
 qemu-common - qemu common functionality (bios, documentation, etc)
 qemu-kvm   - Full virtualization on i386 and amd64 hardware
 qemu-utils - qemu utilities
Launchpad-Bugs-Fixed: 1322204
Changes: 
 qemu-kvm (1.0+noroms-0ubuntu14.17) precise-security; urgency=medium
 .
   * SECURITY UPDATE: denial of service and possible code exection via
     incorrect image format validation (LP: #1322204)
     - debian/patches/CVE-2014-0142.patch: validate extent_size header field
       in block/bochs.c, validate s->tracks in block/parallels.c, validate
       block size in block/vpc.c, backport function to qemu-common.h.
     - CVE-2014-0142
   * SECURITY UPDATE: denial of service and possible code exection via
     incorrect image format validation (LP: #1322204)
     - debian/patches/CVE-2014-0143.patch: validate nb_sectors in
       block.c, validate catalog_size header field in block/bochs.c,
       prevent offsets_size integer overflow in block/cloop.c, fix catalog
       size integer overflow in block/parallels.c, validate new_l1_size in
       block/qcow2-cluster.c, use proper size in block/qcow2-refcount.c,
       check L1 snapshot table size in block/qcow2-snapshot.c, check active
       L1 table size in block/qcow2.c, define max size in block/qcow2.h.
     - CVE-2014-0143
   * SECURITY UPDATE: denial of service and possible code exection via
     incorrect image format validation (LP: #1322204)
     - debian/patches/CVE-2014-0144.patch: validate block sizes and offsets
       in block/cloop.c, check offset in block/curl.c, validate size in
       block/qcow2-refcount.c, check number of snapshots in
       block/qcow2-snapshot.c, check sizes and offsets in block/qcow2.c,
       move structs to block/qcow2.h, check sizes in block/vdi.c,
       prevent overflows in block/vpc.c.
     - CVE-2014-0144
   * SECURITY UPDATE: denial of service and possible code exection via
     incorrect image format validation (LP: #1322204)
     - debian/patches/CVE-2014-0145.patch: check chunk sizes in block/dmg.c,
       use correct size in block/qcow2-snapshot.c.
     - CVE-2014-0145
   * SECURITY UPDATE: denial of service and possible code exection via
     incorrect image format validation (LP: #1322204)
     - debian/patches/CVE-2014-0146.patch: calculate offsets properly in
       block/qcow2.c.
     - CVE-2014-0146
   * SECURITY UPDATE: denial of service and possible code exection via
     incorrect image format validation (LP: #1322204)
     - debian/patches/CVE-2014-0147.patch: use proper sizes in block/bochs.c,
       properly calculate refcounts in block/qcow2-refcount.c, block/qcow2.c.
     - CVE-2014-0147
   * SECURITY UPDATE: multiple buffer overflows on invalid state load
     - debian/patches: added large number of upstream patches pulled from
       git tree.
     - CVE-2013-4148
     - CVE-2013-4151
     - CVE-2013-4527
     - CVE-2013-4529
     - CVE-2013-4530
     - CVE-2013-4531
     - CVE-2013-4532
     - CVE-2013-4533
     - CVE-2013-4534
     - CVE-2013-4535
     - CVE-2013-4536
     - CVE-2013-4537
     - CVE-2013-4538
     - CVE-2013-4539
     - CVE-2013-4540
     - CVE-2013-4541
     - CVE-2013-6399
     - CVE-2014-0182
     - CVE-2014-0222
     - CVE-2014-0223
     - CVE-2014-3461
Checksums-Sha1: 
 a77776a7fe95967306a6b80e2edc8fd14c0150f2 3519888 qemu-kvm_1.0+noroms-0ubuntu14.17_amd64.deb
 eac944eacd02ac549fc961ff0e42745c35c1ee85 356130 qemu-utils_1.0+noroms-0ubuntu14.17_amd64.deb
 b2a9d35d4a5603e2d4be00a93f160fa31e8d6704 2666 qemu_1.0+noroms-0ubuntu14.17_amd64.deb
 9b2aa66254534838ae659f1f640ec250f885df47 3218 kvm_84+dfsg-0ubuntu16+1.0+noroms+0ubuntu14.17_amd64.deb
Checksums-Sha256: 
 00414ede35439c516b3f9eeab08ce04acadf710f11cbd07cc62e03fd6a63a1ea 3519888 qemu-kvm_1.0+noroms-0ubuntu14.17_amd64.deb
 9b50804395e7270ac5cb67005f1867eb0ba88e0a9099e81a89a472c16f8ef098 356130 qemu-utils_1.0+noroms-0ubuntu14.17_amd64.deb
 ab4008f6e939020e4db16378d038fbec7ff2bb8e7f4e4c9399056220a5cbf3cb 2666 qemu_1.0+noroms-0ubuntu14.17_amd64.deb
 08fdb681b54d29ff9aea50d71cfd2aeb081f4512afcb372291fd7ca3a7367ee3 3218 kvm_84+dfsg-0ubuntu16+1.0+noroms+0ubuntu14.17_amd64.deb
Files: 
 416857bcf341f4318deef6e03b0b794a 3519888 misc optional qemu-kvm_1.0+noroms-0ubuntu14.17_amd64.deb
 1bc6db71a4a78a8eef5a610854ae87ca 356130 misc optional qemu-utils_1.0+noroms-0ubuntu14.17_amd64.deb
 76a343179e7d73b58f688dbfc58153f1 2666 misc optional qemu_1.0+noroms-0ubuntu14.17_amd64.deb
 b5a9c9e06f53ffa871272ef7bf5fc292 3218 misc optional kvm_84+dfsg-0ubuntu16+1.0+noroms+0ubuntu14.17_amd64.deb