Debian Package Tracker

general

source: qemu (main)
version: 1:2.12+dfsg-3
maintainer: Debian QEMU Team (archive) [DMD]
uploaders: Aurelien Jarno [DMD] – Riku Voipio [DMD] – Michael Tokarev [DMD]
arch: all any
std-ver: 3.9.8
VCS: Git (Browse, QA)

versions [more versions can be listed by madison] [old versions available from snapshot.debian.org]

[pool directory]

o-o-stable: 1.1.2+dfsg-6a+deb7u12
o-o-sec: 1.1.2+dfsg-6+deb7u25
o-o-bpo: 1:2.1+dfsg-12+deb8u5a~bpo70+1
oldstable: 1:2.1+dfsg-12+deb8u6
old-sec: 1:2.1+dfsg-12+deb8u7
old-bpo: 1:2.8+dfsg-3~bpo8+1
stable: 1:2.8+dfsg-6+deb9u4
stable-sec: 1:2.8+dfsg-6+deb9u5
testing: 1:2.12+dfsg-3
unstable: 1:2.12+dfsg-3

versioned links

1.1.2+dfsg-6a+deb7u12: [.dsc, use dget on this link to retrieve source package] [changelog] [copyright] [rules] [control]
1.1.2+dfsg-6+deb7u25: [.dsc, use dget on this link to retrieve source package] [changelog] [copyright] [rules] [control]
2.0.0+dfsg-4~bpo70+1: [.dsc, use dget on this link to retrieve source package] [changelog] [copyright] [rules] [control]
2.1+dfsg-5~bpo70+1: [.dsc, use dget on this link to retrieve source package] [changelog] [copyright] [rules] [control]
1:2.1+dfsg-12+deb8u5a~bpo70+1: [.dsc, use dget on this link to retrieve source package] [changelog] [copyright] [rules] [control]
1:2.1+dfsg-12+deb8u6: [.dsc, use dget on this link to retrieve source package] [changelog] [copyright] [rules] [control]
1:2.1+dfsg-12+deb8u7: [.dsc, use dget on this link to retrieve source package] [changelog] [copyright] [rules] [control]
1:2.7+dfsg-3: [.dsc, use dget on this link to retrieve source package] [changelog] [copyright] [rules] [control]
1:2.8+dfsg-3~bpo8+1: [.dsc, use dget on this link to retrieve source package] [changelog] [copyright] [rules] [control]
1:2.8+dfsg-6+deb9u4: [.dsc, use dget on this link to retrieve source package] [changelog] [copyright] [rules] [control]
1:2.8+dfsg-6+deb9u5: [.dsc, use dget on this link to retrieve source package] [changelog] [copyright] [rules] [control]
1:2.12+dfsg-3: [.dsc, use dget on this link to retrieve source package] [changelog] [copyright] [rules] [control]

binaries

qemu
qemu-block-extra
qemu-guest-agent
qemu-kvm
qemu-system
qemu-system-arm
qemu-system-common
qemu-system-data
qemu-system-gui
qemu-system-mips
qemu-system-misc
qemu-system-ppc
qemu-system-sparc
qemu-system-x86
qemu-user
qemu-user-binfmt
qemu-user-static
qemu-utils

action needed

A new upstream version is available: 3.1.0-rc1 high

A new upstream version 3.1.0-rc1 is available, you should consider packaging it.

Created: 2017-11-21 Last update: 2018-11-17 00:44

62 security issues in jessie high

There are 62 open security issues in jessie.

3 important issues:

CVE-2018-10839: Qemu emulator <= 3.0.0 built with the NE2000 NIC emulation support is vulnerable to an integer overflow, which could lead to buffer overflow issue. It could occur when receiving packets over the network. A user inside guest could use this flaw to crash the Qemu process resulting in DoS.
CVE-2018-17963: qemu_deliver_packet_iov in net/net.c in Qemu accepts packet sizes greater than INT_MAX, which allows attackers to cause a denial of service or possibly have unspecified other impact.
CVE-2018-17962: Qemu has a Buffer Overflow in pcnet_receive in hw/net/pcnet.c because an incorrect integer data type is used.

