Debian Package Tracker

general

source: qemu (main)
version: 1:3.1+dfsg-6
maintainer: Debian QEMU Team (archive) [DMD]
uploaders: Aurelien Jarno [DMD] – Riku Voipio [DMD] – Michael Tokarev [DMD]
arch: all any
std-ver: 3.9.8
VCS: Git (Browse, QA)

versions [more versions can be listed by madison] [old versions available from snapshot.debian.org]

[pool directory]

o-o-stable: 1.1.2+dfsg-6a+deb7u12
o-o-sec: 1.1.2+dfsg-6+deb7u25
o-o-bpo: 1:2.1+dfsg-12+deb8u5a~bpo70+1
oldstable: 1:2.1+dfsg-12+deb8u6
old-sec: 1:2.1+dfsg-12+deb8u10
old-bpo: 1:2.8+dfsg-3~bpo8+1
stable: 1:2.8+dfsg-6+deb9u5
stable-sec: 1:2.8+dfsg-6+deb9u5
testing: 1:3.1+dfsg-5
unstable: 1:3.1+dfsg-6

versioned links

1.1.2+dfsg-6a+deb7u12: [.dsc, use dget on this link to retrieve source package] [changelog] [copyright] [rules] [control]
1.1.2+dfsg-6+deb7u25: [.dsc, use dget on this link to retrieve source package] [changelog] [copyright] [rules] [control]
2.0.0+dfsg-4~bpo70+1: [.dsc, use dget on this link to retrieve source package] [changelog] [copyright] [rules] [control]
2.1+dfsg-5~bpo70+1: [.dsc, use dget on this link to retrieve source package] [changelog] [copyright] [rules] [control]
1:2.1+dfsg-12+deb8u5a~bpo70+1: [.dsc, use dget on this link to retrieve source package] [changelog] [copyright] [rules] [control]
1:2.1+dfsg-12+deb8u6: [.dsc, use dget on this link to retrieve source package] [changelog] [copyright] [rules] [control]
1:2.1+dfsg-12+deb8u10: [.dsc, use dget on this link to retrieve source package] [changelog] [copyright] [rules] [control]
1:2.7+dfsg-3: [.dsc, use dget on this link to retrieve source package] [changelog] [copyright] [rules] [control]
1:2.8+dfsg-3~bpo8+1: [.dsc, use dget on this link to retrieve source package] [changelog] [copyright] [rules] [control]
1:2.8+dfsg-6+deb9u5: [.dsc, use dget on this link to retrieve source package] [changelog] [copyright] [rules] [control]
1:3.1+dfsg-5: [.dsc, use dget on this link to retrieve source package] [changelog] [copyright] [rules] [control]
1:3.1+dfsg-6: [.dsc, use dget on this link to retrieve source package] [changelog] [copyright] [rules] [control]

binaries

qemu
qemu-block-extra
qemu-guest-agent
qemu-kvm
qemu-system
qemu-system-arm
qemu-system-common
qemu-system-data
qemu-system-gui
qemu-system-mips
qemu-system-misc
qemu-system-ppc
qemu-system-sparc
qemu-system-x86
qemu-user
qemu-user-binfmt
qemu-user-static
qemu-utils

action needed

A new upstream version is available: 3.1.0-rc5 high

A new upstream version 3.1.0-rc5 is available, you should consider packaging it.

Created: 2019-03-12 Last update: 2019-03-20 03:38

1 security issue in sid high

There is 1 open security issue in sid.

1 important issue:

CVE-2019-8934:

Please fix it.

Created: 2019-02-18 Last update: 2019-03-18 18:21

16 security issues in stretch high

There are 16 open security issues in stretch.

7 important issues:

CVE-2018-19489: v9fs_wstat in hw/9pfs/9p.c in QEMU allows guest OS users to cause a denial of service (crash) because of a race condition during file renaming.
CVE-2019-3812: QEMU, through version 2.10 and through version 3.1.0, is vulnerable to an out-of-bounds read of up to 128 bytes in the hw/i2c/i2c-ddc.c:i2c_ddc() function. A local attacker with permission to execute i2c commands could exploit this to read stack memory of the qemu process on the host.
CVE-2018-16872: A flaw was found in qemu Media Transfer Protocol (MTP). The code opening files in usb_mtp_get_object and usb_mtp_get_partial_object and directories in usb_mtp_object_readdir doesn't consider that the underlying filesystem may have changed since the time lstat(2) was called in usb_mtp_object_alloc, a classical TOCTTOU problem. An attacker with write access to the host filesystem shared with a guest can use this property to navigate the host filesystem in the context of the QEMU process and read any file the QEMU process has access to. Access to the filesystem may be local or via a network share protocol such as CIFS.
CVE-2019-9824:
CVE-2019-6778:
CVE-2019-8934:
CVE-2018-19364: hw/9pfs/cofile.c and hw/9pfs/9p.c in QEMU can modify an fid path while it is being accessed by a second thread, leading to (for example) a use-after-free outcome.

