Debian: DSA-4454-1: qemu security update

    Date30 May 2019
    CategoryDebian
    5791
    Posted ByLinuxSecurity Advisories
    Multiple security issues were discovered in QEMU, a fast processor emulator, which could result in denial of service, the execution of arbitrary code or information disclosure.
    -----BEGIN PGP SIGNED MESSAGE-----
    Hash: SHA512
    
    - -------------------------------------------------------------------------
    Debian Security Advisory DSA-4454-1                   This email address is being protected from spambots. You need JavaScript enabled to view it.
    https://www.debian.org/security/                       Moritz Muehlenhoff
    May 30, 2019                          https://www.debian.org/security/faq
    - -------------------------------------------------------------------------
    
    Package        : qemu
    CVE ID         : CVE-2018-11806 CVE-2018-12617 CVE-2018-16872 CVE-2018-17958 
                     CVE-2018-18849 CVE-2018-18954 CVE-2018-19364 CVE-2018-19489 
                     CVE-2019-3812 CVE-2019-6778 CVE-2019-9824 CVE-2019-12155
    
    Multiple security issues were discovered in QEMU, a fast processor
    emulator, which could result in denial of service, the execution of
    arbitrary code or information disclosure.
    
    In addition this update backports support to passthrough the new
    md-clear CPU flag added in the intel-microcode update shipped in DSA 4447
    to x86-based guests.
    
    For the stable distribution (stretch), these problems have been fixed in
    version 1:2.8+dfsg-6+deb9u6.
    
    We recommend that you upgrade your qemu packages.
    
    For the detailed security status of qemu please refer to
    its security tracker page at:
    https://security-tracker.debian.org/tracker/qemu
    
    Further information about Debian Security Advisories, how to apply
    these updates to your system and frequently asked questions can be
    found at: https://www.debian.org/security/
    
    Mailing list: This email address is being protected from spambots. You need JavaScript enabled to view it.
    
    You are not authorised to post comments.

    Comments powered by CComment

    LinuxSecurity Poll

    What do you think of the articles on LinuxSecurity?

    No answer selected. Please try again.
    Please select either existing option or enter your own, however not both.
    Please select minimum 0 answer(s) and maximum 3 answer(s).
    /main-polls/24-what-do-you-think-of-the-quality-of-the-articles-on-linuxsecurity?task=poll.vote&format=json
    24
    radio
    [{"id":"87","title":"Excellent, don't change a thing!","votes":"15","type":"x","order":"1","pct":53.57,"resources":[]},{"id":"88","title":"Should be more technical","votes":"4","type":"x","order":"2","pct":14.29,"resources":[]},{"id":"89","title":"Should include more HOWTOs","votes":"9","type":"x","order":"3","pct":32.14,"resources":[]}]["#ff5b00","#4ac0f2","#b80028","#eef66c","#60bb22","#b96a9a","#62c2cc"]["rgba(255,91,0,0.7)","rgba(74,192,242,0.7)","rgba(184,0,40,0.7)","rgba(238,246,108,0.7)","rgba(96,187,34,0.7)","rgba(185,106,154,0.7)","rgba(98,194,204,0.7)"]350
    bottom200

    We use cookies to provide and improve our services. By using our site, you consent to our Cookie Policy.