[Bug 1804766] Re: Please enable opengl for acceleration and vfio-MDEV support

[Launchpad Bug Tracker]

This bug was fixed in the package qemu - 1:2.12+dfsg-3ubuntu9

---------------
qemu (1:2.12+dfsg-3ubuntu9) disco; urgency=medium

  [ Marc Deslauriers ]
  * SECURITY UPDATE: integer overflow in NE2000 NIC emulation
    - debian/patches/CVE-2018-10839.patch: use proper type in
      hw/net/ne2000.c.
    - CVE-2018-10839
  * SECURITY UPDATE: integer overflow via crafted QMP command
    - debian/patches/CVE-2018-12617.patch: check bytes count read by
      guest-file-read in qga/commands-posix.c.
    - CVE-2018-12617
  * SECURITY UPDATE: OOB heap buffer r/w access in NVM Express Controller
    - debian/patches/CVE-2018-16847.patch: check size in hw/block/nvme.c.
    - CVE-2018-16847
  * SECURITY UPDATE: buffer overflow in rtl8139
    - debian/patches/CVE-2018-17958.patch: use proper type in
      hw/net/rtl8139.c.
    - CVE-2018-17958
  * SECURITY UPDATE: buffer overflow in pcnet
    - debian/patches/CVE-2018-17962.patch: use proper type in
      hw/net/pcnet.c.
    - CVE-2018-17962
  * SECURITY UPDATE: DoS via large packet sizes
    - debian/patches/CVE-2018-17963.patch: check size in net/net.c.
    - CVE-2018-17963
  * SECURITY UPDATE: DoS in lsi53c895a
    - debian/patches/CVE-2018-18849.patch: check message length value is
      valid in hw/scsi/lsi53c895a.c.
    - CVE-2018-18849
  * SECURITY UPDATE: Out-of-bounds r/w stack access in ppc64
    - debian/patches/CVE-2018-18954.patch: check size before data buffer
      access in hw/ppc/pnv_lpc.c.
    - CVE-2018-18954
  * SECURITY UPDATE: race condition in 9p
    - debian/patches/CVE-2018-19364-1.patch: use write lock in
      hw/9pfs/cofile.c.
    - debian/patches/CVE-2018-19364-2.patch: use write lock in
      hw/9pfs/9p.c.
    - CVE-2018-19364

  [ Christian Ehrhardt]
  * debian/patches/ubuntu/lp1787405-*: Support guest dedicated Crypto
    Adapters on s390x (LP: #1787405)
  * enable opengl for vfio-MDEV support (LP: #1804766)
    - d/control-in: set --enable-opengl
    - d/control-in: add gl related build-dependencies

 -- Christian Ehrhardt <christian.ehrha...@canonical.com>  Wed, 21 Nov
2018 13:17:01 -0500

** Changed in: qemu (Ubuntu)
       Status: In Progress => Fix Released

** CVE added: https://cve.mitre.org/cgi-bin/cvename.cgi?name=2018-10839

** CVE added: https://cve.mitre.org/cgi-bin/cvename.cgi?name=2018-12617

** CVE added: https://cve.mitre.org/cgi-bin/cvename.cgi?name=2018-16847

** CVE added: https://cve.mitre.org/cgi-bin/cvename.cgi?name=2018-17958

** CVE added: https://cve.mitre.org/cgi-bin/cvename.cgi?name=2018-17962

** CVE added: https://cve.mitre.org/cgi-bin/cvename.cgi?name=2018-17963

** CVE added: https://cve.mitre.org/cgi-bin/cvename.cgi?name=2018-18849

** CVE added: https://cve.mitre.org/cgi-bin/cvename.cgi?name=2018-18954

** CVE added: https://cve.mitre.org/cgi-bin/cvename.cgi?name=2018-19364

-- 
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/1804766

Title:
  Please enable opengl for acceleration and vfio-MDEV support

To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/qemu/+bug/1804766/+subscriptions

-- 
ubuntu-bugs mailing list
ubuntu-bugs@lists.ubuntu.com
https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs