Your message dated Fri, 23 May 2014 09:24:09 +0000
with message-id <[email protected]>
and subject line Bug#742730: fixed in qemu 2.0.0+dfsg-6
has caused the Debian Bug report #742730,
regarding image format processing issues: lack of input validation
to be marked as done.
This means that you claim that the problem has been dealt with.
If this is not the case it is now your responsibility to reopen the
Bug report if necessary, and/or fix the problem forthwith.
(NB: If you are a system administrator and have no idea what this
message is talking about, this may indicate a serious mail system
misconfiguration somewhere. Please contact [email protected]
immediately.)
--
742730: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=742730
Debian Bug Tracking System
Contact [email protected] with problems
--- Begin Message ---
Package: qemu, qemu-kvm
Version: 1.1.2+dfsg-6
Severity: grave
Tags: security patch upstream
Several flaws were found in guest image format processing in qemu.
CVEs are as follows:
parallels: Sanity check for s->tracks (CVE-2014-0142)
parallels: Fix catalog size integer overflow (CVE-2014-0143)
qcow2: Check maximum L1 size in qcow2_snapshot_load_tmp() (CVE-2014-0143)
qcow2: Fix L1 allocation size in qcow2_snapshot_load_tmp() (CVE-2014-0145)
qcow2: Fix NULL dereference in qcow2_open() error path (CVE-2014-0146)
block: Limit request size (CVE-2014-0143)
dmg: prevent chunk buffer overflow (CVE-2014-0145)
dmg: sanitize chunk length and sectorcount (CVE-2014-0145)
qcow2: Fix new L1 table size check (CVE-2014-0143)
qcow2: Avoid integer overflow in get_refcount (CVE-2014-0143)
qcow2: Don't rely on free_cluster_index in alloc_refcount_block()
(CVE-2014-0147)
qcow2: Validate active L1 table offset and size (CVE-2014-0144)
qcow2: Validate snapshot table offset/size (CVE-2014-0144)
qcow2: Check refcount table size (CVE-2014-0144)
qcow2: Check backing_file_offset (CVE-2014-0144)
qcow2: Check header_length (CVE-2014-0144)
curl: check data size before memcpy to local buffer. (CVE-2014-0144)
vhdx: Bounds checking for block_size and logical_sector_size (CVE-2014-0148)
vdi: add bounds checks for blocks_in_image and disk_size header fields
(CVE-2014-0144)
vpc: Validate block size (CVE-2014-0142)
vpc/vhd: add bounds check for max_table_entries and block_size (CVE-2014-0144)
bochs: Check extent_size header field (CVE-2014-0142)
bochs: Check catalog_size header field (CVE-2014-0143)
bochs: Use unsigned variables for offsets and sizes (CVE-2014-0147)
block/cloop: refuse images with bogus offsets (CVE-2014-0144)
block/cloop: refuse images with huge offsets arrays (CVE-2014-0144)
block/cloop: prevent offsets_size integer overflow (CVE-2014-0143)
block/cloop: validate block_size header field (CVE-2014-0144)
Upstream patches:
https://lists.gnu.org/archive/html/qemu-devel/2014-03/msg04994.html
Some of those issues affects wheezy and even squeeze versions of qemu
and qemu-kvm packages, and needs quite some backporting work.
Thanks,
/mjt
--- End Message ---
--- Begin Message ---
Source: qemu
Source-Version: 2.0.0+dfsg-6
We believe that the bug you reported is fixed in the latest version of
qemu, which is due to be installed in the Debian FTP archive.
A summary of the changes between this version and the previous one is
attached.
Thank you for reporting the bug, which will now be closed. If you
have further comments please address them to [email protected],
and the maintainer will reopen the bug report if appropriate.
Debian distribution maintenance software
pp.
Michael Tokarev <[email protected]> (supplier of updated qemu package)
(This message was generated automatically at their request; if you
believe that there is a problem with it please contact the archive
administrators by mailing [email protected])
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
Format: 1.8
Date: Fri, 23 May 2014 12:12:38 +0400
Source: qemu
Binary: qemu qemu-keymaps qemu-system qemu-system-common qemu-system-misc
qemu-system-arm qemu-system-mips qemu-system-ppc qemu-system-sparc
qemu-system-x86 qemu-user qemu-user-static qemu-user-binfmt qemu-utils
qemu-guest-agent qemu-kvm
Architecture: source amd64 all
Version: 2.0.0+dfsg-6
Distribution: unstable
Urgency: medium
Maintainer: Debian QEMU Team <[email protected]>
Changed-By: Michael Tokarev <[email protected]>
Description:
qemu - fast processor emulator
qemu-guest-agent - Guest-side qemu-system agent
qemu-keymaps - QEMU keyboard maps
qemu-kvm - QEMU Full virtualization on x86 hardware
qemu-system - QEMU full system emulation binaries
qemu-system-arm - QEMU full system emulation binaries (arm)
qemu-system-common - QEMU full system emulation binaries (common files)
qemu-system-mips - QEMU full system emulation binaries (mips)
qemu-system-misc - QEMU full system emulation binaries (miscelaneous)
qemu-system-ppc - QEMU full system emulation binaries (ppc)
qemu-system-sparc - QEMU full system emulation binaries (sparc)
qemu-system-x86 - QEMU full system emulation binaries (x86)
qemu-user - QEMU user mode emulation binaries
qemu-user-binfmt - QEMU user mode binfmt registration
qemu-user-static - QEMU user mode emulation binaries (static version)
qemu-utils - QEMU utilities
Closes: 742730
Changes:
qemu (2.0.0+dfsg-6) unstable; urgency=medium
.
* build-depend on libgnutls28-dev not libgnutls-dev
* added qcow1 block format validation patches from upstream:
block-fmt-validation/qcow1-check-maximum-cluster-size.patch
block-fmt-validation/qcow1-stricter-backing-file-length-check.patch
block-fmt-validation/qcow1-validate-image-size-CVE-2014-0223.patch
block-fmt-validation/qcow1-validate-L2-table-size-CVE-2014-0222.patch
(Finally closes: #742730, CVE-2014-0222, CVE-2014-0223)
Checksums-Sha1:
56bc8a119ff12068332b310c5bac75d8c9ea2e4e 5162 qemu_2.0.0+dfsg-6.dsc
abd880edd7550c9bf8d9f48d54c0c07511f50e02 61380 qemu_2.0.0+dfsg-6.debian.tar.xz
fcd85db2319317cac6b0d2871c8306122cdf7ddb 208068 qemu_2.0.0+dfsg-6_amd64.deb
134324cc9ff0261b88249419b91278e51b1f9b24 58232
qemu-keymaps_2.0.0+dfsg-6_all.deb
95161d6cd5a009ff5efa5d9632f16cbb84dc6216 46596
qemu-system_2.0.0+dfsg-6_amd64.deb
66555c390a830920134e78890229ba15a380cc3b 192272
