1. Forum
  2. Usenet
  3. LINUX.DEBIAN.ANNOUNCE.SEC

  • [SECURITY] [DSA 3925-1] qemu security update

    From Moritz Muehlenhoff@1:229/2 to All on Fri Aug 4 22:30:01 2017
    From: [email protected]

    -----BEGIN PGP SIGNED MESSAGE-----
    Hash: SHA256

    - ------------------------------------------------------------------------- Debian Security Advisory DSA-3925-1 [email protected] https://www.debian.org/security/ Moritz Muehlenhoff August 04, 2017 https://www.debian.org/security/faq
    - -------------------------------------------------------------------------

    Package : qemu
    CVE ID : CVE-2017-9524 CVE-2017-10806 CVE-2017-11334
    CVE-2017-11443
    Debian Bug : 865755 869171 869173 867751 869945

    Multiple vulnerabilities were found in qemu, a fast processor emulator:

    CVE-2017-9524

    Denial of service in qemu-nbd server

    CVE-2017-10806

    Buffer overflow in USB redirector

    CVE-2017-11334

    Out-of-band memory access in DMA operations

    CVE-2017-11443

    Out-of-band memory access in SLIRP/DHCP

    For the stable distribution (stretch), these problems have been fixed in version 1:2.8+dfsg-6+deb9u2.

    We recommend that you upgrade your qemu packages.

    Further information about Debian Security Advisories, how to apply
    these updates to your system and frequently asked questions can be
    found at: https://www.debian.org/security/

    Mailing list: [email protected]
    -----BEGIN PGP SIGNATURE-----

    iQIzBAEBCAAdFiEEtuYvPRKsOElcDakFEMKTtsN8TjYFAlmE15kACgkQEMKTtsN8 TjaNEg/+L/yuHsmAxhl3y58o45/fwjqr12HMkIEOCsrgEpZ9PWiwU2xyAh0Yqw4v 6JoTxpShjJyPA42KpPM/rd71hBnauRYAfRrvCysCq5qGlJjUg6QjMbVtwdC867F/ xZNarFoUOitD1G55OzSDdfriWqCAVtPD/ZbdHpxFg1+k4yhR6aBtImsGxm/zRn2d u8dierVzQd3YC99qLQS/+xum4livwYpqUyQccIKW+wwTttAd+M6eMXirPMq/JaX8 qsIbGndSSku9TBN1loDG5N6Jx+LkdS1inDiTSXee14s1bcGStJmnK2IU+doZf4l1 TtUsOF+f/c8v3FQkh/S2eT/61ChtJ2TTUTs703i94i0AuGsSoeCHpbIR1QLYcFAY fl9JixM1UzAB5Q/DzStMSYv6Vom7Z6tTKlavDHHyfu/rtel0IZP+5WsGPJhBWeNJ 6ODe71hrH9fVTHOsJT7QY5cEPiQHVj9vd15yN7fQHNl6UPDk3hHJMN9QGIuKMHHz szOU5VfuDs/yj6oTO/SHfp+LRK4hK+D3hASJYkl14J2hvyF3IGwxL51CdcYNEI6H pgHdjzojxbmad7zgur50fgODvF+Kv6tpd5pkkkynX7xJTXyRxvwjwBV7tUIYOxjB sqSGzW+GJpBFZTFBAx5ariqnMO5Gy6uLlXBGM/imgfDMH+HxJhs=
    =vINB
    -----END PGP SIGNATURE-----

    --- SoupGate-Win32 v1.05
    * Origin: you cannot sedate... all the things you hate (1:229/2)