59 issues skipped by the security teams:

CVE-2016-5106: The megasas_dcmd_set_properties function in hw/scsi/megasas.c in QEMU, when built with MegaRAID SAS 8708EM2 Host Bus Adapter emulation support, allows local guest administrators to cause a denial of service (out-of-bounds write access) via vectors involving a MegaRAID Firmware Interface (MFI) command.
CVE-2016-5105: The megasas_dcmd_cfg_read function in hw/scsi/megasas.c in QEMU, when built with MegaRAID SAS 8708EM2 Host Bus Adapter emulation support, uses an uninitialized variable, which allows local guest administrators to read host memory via vectors involving a MegaRAID Firmware Interface (MFI) command.
CVE-2016-6834: The net_tx_pkt_do_sw_fragmentation function in hw/net/net_tx_pkt.c in QEMU (aka Quick Emulator) allows local guest OS administrators to cause a denial of service (infinite loop and QEMU process crash) via a zero length for the current fragment length.
CVE-2016-2841: The ne2000_receive function in the NE2000 NIC emulation support (hw/net/ne2000.c) in QEMU before 2.5.1 allows local guest OS administrators to cause a denial of service (infinite loop and QEMU process crash) via crafted values for the PSTART and PSTOP registers, involving ring buffer control.
CVE-2016-4454: The vmsvga_fifo_read_raw function in hw/display/vmware_vga.c in QEMU allows local guest OS administrators to obtain sensitive host memory information or cause a denial of service (QEMU process crash) by changing FIFO registers and issuing a VGA command, which triggers an out-of-bounds read.
CVE-2016-6888: Integer overflow in the net_tx_pkt_init function in hw/net/net_tx_pkt.c in QEMU (aka Quick Emulator) allows local guest OS administrators to cause a denial of service (QEMU process crash) via the maximum fragmentation count, which triggers an unchecked multiplication and NULL pointer dereference.
CVE-2017-15124: VNC server implementation in Quick Emulator (QEMU) 2.11.0 and older was found to be vulnerable to an unbounded memory allocation issue, as it did not throttle the framebuffer updates sent to its client. If the client did not consume these updates, VNC server allocates growing memory to hold onto this data. A malicious remote VNC client could use this flaw to cause DoS to the server host.
CVE-2016-4001: Buffer overflow in the stellaris_enet_receive function in hw/net/stellaris_enet.c in QEMU, when the Stellaris ethernet controller is configured to accept large packets, allows remote attackers to cause a denial of service (QEMU crash) via a large packet.
CVE-2016-4002: Buffer overflow in the mipsnet_receive function in hw/net/mipsnet.c in QEMU, when the guest NIC is configured to accept large packets, allows remote attackers to cause a denial of service (memory corruption and QEMU crash) or possibly execute arbitrary code via a packet larger than 1514 bytes.
CVE-2017-10664: qemu-nbd in QEMU (aka Quick Emulator) does not ignore SIGPIPE, which allows remote attackers to cause a denial of service (daemon crash) by disconnecting during a server-to-client reply attempt.
CVE-2016-9105: Memory leak in the v9fs_link function in hw/9pfs/9p.c in QEMU (aka Quick Emulator) allows local guest OS administrators to cause a denial of service (memory consumption) via vectors involving a reference to the source fid object.
CVE-2016-5107: The megasas_lookup_frame function in QEMU, when built with MegaRAID SAS 8708EM2 Host Bus Adapter emulation support, allows local guest OS administrators to cause a denial of service (out-of-bounds read and crash) via unspecified vectors.
CVE-2016-7909: The pcnet_rdra_addr function in hw/net/pcnet.c in QEMU (aka Quick Emulator) allows local guest OS administrators to cause a denial of service (infinite loop and QEMU process crash) by setting the (1) receive or (2) transmit descriptor ring length to 0.
