NetCube-Systems-Austria/kumquat-buildroot
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
e058075189
kumquat-buildroot/package/qemu/qemu.hash
Peter Korsgaard eb2b3df626 qemu: security bump to version 2.10.2 
Fixes the following security issues:

CVE-2017-13672: QEMU (aka Quick Emulator), when built with the VGA display
emulator support, allows local guest OS privileged users to cause a denial
of service (out-of-bounds read and QEMU process crash) via vectors involving
display update.

CVE-2017-15118: Stack buffer overflow in NBD server triggered via long
export name

CVE-2017-15119: DoS via large option request

CVE-2017-15268: Qemu through 2.10.0 allows remote attackers to cause a
memory leak by triggering slow data-channel read operations, related to
io/channel-websock.c.

For more details, see the release announcement:
https://lists.nongnu.org/archive/html/qemu-devel/2017-12/msg03618.html

Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2017-12-20 21:22:33 +01:00

5 lines
314 B
Plaintext
Raw Blame History

# Locally computed, tarball verified with GPG signature
sha256 fcfdaa1ecdaac8aead616fe811bfb8fe4a8f2cd59796aa446c5175b5af0e829f qemu-2.10.2.tar.xz
sha256 6f04ae8364d0079a192b14635f4b1da294ce18724c034c39a6a41d1b09df6100 COPYING
sha256 48ffe9fc7f1d5462dbd19340bc4dd1d8a9e37c61ed535813e614cbe4a5f0d4df COPYING.LIB
Reference in New Issue View Git Blame Copy Permalink