qemu-system-common_2.0.0+dfsg-6_amd64.deb
90da0c603a7b543032cafa7299489653a0749c2d 5409580
qemu-system-misc_2.0.0+dfsg-6_amd64.deb
325422dd59d20efebc695d6f5aa7faf5b01ba7cc 2237998
qemu-system-arm_2.0.0+dfsg-6_amd64.deb
bb818bbeec79b631cb86239fc09d70db4e8ea56a 2771934
qemu-system-mips_2.0.0+dfsg-6_amd64.deb
1d5d125a72ce41d9812a158f7fbce0fc48e58254 2801530
qemu-system-ppc_2.0.0+dfsg-6_amd64.deb
fd561ae1997c945583a71808d651b6b5a751adc6 1648776
qemu-system-sparc_2.0.0+dfsg-6_amd64.deb
cfc09c19767d16a88ca891b3fb8138b22ca079c3 1992620
qemu-system-x86_2.0.0+dfsg-6_amd64.deb
3773b4f3bef81896db715897a15a84a97ac549a4 5397310
qemu-user_2.0.0+dfsg-6_amd64.deb
cfbe1bb0451a060f2cf910280029c5ec5c4ff532 7998258
qemu-user-static_2.0.0+dfsg-6_amd64.deb
03e7c334b5ee834b68d3b67d8c8b790c59c1b8b6 2504
qemu-user-binfmt_2.0.0+dfsg-6_amd64.deb
465947c14e1fc2a361525cffb7503ed476f8fe25 461538
qemu-utils_2.0.0+dfsg-6_amd64.deb
b57de41793ed57e2f01fc6d26b22430c3772be53 133042
qemu-guest-agent_2.0.0+dfsg-6_amd64.deb
2521802e9ded7644427c594d30bbd6853f76e8c1 47620 qemu-kvm_2.0.0+dfsg-6_amd64.deb
Checksums-Sha256:
2cfa8f6e36766b04877b896c6eb400a10c0654c811f9d2380afea9ddcdd4577b 5162
qemu_2.0.0+dfsg-6.dsc
79561229edc424363b76846eb58b1f761d71fdc0dd0c314b5abcb3335af8ff09 61380
qemu_2.0.0+dfsg-6.debian.tar.xz
4daced3a133c93a65d937efad3f258dbfbce9c3d1795bc56ba8038e64bc3721e 208068
qemu_2.0.0+dfsg-6_amd64.deb
2e0ddb2f1851e8e91f90f0ef34e720fcaa202775b9b91c6bdfe28b57b7a30354 58232
qemu-keymaps_2.0.0+dfsg-6_all.deb
688821afe8f8d46b94ccf3451817001a530af91b07a7e965e4277a75052c000e 46596
qemu-system_2.0.0+dfsg-6_amd64.deb
9997e4d1167b22ee4c18656136e681007f70143c5c9262199bd545fc490f896d 192272
qemu-system-common_2.0.0+dfsg-6_amd64.deb
7abc9a3f27a5277ee26732092025cc4a9734d88c21d20f6e7701ba3c40380f55 5409580
qemu-system-misc_2.0.0+dfsg-6_amd64.deb
3ff8751bd11f09c62403c2c59aae80eac0d89d9462ee71ee05a849a529f2fe1b 2237998
qemu-system-arm_2.0.0+dfsg-6_amd64.deb
ceeb249f0fb27073e061aecaeba5dc4c62b44d8e3d6103f9b6a787145658cf89 2771934
qemu-system-mips_2.0.0+dfsg-6_amd64.deb
4b785de6f674c2668bafd9b23d561f00513d4ad21c7046f18cfc1a1eed436122 2801530
qemu-system-ppc_2.0.0+dfsg-6_amd64.deb
ae9cf29dd0a908e710ed09e29f2ab9f06fdb7383e9b3d02c84ab3c05a3f82057 1648776
qemu-system-sparc_2.0.0+dfsg-6_amd64.deb
a123d5015302d032a83e60b336d07655bbe303192012e976f0853ce90a1be1e7 1992620
qemu-system-x86_2.0.0+dfsg-6_amd64.deb
4e91aed0b5201c91ead060cd996f9c51fcf02258c038df7ad59e3d77217ac840 5397310
qemu-user_2.0.0+dfsg-6_amd64.deb
9b1b8f9368491375b6c02efff0c133fd98902c95024ffaa14b76e16dad1f395f 7998258
qemu-user-static_2.0.0+dfsg-6_amd64.deb