9 issues skipped by the security teams:

CVE-2018-12617: qmp_guest_file_read in qga/commands-posix.c and qga/commands-win32.c in qemu-ga (aka QEMU Guest Agent) in QEMU 2.12.50 has an integer overflow causing a g_malloc0() call to trigger a segmentation fault when trying to allocate a large memory chunk. The vulnerability can be exploited by sending a crafted QMP command (including guest-file-read with a large count value) to the agent via the listening socket.
CVE-2017-9503: QEMU (aka Quick Emulator), when built with MegaRAID SAS 8708EM2 Host Bus Adapter emulation support, allows local guest OS privileged users to cause a denial of service (NULL pointer dereference and QEMU process crash) via vectors involving megasas command processing.
CVE-2018-11806: m_cat in slirp/mbuf.c in Qemu has a heap-based buffer overflow via incoming fragmented datagrams.
CVE-2018-19665: The Bluetooth subsystem in QEMU mishandles negative values for length variables, leading to memory corruption.
CVE-2018-18849:
CVE-2018-17958: Qemu has a Buffer Overflow in rtl8139_do_receive in hw/net/rtl8139.c because an incorrect integer data type is used.
CVE-2018-18438: Qemu has integer overflows because IOReadHandler and its associated functions use a signed integer data type for a size value.
CVE-2018-15746: qemu-seccomp.c in QEMU might allow local OS guest users to cause a denial of service (guest crash) by leveraging mishandling of the seccomp policy for threads other than the main thread.
CVE-2018-18954: The pnv_lpc_do_eccb function in hw/ppc/pnv_lpc.c in Qemu before 3.1 allows out-of-bounds write or read access to PowerNV memory.

Please fix them.

Created: 2017-05-31 Last update: 2019-03-18 18:21

2 security issues in buster high

There are 2 open security issues in buster.

1 important issue:

CVE-2019-9824:

1 issue skipped by the security teams:

CVE-2019-8934:

Please fix them.

Created: 2019-01-22 Last update: 2019-03-18 18:21

16 security issues in jessie high

There are 16 open security issues in jessie.

2 important issues:

CVE-2019-9824:
CVE-2019-8934:

14 issues skipped by the security teams:

CVE-2018-11806: m_cat in slirp/mbuf.c in Qemu has a heap-based buffer overflow via incoming fragmented datagrams.
CVE-2017-13672: QEMU (aka Quick Emulator), when built with the VGA display emulator support, allows local guest OS privileged users to cause a denial of service (out-of-bounds read and QEMU process crash) via vectors involving display update.
CVE-2017-15124: VNC server implementation in Quick Emulator (QEMU) 2.11.0 and older was found to be vulnerable to an unbounded memory allocation issue, as it did not throttle the framebuffer updates sent to its client. If the client did not consume these updates, VNC server allocates growing memory to hold onto this data. A malicious remote VNC client could use this flaw to cause DoS to the server host.
CVE-2015-8817: QEMU (aka Quick Emulator) built to use 'address_space_translate' to map an address to a MemoryRegionSection is vulnerable to an OOB r/w access issue. It could occur while doing pci_dma_read/write calls. Affects QEMU versions >= 1.6.0 and <= 2.3.1. A privileged user inside guest could use this flaw to crash the guest instance resulting in DoS.
CVE-2018-18849:
CVE-2016-5403: The virtqueue_pop function in hw/virtio/virtio.c in QEMU allows local guest OS administrators to cause a denial of service (memory consumption and QEMU process crash) by submitting requests without waiting for completion.
CVE-2017-9375: QEMU (aka Quick Emulator), when built with USB xHCI controller emulator support, allows local guest OS privileged users to cause a denial of service (infinite recursive call) via vectors involving control transfer descriptors sequencing.
CVE-2018-15746: qemu-seccomp.c in QEMU might allow local OS guest users to cause a denial of service (guest crash) by leveraging mishandling of the seccomp policy for threads other than the main thread.
CVE-2016-5126: Heap-based buffer overflow in the iscsi_aio_ioctl function in block/iscsi.c in QEMU allows local guest OS users to cause a denial of service (QEMU process crash) or possibly execute arbitrary code via a crafted iSCSI asynchronous I/O ioctl call.
CVE-2016-9923: Quick Emulator (Qemu) built with the 'chardev' backend support is vulnerable to a use after free issue. It could occur while hotplug and unplugging the device in the guest. A guest user/process could use this flaw to crash a Qemu process on the host resulting in DoS.
CVE-2018-19665: The Bluetooth subsystem in QEMU mishandles negative values for length variables, leading to memory corruption.
CVE-2015-8818: The cpu_physical_memory_write_rom_internal function in exec.c in QEMU (aka Quick Emulator) does not properly skip MMIO regions, which allows local privileged guest users to cause a denial of service (guest crash) via unspecified vectors.
CVE-2018-18438: Qemu has integer overflows because IOReadHandler and its associated functions use a signed integer data type for a size value.
CVE-2017-11334: The address_space_write_continue function in exec.c in QEMU (aka Quick Emulator) allows local guest OS privileged users to cause a denial of service (out-of-bounds access and guest instance crash) by leveraging use of qemu_map_ram_ptr to access guest ram block area.

