Zum Inhalt springen.
Sympa Menü

it-securitynotifies - [IT-SecNots] [SECURITY] [DSA 4733-1] qemu security update

it-securitynotifies AT lists.piratenpartei.de

Betreff: Sicherheitsankündigungen

Listenarchiv

[IT-SecNots] [SECURITY] [DSA 4733-1] qemu security update


Chronologisch Thread 
    < Chronologisch >      < Thread >
  • From: Moritz Muehlenhoff <jmm AT debian.org>
  • To: debian-security-announce AT lists.debian.org
  • Subject: [IT-SecNots] [SECURITY] [DSA 4733-1] qemu security update
  • Date: Fri, 24 Jul 2020 09:14:40 +0000
  • List-archive: https://lists.debian.org/msgid-search/20200724091440.GA3942 AT seger.debian.org
  • List-id: <debian-security-announce.lists.debian.org>
  • List-url: <http://lists.debian.org/debian-security-announce/>
  • Old-dkim-signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed; d=debian.org; s=smtpauto.seger; h=Content-Type:MIME-Version:Message-ID:Subject:To:From: Date:Reply-To:Cc:Content-Transfer-Encoding:Content-ID:Content-Description: In-Reply-To:References; bh=QtR5NdXIPKZticNksgK1P3M8D+JXSRM6xXgvd0Nv0iY=; b=Kp N7NX0a+RAHC1kgZXPf/kvdZVDEf4NP37g1lMS53tumxJlyOti8yVrIlcLDDrUedtVq6I7lbGCfGJi qZwG4c9h7nHIUUfWyWEGfQe+V9VhYXimqaQKfExcGlHqb2EhXfPM/Ib336fB+GF0n9ksVcNzpMYlh HT0Bu9hfwR/3ut9zryFriLt0xrVhu7hy05mX4zq1ahQBLFCMpdtt0x4KZhGo5txlig0rX2OPpi2HC IUDSF3Wk0K6uZPI55bKOiNnapPq8faotYzQAoghslSualr7MJAi5kVzlzq42fEeyledfxHLwT1SFu 8OGZn6F9t4ykR4epBz57mpzKDV9H8B9Q==;
  • Old-return-path: <jmm AT seger.debian.org>
  • Priority: urgent
  • Resent-date: Fri, 24 Jul 2020 09:14:57 +0000 (UTC)
  • Resent-from: debian-security-announce AT lists.debian.org
  • Resent-message-id: <tUhmZQ4i9YC.A.5hC.RaqGfB@bendel>
  • Resent-sender: debian-security-announce-request AT lists.debian.org
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

- -------------------------------------------------------------------------
Debian Security Advisory DSA-4733-1 security AT debian.org
https://www.debian.org/security/ Moritz Muehlenhoff
July 24, 2020 https://www.debian.org/security/faq
- -------------------------------------------------------------------------

Package : qemu
CVE ID : CVE-2020-8608
Debian Bug : 964793

It was discovered that incorrect memory handling in the SLIRP networking
implementation could result in denial of service or potentially the
execution of arbitrary code.

For the stable distribution (buster), this problem has been fixed in
version 1:3.1+dfsg-8+deb10u7. In addition this update fixes a regression
caused by the patch for CVE-2020-13754, which could lead to startup
failures in some Xen setups.

We recommend that you upgrade your qemu packages.

For the detailed security status of qemu please refer to
its security tracker page at:
https://security-tracker.debian.org/tracker/qemu

Further information about Debian Security Advisories, how to apply
these updates to your system and frequently asked questions can be
found at: https://www.debian.org/security/

Mailing list: debian-security-announce AT lists.debian.org
-----BEGIN PGP SIGNATURE-----

iQIzBAEBCgAdFiEEtuYvPRKsOElcDakFEMKTtsN8TjYFAl8aoWMACgkQEMKTtsN8
TjZzPRAAhMYXSscFWDZZssc4NWzRCJ/VMQf2DdsX40Z6QhoU4I3bT8FZjSq0gkWO
f/JBJKCFU/SfnIszoZpTkG7o6dq7OV4naz6t8ytf9WTdOMRi76aOX2Ue5ukxWvP8
oCsLHq6zTg2m8u9WkgCnDsHQm5buGpUEHsvApHeGNsaPoHuVhOXQbaPK+cGqg/fx
sf0shmsByztE7ZtP6+mZooZOg+To8uE/V93s9/zFCdcGQFs40f0KE9Q7yRhX7TLs
IskUeKgjKh0tD2GvteNzfMue9BNyw9XOKlZN4Ea+6P0lJc1nRSUyAAckz1YoJXUH
RAe3Ko9t4FomeQ0LB2QdQFXMErJy2yBMYm95ClOyH3SlUePA961URHWUqKfhMn+W
J9I/HFKNmPl0kHtijcOiuBaDQVDlXhL+sUrkX0bJhOWve81Vmyn2hHcZcUlBWW8M
jf0LykoQAd3vlkuFkiGqUtw6trs2tl8bdbajT6KJe+rR5GCohtOhNcY0UckCnt9v
CSnYdP83OeXb+qQsGP7+GEOFbY+u+ztJp87yl3BjgIsMmTe2akYhF7qtsK03/8qs
hioVeLnH1b10pi5HAAiVtEuTvI/4nyNzIYUmvhWn/5hfmWi6qzYjQCdFP3sxvVPx
QWIga8EFPmul0gsEPRFsxJj1aYPrdmCkxtDp/n94UXeD1YwgJsU=
=qsg/
-----END PGP SIGNATURE-----


  • [IT-SecNots] [SECURITY] [DSA 4733-1] qemu security update, Moritz Muehlenhoff, 24.07.2020

Archiv bereitgestellt durch MHonArc 2.6.19.

Seitenanfang