Package qemu-system: Information

    Binary package: qemu-system
    Version: 2.5.1.1-alt0.M70C.5
    Architecture: x86_64
    Build time:  Oct 9, 2017, 11:37 AM in the task #188849
    Source package: qemu
    Category: Emulators
    Report package bug
    Gear: https://git.altlinux.org/gears/q/qemu.git?a=tree;hb=de4e0050d65d…
    Download: qemu-system-2.5.1.1-alt0.M70C.5.x86_64.rpm
    Build log: https://git.altlinux.org/tasks/188849/build/100/x86_64/log
    Home page: http://www.nongnu.org/qemu/
    License: GPL/LGPL/BSD
    Summary: QEMU CPU Emulator - full system emulation
    Description: 
    Full system emulation.  In this mode, QEMU emulates a full system
(for example a PC), including a processor and various peripherials.
It can be used to launch different Operating Systems without rebooting
the PC or to debug system code.
    Maintainer: Vladimir D. Seleznev
    List of contributors:
    Vladimir D. Seleznev
    Denis Medvedev
    Anton V. Boyarshinov
    Alexey Shabalin
    George V. Kouryachy
    Ivan Ovcherenko
    Dmitry V. Levin
    Eugeny A. Rostovtsev
    Sergey Bolshakov
    Kirill A. Shutemov
    Alexey Tourbin
    Kachalov Anton

    Last changed

    Sept. 26, 2017 Vladimir D. Seleznev 2.5.1.1-alt0.M70C.5
    - Fixes:
  + CVE-2017-13672: vga: OOB read access during display update
  + CVE-2017-8380: scsi: off-by-one error in megasas_mmio_wri allows remote
    attackers to have unspecified impact via unknown vectors
  + CVE-2017-12809: ide: flushing of empty CDROM drives leads to NULL dereference
  + CVE-2017-10664: qemu-nbd: server breaks with SIGPIPE upon client abort
    Sept. 14, 2017 Vladimir D. Seleznev 2.5.1.1-alt0.M70C.4
    - Fixes:
  + CVE-2017-9374 usb: ehci host memory leakage during hotunplug
  + CVE-2017-9375 usb: xhci infinite recursive call via xhci_kick_ep
  + CVE-2017-9373 ide: ahci host memory leakage during hotunplug
  + CVE-2017-9503 scsi: null pointer dereference while processing megasas command
  + CVE-2017-9330 usb: ohci: infinite loop due to incorrect return value
  + CVE-2017-8379 input: host memory lekage via keyboard
  + CVE-2017-8309 audio: memory leak by repeatedly starting and stopping audio capture
  + CVE-2017-8112 scsi: vmw_pvscsi: infinite loop in pvscsi_log2
  + CVE-2017-8284 user-to-root privesc inside VM via bad translation caching
  + CVE-2017-7718 display: cirrus: OOB read access issue
  + CVE-2015-8345 net: eepro100: infinite loop in processing command block list
    April 3, 2017 Denis Medvedev 2.5.1.1-alt0.M70C.3
    - CVE-2017-6505, CVE-2017-5987, CVE-2017-5973,
  CVE-2017-5898, CVE-2017-5857,
  CVE-2017-5856, CVE-2017-5667,
  CVE-2017-5579, CVE-2017-5578,
  CVE-2017-5552, CVE-2017-5526,
  CVE-2017-5525 fixed
    VKontakte|Telegram|YouTube|Forum|GitHub|Bugzilla
    Version: v24.4.2
    Back to top