Please fix them.

Created: 2015-09-05 Last update: 2019-03-18 18:21

Standards version of the package is outdated. high

The package is severely out of date with respect to the Debian Policy. The package should be updated to follow the last version of Debian Policy (Standards-Version 4.3.0 instead of 3.9.8).

Created: 2017-07-21 Last update: 2019-03-18 17:35

8 bugs tagged patch in the BTS normal

The BTS contains patches fixing 8 bugs, consider including or untagging them.

Created: 2018-10-01 Last update: 2019-03-20 03:17

Depends on packages which need a new maintainer normal

The packages that qemu depends on which need a new maintainer are:

lsb (#924519)
- Depends: lsb-base
spice-protocol (#911429)
- Build-Depends: libspice-protocol-dev
usbredir (#911431)
- Depends: libusbredirparser1 libusbredirparser1 libusbredirparser1 libusbredirparser1 libusbredirparser1 libusbredirparser1
- Build-Depends: libusbredirparser-dev
spice (#911427)
- Depends: libspice-server1 libspice-server1 libspice-server1 libspice-server1 libspice-server1 libspice-server1
- Build-Depends: libspice-server-dev

Created: 2018-10-20 Last update: 2019-03-20 01:52

lintian reports 12 warnings normal

Lintian reports 12 warnings about this package. You should make the package lintian clean getting rid of them.

Created: 2019-03-16 Last update: 2019-03-16 05:38

Build log checks report 1 warning low

Build log checks report 1 warning

Created: 2018-04-13 Last update: 2018-12-12 18:09

testing migrations

excuses:
- Migrates after: gcc-8
- Too young, only 2 of 10 days old
- missing build on mips64el: qemu, qemu-block-extra, qemu-guest-agent, qemu-system, qemu-system-arm, qemu-system-common, qemu-system-gui, qemu-system-mips, qemu-system-misc, qemu-system-ppc, qemu-system-sparc, qemu-system-x86, qemu-user, qemu-user-binfmt, qemu-user-static, qemu-utils (from 1:3.1+dfsg-5)
- old binaries left on all: qemu-system-data (from 1:3.1+dfsg-5) (but ignoring cruft, so nevermind)
- Piuparts tested OK - https://piuparts.debian.org/sid/source/q/qemu.html
- autopkgtest for systemd/241-1: amd64: Ignored failure
- Checking build-dependency (indep) on amd64
- Not touching package due to block request by freeze (please contact debian-release if update is needed)
- qemu-user-static/amd64 has Built-Using on gcc-8
- qemu-user-static/arm64 has Built-Using on gcc-8
- qemu-user-static/armel has Built-Using on gcc-8
- qemu-user-static/armhf has Built-Using on gcc-8
- qemu-user-static/i386 has Built-Using on gcc-8
- qemu-user-static/mips has Built-Using on gcc-8
- qemu-user-static/mipsel has Built-Using on gcc-8
- qemu-user-static/ppc64el has Built-Using on gcc-8
- qemu-user-static/s390x has Built-Using on gcc-8
- Not considered

news

[rss feed]