CVE-2016-8910: The rtl8139_cplus_transmit function in hw/net/rtl8139.c in QEMU (aka Quick Emulator) allows local guest OS administrators to cause a denial of service (infinite loop and CPU consumption) by leveraging failure to limit the ring descriptor count.
CVE-2016-4453: The vmsvga_fifo_run function in hw/display/vmware_vga.c in QEMU allows local guest OS administrators to cause a denial of service (infinite loop and QEMU process crash) via a VGA command.
CVE-2016-7170: The vmsvga_fifo_run function in hw/display/vmware_vga.c in QEMU (aka Quick Emulator) allows local guest OS administrators to cause a denial of service (out-of-bounds write and QEMU process crash) via vectors related to cursor.mask[] and cursor.image[] array sizes when processing a DEFINE_CURSOR svga command.
CVE-2016-5238: The get_cmd function in hw/scsi/esp.c in QEMU might allow local guest OS administrators to cause a denial of service (out-of-bounds write and QEMU process crash) via vectors related to reading from the information transfer buffer in non-DMA mode.
CVE-2016-7155: hw/scsi/vmw_pvscsi.c in QEMU (aka Quick Emulator) allows local guest OS administrators to cause a denial of service (out-of-bounds access or infinite loop, and QEMU process crash) via a crafted page count for descriptor rings.
CVE-2016-5403: The virtqueue_pop function in hw/virtio/virtio.c in QEMU allows local guest OS administrators to cause a denial of service (memory consumption and QEMU process crash) by submitting requests without waiting for completion.
CVE-2016-4441: The get_cmd function in hw/scsi/esp.c in the 53C9X Fast SCSI Controller (FSC) support in QEMU does not properly check DMA length, which allows local guest OS administrators to cause a denial of service (out-of-bounds write and QEMU process crash) via unspecified vectors, involving an SCSI command.
CVE-2016-8577: Memory leak in the v9fs_read function in hw/9pfs/9p.c in QEMU (aka Quick Emulator) allows local guest OS administrators to cause a denial of service (memory consumption) via vectors related to an I/O read operation.
CVE-2018-15746: qemu-seccomp.c in QEMU might allow local OS guest users to cause a denial of service (guest crash) by leveraging mishandling of the seccomp policy for threads other than the main thread.
CVE-2018-12617: qmp_guest_file_read in qga/commands-posix.c and qga/commands-win32.c in qemu-ga (aka QEMU Guest Agent) in QEMU 2.12.50 has an integer overflow causing a g_malloc0() call to trigger a segmentation fault when trying to allocate a large memory chunk. The vulnerability can be exploited by sending a crafted QMP command (including guest-file-read with a large count value) to the agent via the listening socket.
CVE-2018-17958: Qemu has a Buffer Overflow in rtl8139_do_receive in hw/net/rtl8139.c because an incorrect integer data type is used.
CVE-2015-8817: QEMU (aka Quick Emulator) built to use 'address_space_translate' to map an address to a MemoryRegionSection is vulnerable to an OOB r/w access issue. It could occur while doing pci_dma_read/write calls. Affects QEMU versions >= 1.6.0 and <= 2.3.1. A privileged user inside guest could use this flaw to crash the guest instance resulting in DoS.
CVE-2016-5126: Heap-based buffer overflow in the iscsi_aio_ioctl function in block/iscsi.c in QEMU allows local guest OS users to cause a denial of service (QEMU process crash) or possibly execute arbitrary code via a crafted iSCSI asynchronous I/O ioctl call.
CVE-2016-2391: The ohci_bus_start function in the USB OHCI emulation support (hw/usb/hcd-ohci.c) in QEMU allows local guest OS administrators to cause a denial of service (NULL pointer dereference and QEMU process crash) via vectors related to multiple eof_timers.
CVE-2017-9375: QEMU (aka Quick Emulator), when built with USB xHCI controller emulator support, allows local guest OS privileged users to cause a denial of service (infinite recursive call) via vectors involving control transfer descriptors sequencing.