9cc91c63c0b940b28d195b6d7e77ea3301d87d077d0be450f6d2226995ef96f5 2504
qemu-user-binfmt_2.0.0+dfsg-6_amd64.deb
406ae926b817ab24b5e676bacce01ddd029448fc133273319b051db8cd76309f 461538
qemu-utils_2.0.0+dfsg-6_amd64.deb
12e068d50024b073a50d2a086f4fc1a3ada74031f8d596d26e5eb22cd9c59fe4 133042
qemu-guest-agent_2.0.0+dfsg-6_amd64.deb
da3f46e2a0c490e36e4498d23527babc12ded374a16985ebcf92770a3aa47504 47620
qemu-kvm_2.0.0+dfsg-6_amd64.deb
Files:
9850ea1cf549b733f3fb527477d340b7 208068 otherosfs optional
qemu_2.0.0+dfsg-6_amd64.deb
a51997ceede01c04b0db6690ffb4fe46 58232 otherosfs optional
qemu-keymaps_2.0.0+dfsg-6_all.deb
feb8b59f6abf5bbacfdd08d244997d3a 46596 otherosfs optional
qemu-system_2.0.0+dfsg-6_amd64.deb
ad968232f8d2f117e327bb7d1a5b9234 192272 otherosfs optional
qemu-system-common_2.0.0+dfsg-6_amd64.deb
d88871175e6b5b44968fabbd80ae44fc 5409580 otherosfs optional
qemu-system-misc_2.0.0+dfsg-6_amd64.deb
ee19a0efe45872485ab434e0d7c2ef9a 2237998 otherosfs optional
qemu-system-arm_2.0.0+dfsg-6_amd64.deb
6c009f03eb24b6a2520580898c4eeffe 2771934 otherosfs optional
qemu-system-mips_2.0.0+dfsg-6_amd64.deb
0996844d95be8c4d83578f19667e1d47 2801530 otherosfs optional
qemu-system-ppc_2.0.0+dfsg-6_amd64.deb
741878b2908814fc2ce21d3c1152b9cd 1648776 otherosfs optional
qemu-system-sparc_2.0.0+dfsg-6_amd64.deb
6397c3c360970161c6fdcc0289e0eb9d 1992620 otherosfs optional
qemu-system-x86_2.0.0+dfsg-6_amd64.deb
9f5eb0b448929397de27ee750148240a 5397310 otherosfs optional
qemu-user_2.0.0+dfsg-6_amd64.deb
b8fa8729ed3ec018b61da1af7c9dc884 7998258 otherosfs optional
qemu-user-static_2.0.0+dfsg-6_amd64.deb
54a45150545e396d36bf7da5c7bf873e 2504 otherosfs optional
qemu-user-binfmt_2.0.0+dfsg-6_amd64.deb
a768dce0a44a9a19fa61f8ddac2ea5e4 461538 otherosfs optional
qemu-utils_2.0.0+dfsg-6_amd64.deb
4e5223ef4b9a30099b4e661f6a86d14c 133042 otherosfs optional
qemu-guest-agent_2.0.0+dfsg-6_amd64.deb
2d5a6d90d42ebd8f731b90aed6bd4c06 47620 otherosfs optional
qemu-kvm_2.0.0+dfsg-6_amd64.deb
25d3bd522e34f92e866f089c649fa9cb 5162 otherosfs optional qemu_2.0.0+dfsg-6.dsc
345deba121b6911f7a340b5ad899e020 61380 otherosfs optional
qemu_2.0.0+dfsg-6.debian.tar.xz
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.12 (GNU/Linux)
iQEcBAEBAgAGBQJTfwPXAAoJEL7lnXSkw9fbDvIH/R9BkYdparl4RONj7Oe7oZub
o32ZTRNOrn5vlXRIPuETRTZ3sflSj5AObHCKdE3kRhX+3JKqXmEFFmfgQHcMChHQ
6DiVJ52XITTxmePUbCUvAVRjEecX1LFYWTxe36D2fa7LfIacRlsmjWs1RxdfA6Lh
woAVKufttw0iEFR0UB7ZJbRBn7s77QszGs5bmABJvd19b3Nx5aT+FDbDBT7nUtSB
/upS1uSsVFjVct2Db7duMfTyBEJB6bKdDcU6CxJXvcw2lnJrkV1tSRW6kF+UFD9W
a/hdas5T9+fLDx/MwJx8/1a0cw/tmsoKvkAF0Vx/dOg2/uT/qiId/GZIYcsGzrQ=
=pYHz
-----END PGP SIGNATURE-----
--- End Message ---