[2019-03-18] Accepted qemu 1:3.1+dfsg-6 (source) into unstable (Michael Tokarev)
[2019-03-16] qemu 1:3.1+dfsg-5 MIGRATED to testing (Debian testing watch)
[2019-03-11] Accepted qemu 1:3.1+dfsg-5 (source) into unstable (Michael Tokarev)
[2019-02-28] Accepted qemu 1:2.1+dfsg-12+deb8u10 (source amd64) into oldstable (Hugo Lefeuvre)
[2019-02-19] qemu 1:3.1+dfsg-4 MIGRATED to testing (Debian testing watch)
[2019-02-12] Accepted qemu 1:3.1+dfsg-4 (source) into unstable (Michael Tokarev)
[2019-02-06] Accepted qemu 1:3.1+dfsg-3 (source) into unstable (Michael Tokarev)
[2019-01-29] Accepted qemu 1:2.1+dfsg-12+deb8u9 (source amd64) into oldstable (Hugo Lefeuvre)
[2019-01-04] qemu 1:3.1+dfsg-2 MIGRATED to testing (Debian testing watch)
[2018-12-21] Accepted qemu 1:3.1+dfsg-2 (source) into unstable (Michael Tokarev)
[2018-12-12] Accepted qemu 1:3.1+dfsg-1 (source) into unstable (Michael Tokarev)
[2018-11-29] Accepted qemu 1:2.1+dfsg-12+deb8u8 (source amd64) into oldstable (Santiago Ruano Rincón)
[2018-11-23] Accepted qemu 1:2.8+dfsg-6+deb9u5 (source amd64) into proposed-updates->stable-new, proposed-updates (Moritz Mühlenhoff)
[2018-11-11] Accepted qemu 1:2.8+dfsg-6+deb9u5 (source amd64) into stable->embargoed, stable (Moritz Mühlenhoff)
[2018-09-06] Accepted qemu 1:2.1+dfsg-12+deb8u7 (source amd64) into oldstable (Santiago Ruano Rincón)
[2018-06-07] qemu 1:2.12+dfsg-3 MIGRATED to testing (Debian testing watch)
[2018-06-03] Accepted qemu 1:2.8+dfsg-6+deb9u4 (source) into proposed-updates->stable-new, proposed-updates (Michael Tokarev)
[2018-06-01] Accepted qemu 1:2.12+dfsg-3 (source amd64 all) into unstable (Michael Tokarev)
[2018-06-01] Accepted qemu 1:2.12+dfsg-2 (source amd64 all) into unstable, unstable (Michael Tokarev)
[2018-05-29] Accepted qemu 1:2.8+dfsg-6+deb9u4 (source) into stable->embargoed, stable (Michael Tokarev)
[2018-05-05] qemu 1:2.12+dfsg-1 MIGRATED to testing (Debian testing watch)
[2018-04-26] Accepted qemu 1:2.12+dfsg-1 (source) into unstable (Michael Tokarev)
[2018-04-20] qemu 1:2.12~rc3+dfsg-2 MIGRATED to testing (Debian testing watch)
[2018-04-17] Accepted qemu 1.1.2+dfsg-6+deb7u25 (source all amd64) into oldoldstable (Antoine Beaupré)
[2018-04-15] Accepted qemu 1:2.12~rc3+dfsg-2 (source) into unstable (Michael Tokarev)
[2018-04-12] Accepted qemu 1:2.12~rc3+dfsg-1 (source) into unstable (Michael Tokarev)
[2018-01-16] qemu 1:2.11+dfsg-1 MIGRATED to testing (Debian testing watch)
[2018-01-11] Accepted qemu 1:2.11+dfsg-1 (source) into unstable (Michael Tokarev)
[2017-10-13] qemu 1:2.10.0+dfsg-2 MIGRATED to testing (Debian testing watch)
[2017-10-08] Accepted qemu 1.1.2+dfsg-6+deb7u24 (source all amd64) into oldoldstable (Guido Günther)

bugs [bug history graph]

all: 157 170
RC: 0
I&N: 84 88
M&W: 73 82
F&P: 0
patch: 8

links

homepage
lintian (0, 12)
buildd: logs, checks, clang, reproducibility
popcon
browse source code
edit tags
security tracker
screenshots

ubuntu

[Information about Ubuntu for Debian Developers]

version: 1:3.1+dfsg-2ubuntu2
58 bugs (2 patches)