CVE-2016-4952: QEMU (aka Quick Emulator), when built with VMWARE PVSCSI paravirtual SCSI bus emulation support, allows local guest OS administrators to cause a denial of service (out-of-bounds array access) via vectors related to the (1) PVSCSI_CMD_SETUP_RINGS or (2) PVSCSI_CMD_SETUP_MSG_RING SCSI command.
CVE-2017-13672: QEMU (aka Quick Emulator), when built with the VGA display emulator support, allows local guest OS privileged users to cause a denial of service (out-of-bounds read and QEMU process crash) via vectors involving display update.
CVE-2016-7156: The pvscsi_convert_sglist function in hw/scsi/vmw_pvscsi.c in QEMU (aka Quick Emulator) allows local guest OS administrators to cause a denial of service (infinite loop and QEMU process crash) by leveraging an incorrect cast.
CVE-2017-11334: The address_space_write_continue function in exec.c in QEMU (aka Quick Emulator) allows local guest OS privileged users to cause a denial of service (out-of-bounds access and guest instance crash) by leveraging use of qemu_map_ram_ptr to access guest ram block area.
CVE-2016-2858: QEMU, when built with the Pseudo Random Number Generator (PRNG) back-end support, allows local guest OS users to cause a denial of service (process crash) via an entropy request, which triggers arbitrary stack based allocation and memory corruption.
CVE-2016-7908: The mcf_fec_do_tx function in hw/net/mcf_fec.c in QEMU (aka Quick Emulator) does not properly limit the buffer descriptor count when transmitting packets, which allows local guest OS administrators to cause a denial of service (infinite loop and QEMU process crash) via vectors involving a buffer descriptor with a length of 0 and crafted values in bd.flags.
CVE-2018-18438: Qemu has integer overflows because IOReadHandler and its associated functions use a signed integer data type for a size value.
CVE-2018-11806: m_cat in slirp/mbuf.c in Qemu has a heap-based buffer overflow via incoming fragmented datagrams.
CVE-2016-7421: The pvscsi_ring_pop_req_descr function in hw/scsi/vmw_pvscsi.c in QEMU (aka Quick Emulator) allows local guest OS administrators to cause a denial of service (infinite loop and QEMU process crash) by leveraging failure to limit process IO loop to the ring size.
CVE-2016-9104: Multiple integer overflows in the (1) v9fs_xattr_read and (2) v9fs_xattr_write functions in hw/9pfs/9p.c in QEMU (aka Quick Emulator) allow local guest OS administrators to cause a denial of service (QEMU process crash) via a crafted offset, which triggers an out-of-bounds access.
CVE-2016-8578: The v9fs_iov_vunmarshal function in fsdev/9p-iov-marshal.c in QEMU (aka Quick Emulator) allows local guest OS administrators to cause a denial of service (NULL pointer dereference and QEMU process crash) by sending an empty string parameter to a 9P operation.
CVE-2016-4037: The ehci_advance_state function in hw/usb/hcd-ehci.c in QEMU allows local guest OS administrators to cause a denial of service (infinite loop and CPU consumption) via a circular split isochronous transfer descriptor (siTD) list, a related issue to CVE-2015-8558.
CVE-2016-9102: Memory leak in the v9fs_xattrcreate function in hw/9pfs/9p.c in QEMU (aka Quick Emulator) allows local guest OS administrators to cause a denial of service (memory consumption and QEMU process crash) via a large number of Txattrcreate messages with the same fid number.
CVE-2016-8909: The intel_hda_xfer function in hw/audio/intel-hda.c in QEMU (aka Quick Emulator) allows local guest OS administrators to cause a denial of service (infinite loop and CPU consumption) via an entry with the same value for buffer length and pointer position.
CVE-2016-6836: The vmxnet3_complete_packet function in hw/net/vmxnet3.c in QEMU (aka Quick Emulator) allows local guest OS administrators to obtain sensitive host memory information by leveraging failure to initialize the txcq_descr object.
CVE-2016-6351: The esp_do_dma function in hw/scsi/esp.c in QEMU (aka Quick Emulator), when built with ESP/NCR53C9x controller emulation support, allows local guest OS administrators to cause a denial of service (out-of-bounds write and QEMU process crash) or execute arbitrary code on the QEMU host via vectors involving DMA read into ESP command buffer.
CVE-2016-9101: Memory leak in hw/net/eepro100.c in QEMU (aka Quick Emulator) allows local guest OS administrators to cause a denial of service (memory consumption and QEMU process crash) by repeatedly unplugging an i8255x (PRO100) NIC device.
CVE-2015-8818: The cpu_physical_memory_write_rom_internal function in exec.c in QEMU (aka Quick Emulator) does not properly skip MMIO regions, which allows local privileged guest users to cause a denial of service (guest crash) via unspecified vectors.
CVE-2016-9103: The v9fs_xattrcreate function in hw/9pfs/9p.c in QEMU (aka Quick Emulator) allows local guest OS administrators to obtain sensitive host heap memory information by reading xattribute values before writing to them.
CVE-2016-4020: The patch_instruction function in hw/i386/kvmvapic.c in QEMU does not initialize the imm32 variable, which allows local guest OS administrators to obtain sensitive information from host stack memory by accessing the Task Priority Register (TPR).
CVE-2016-2857: The net_checksum_calculate function in net/checksum.c in QEMU allows local guest OS users to cause a denial of service (out-of-bounds heap read and crash) via the payload length in a crafted packet.
CVE-2016-5338: The (1) esp_reg_read and (2) esp_reg_write functions in hw/scsi/esp.c in QEMU allow local guest OS administrators to cause a denial of service (QEMU process crash) or execute arbitrary code on the QEMU host via vectors related to the information transfer buffer.
CVE-2016-7116: Directory traversal vulnerability in hw/9pfs/9p.c in QEMU (aka Quick Emulator) allows local guest OS administrators to access host files outside the export path via a .. (dot dot) in an unspecified string.
CVE-2016-9923: Quick Emulator (Qemu) built with the 'chardev' backend support is vulnerable to a use after free issue. It could occur while hotplug and unplugging the device in the guest. A guest user/process could use this flaw to crash a Qemu process on the host resulting in DoS.
CVE-2016-9106: Memory leak in the v9fs_write function in hw/9pfs/9p.c in QEMU (aka Quick Emulator) allows local guest OS administrators to cause a denial of service (memory consumption) by leveraging failure to free an IO vector.
CVE-2016-2392: The is_rndis function in the USB Net device emulator (hw/usb/dev-network.c) in QEMU before 2.5.1 does not properly validate USB configuration descriptor objects, which allows local guest OS administrators to cause a denial of service (NULL pointer dereference and QEMU process crash) via vectors involving a remote NDIS control message packet.
CVE-2016-4439: The esp_reg_write function in hw/scsi/esp.c in the 53C9X Fast SCSI Controller (FSC) support in QEMU does not properly check command buffer length, which allows local guest OS administrators to cause a denial of service (out-of-bounds write and QEMU process crash) or potentially execute arbitrary code on the QEMU host via unspecified vectors.
CVE-2018-18849:
CVE-2016-7161: Heap-based buffer overflow in the .receive callback of xlnx.xps-ethernetlite in QEMU (aka Quick Emulator) allows attackers to execute arbitrary code on the QEMU host via a large ethlite packet.
CVE-2016-5337: The megasas_ctrl_get_info function in hw/scsi/megasas.c in QEMU allows local guest OS administrators to obtain sensitive host memory information via vectors related to reading device control information.
CVE-2016-2538: Multiple integer overflows in the USB Net device emulator (hw/usb/dev-network.c) in QEMU before 2.5.1 allow local guest OS administrators to cause a denial of service (QEMU process crash) or obtain sensitive host memory information via a remote NDIS control message packet that is mishandled in the (1) rndis_query_response, (2) rndis_set_response, or (3) usb_net_handle_dataout function.

Please fix them.

Created: 2015-09-05 Last update: 2018-11-16 19:31

11 security issues in buster high

There are 11 open security issues in buster.

11 important issues:

CVE-2018-17963: qemu_deliver_packet_iov in net/net.c in Qemu accepts packet sizes greater than INT_MAX, which allows attackers to cause a denial of service or possibly have unspecified other impact.
CVE-2018-18954:
CVE-2018-10839: Qemu emulator <= 3.0.0 built with the NE2000 NIC emulation support is vulnerable to an integer overflow, which could lead to buffer overflow issue. It could occur when receiving packets over the network. A user inside guest could use this flaw to crash the Qemu process resulting in DoS.
CVE-2018-18438: Qemu has integer overflows because IOReadHandler and its associated functions use a signed integer data type for a size value.
CVE-2018-11806: m_cat in slirp/mbuf.c in Qemu has a heap-based buffer overflow via incoming fragmented datagrams.
CVE-2018-15746: qemu-seccomp.c in QEMU might allow local OS guest users to cause a denial of service (guest crash) by leveraging mishandling of the seccomp policy for threads other than the main thread.
CVE-2018-17962: Qemu has a Buffer Overflow in pcnet_receive in hw/net/pcnet.c because an incorrect integer data type is used.
CVE-2018-18849:
CVE-2018-16847: An OOB heap buffer r/w access issue was found in the NVM Express Controller emulation in QEMU. It could occur in nvme_cmb_ops routines in nvme device. A guest user/process could use this flaw to crash the QEMU process resulting in DoS or potentially run arbitrary code with privileges of the QEMU process.
CVE-2018-12617: qmp_guest_file_read in qga/commands-posix.c and qga/commands-win32.c in qemu-ga (aka QEMU Guest Agent) in QEMU 2.12.50 has an integer overflow causing a g_malloc0() call to trigger a segmentation fault when trying to allocate a large memory chunk. The vulnerability can be exploited by sending a crafted QMP command (including guest-file-read with a large count value) to the agent via the listening socket.
CVE-2018-17958: Qemu has a Buffer Overflow in rtl8139_do_receive in hw/net/rtl8139.c because an incorrect integer data type is used.

Please fix them.

Created: 2018-06-07 Last update: 2018-11-16 19:31

11 security issues in sid high

There are 11 open security issues in sid.

11 important issues:

CVE-2018-17963: qemu_deliver_packet_iov in net/net.c in Qemu accepts packet sizes greater than INT_MAX, which allows attackers to cause a denial of service or possibly have unspecified other impact.
CVE-2018-18954:
CVE-2018-10839: Qemu emulator <= 3.0.0 built with the NE2000 NIC emulation support is vulnerable to an integer overflow, which could lead to buffer overflow issue. It could occur when receiving packets over the network. A user inside guest could use this flaw to crash the Qemu process resulting in DoS.
CVE-2018-18438: Qemu has integer overflows because IOReadHandler and its associated functions use a signed integer data type for a size value.
CVE-2018-11806: m_cat in slirp/mbuf.c in Qemu has a heap-based buffer overflow via incoming fragmented datagrams.
CVE-2018-15746: qemu-seccomp.c in QEMU might allow local OS guest users to cause a denial of service (guest crash) by leveraging mishandling of the seccomp policy for threads other than the main thread.
CVE-2018-17962: Qemu has a Buffer Overflow in pcnet_receive in hw/net/pcnet.c because an incorrect integer data type is used.
CVE-2018-18849:
CVE-2018-16847: An OOB heap buffer r/w access issue was found in the NVM Express Controller emulation in QEMU. It could occur in nvme_cmb_ops routines in nvme device. A guest user/process could use this flaw to crash the QEMU process resulting in DoS or potentially run arbitrary code with privileges of the QEMU process.
CVE-2018-12617: qmp_guest_file_read in qga/commands-posix.c and qga/commands-win32.c in qemu-ga (aka QEMU Guest Agent) in QEMU 2.12.50 has an integer overflow causing a g_malloc0() call to trigger a segmentation fault when trying to allocate a large memory chunk. The vulnerability can be exploited by sending a crafted QMP command (including guest-file-read with a large count value) to the agent via the listening socket.
CVE-2018-17958: Qemu has a Buffer Overflow in rtl8139_do_receive in hw/net/rtl8139.c because an incorrect integer data type is used.

Please fix them.

Created: 2018-06-07 Last update: 2018-11-16 19:31

lintian reports 3 errors and 10 warnings high

Lintian reports 3 errors and 10 warnings about this package. You should make the package lintian clean getting rid of them.

Created: 2018-04-17 Last update: 2018-10-22 06:19

Standards version of the package is outdated. high

The package is severely out of date with respect to the Debian Policy. The package should be updated to follow the last version of Debian Policy (Standards-Version 4.2.1 instead of 3.9.8).

Created: 2017-07-21 Last update: 2018-08-26 08:16

11 bugs tagged patch in the BTS normal

The BTS contains patches fixing 11 bugs, consider including or untagging them.

Created: 2018-10-01 Last update: 2018-11-16 23:35

Depends on packages which need a new maintainer normal

The packages that qemu depends on which need a new maintainer are:

spice-protocol (#911429)
- Build-Depends: libspice-protocol-dev
usbredir (#911431)
- Build-Depends: libusbredirparser-dev
- Depends: libusbredirparser1 libusbredirparser1 libusbredirparser1 libusbredirparser1 libusbredirparser1 libusbredirparser1
spice (#911427)
- Build-Depends: libspice-server-dev
- Depends: libspice-server1 libspice-server1 libspice-server1 libspice-server1 libspice-server1 libspice-server1

Created: 2018-10-20 Last update: 2018-11-16 22:35

5 new commits since last upload, time to release? normal

vcswatch reports that this package seems to have new commits in its VCS but has not yet updated debian/changelog. You should consider updating the Debian changelog and uploading this new version into the archive.

Here are the relevant commit logs:

commit 3655086c88dc647e06ab726bf9633d63e8cc0021
Author: Michael Tokarev <mjt@tls.msk.ru>
Date:   Thu Jun 14 00:02:14 2018 +0300

    fix -g <port> in qemu-user.1 (#901407)

commit 8c3894f636bd80b4cfb2b1d539acd86e6d5b3d16
Author: Michael Tokarev <mjt@tls.msk.ru>
Date:   Fri Jun 8 18:28:19 2018 +0300

    build nothing for build-indep

commit 7caf516bc9f983ee10c433409f4850ea24eb58fb
Author: Michael Tokarev <mjt@tls.msk.ru>
Date:   Fri Jun 8 18:25:46 2018 +0300

    add qemu-guest-agent.service (#795486)

commit fc18833073661f760eb153f055f9b711beb6f49d
Author: Michael Tokarev <mjt@tls.msk.ru>
Date:   Thu Jun 7 15:19:33 2018 +0300

    enable opengl support and virglrenderer (#813658)

commit e17cf0fbdaae9cd628ef9dcc591dd2c96cabf26f
Author: Michael Tokarev <mjt@tls.msk.ru>
Date:   Thu Jun 7 15:18:29 2018 +0300

    qemu-keymaps is provided by qemu-system-data now; do not conflict with old qemu-system-common

Created: 2018-05-31 Last update: 2018-11-16 10:46

The URL(s) for this package had some recent persistent issues low

DUCK reports some issues concerning upstream URLs defined for this package.

Created: 2018-09-07 Last update: 2018-11-16 22:32

8 ignored security issues in stretch low

There are 8 open security issues in stretch.

8 issues skipped by the security teams:

CVE-2018-18954:
CVE-2018-18438: Qemu has integer overflows because IOReadHandler and its associated functions use a signed integer data type for a size value.
CVE-2018-11806: m_cat in slirp/mbuf.c in Qemu has a heap-based buffer overflow via incoming fragmented datagrams.
CVE-2018-15746: qemu-seccomp.c in QEMU might allow local OS guest users to cause a denial of service (guest crash) by leveraging mishandling of the seccomp policy for threads other than the main thread.
CVE-2017-9503: QEMU (aka Quick Emulator), when built with MegaRAID SAS 8708EM2 Host Bus Adapter emulation support, allows local guest OS privileged users to cause a denial of service (NULL pointer dereference and QEMU process crash) via vectors involving megasas command processing.
CVE-2018-18849:
CVE-2018-12617: qmp_guest_file_read in qga/commands-posix.c and qga/commands-win32.c in qemu-ga (aka QEMU Guest Agent) in QEMU 2.12.50 has an integer overflow causing a g_malloc0() call to trigger a segmentation fault when trying to allocate a large memory chunk. The vulnerability can be exploited by sending a crafted QMP command (including guest-file-read with a large count value) to the agent via the listening socket.
CVE-2018-17958: Qemu has a Buffer Overflow in rtl8139_do_receive in hw/net/rtl8139.c because an incorrect integer data type is used.

Please fix them.

Created: 2017-05-31 Last update: 2018-11-16 19:31

Build log checks report 2 warnings low

Build log checks report 2 warnings

Created: 2018-04-13 Last update: 2018-10-16 18:35

news

[rss feed]

[2018-11-11] Accepted qemu 1:2.8+dfsg-6+deb9u5 (source amd64) into stable->embargoed, stable (Moritz Mühlenhoff)
[2018-09-06] Accepted qemu 1:2.1+dfsg-12+deb8u7 (source amd64) into oldstable (Santiago Ruano Rincón)
[2018-06-07] qemu 1:2.12+dfsg-3 MIGRATED to testing (Debian testing watch)
[2018-06-03] Accepted qemu 1:2.8+dfsg-6+deb9u4 (source) into proposed-updates->stable-new, proposed-updates (Michael Tokarev)
[2018-06-01] Accepted qemu 1:2.12+dfsg-3 (source amd64 all) into unstable (Michael Tokarev)
[2018-06-01] Accepted qemu 1:2.12+dfsg-2 (source amd64 all) into unstable, unstable (Michael Tokarev)
[2018-05-29] Accepted qemu 1:2.8+dfsg-6+deb9u4 (source) into stable->embargoed, stable (Michael Tokarev)
[2018-05-05] qemu 1:2.12+dfsg-1 MIGRATED to testing (Debian testing watch)
[2018-04-26] Accepted qemu 1:2.12+dfsg-1 (source) into unstable (Michael Tokarev)
[2018-04-20] qemu 1:2.12~rc3+dfsg-2 MIGRATED to testing (Debian testing watch)
[2018-04-17] Accepted qemu 1.1.2+dfsg-6+deb7u25 (source all amd64) into oldoldstable (Antoine Beaupré)
[2018-04-15] Accepted qemu 1:2.12~rc3+dfsg-2 (source) into unstable (Michael Tokarev)
[2018-04-12] Accepted qemu 1:2.12~rc3+dfsg-1 (source) into unstable (Michael Tokarev)
[2018-01-16] qemu 1:2.11+dfsg-1 MIGRATED to testing (Debian testing watch)
[2018-01-11] Accepted qemu 1:2.11+dfsg-1 (source) into unstable (Michael Tokarev)
[2017-10-13] qemu 1:2.10.0+dfsg-2 MIGRATED to testing (Debian testing watch)
[2017-10-08] Accepted qemu 1.1.2+dfsg-6+deb7u24 (source all amd64) into oldoldstable (Guido Günther)
[2017-10-08] Accepted qemu 1:2.10.0+dfsg-2 (source) into unstable (Michael Tokarev)
[2017-10-07] Accepted qemu 1:2.8+dfsg-6+deb9u3 (source) into proposed-updates->stable-new, proposed-updates (Michael Tokarev)
[2017-09-29] qemu 1:2.10.0+dfsg-1 MIGRATED to testing (Debian testing watch)
[2017-09-28] Accepted qemu 1:2.8+dfsg-6+deb9u2 (source) into proposed-updates->stable-new, proposed-updates (Michael Tokarev)
[2017-09-23] Accepted qemu 1:2.10.0+dfsg-1 (source) into unstable (Michael Tokarev)
[2017-09-23] Accepted qemu 1:2.10.0-1 (source) into unstable (Michael Tokarev)
[2017-09-07] Accepted qemu 1:2.8+dfsg-6+deb9u1 (source amd64) into proposed-updates->stable-new, proposed-updates (Michael Tokarev)
[2017-08-28] Accepted qemu 1.1.2+dfsg-6+deb7u23 (source all amd64) into oldoldstable (Guido Günther)
[2017-08-07] qemu 1:2.8+dfsg-7 MIGRATED to testing (Debian testing watch)
[2017-08-05] Accepted qemu 1:2.8+dfsg-7 (source) into unstable (Michael Tokarev)
[2017-07-23] Accepted qemu 1.1.2+dfsg-6+deb7u22 (source all amd64) into oldoldstable (Guido Günther)
[2017-05-28] qemu 1:2.8+dfsg-6 MIGRATED to testing (Debian testing watch)
[2017-05-23] Accepted qemu 1:2.8+dfsg-6 (source) into unstable (Michael Tokarev)

bugs [bug history graph]

all: 176 189
RC: 5
I&N: 92 96
M&W: 75 84
F&P: 4
patch: 11

links

homepage
lintian (3, 10)
buildd: logs, checks, clang, reproducibility
popcon
browse source code
edit tags
security tracker
screenshots

ubuntu

[Information about Ubuntu for Debian Developers]

version: 1:2.12+dfsg-3ubuntu8
61 bugs (1 patch)