Debian Bug report logs -
#856969
qemu: CVE-2017-6505: infinite loop issue in ohci_service_ed_list
Reported by: Salvatore Bonaccorso <carnil@debian.org>
Date: Mon, 6 Mar 2017 18:51:01 UTC
Severity: normal
Tags: patch, security, upstream
Found in version qemu/1:2.1+dfsg-11
Fixed in version qemu/1:2.8+dfsg-4
Done: Michael Tokarev <mjt@tls.msk.ru>
Bug is archived. No further changes may be made.
Toggle useless messages
Report forwarded
to debian-bugs-dist@lists.debian.org, carnil@debian.org, team@security.debian.org, secure-testing-team@lists.alioth.debian.org, Debian QEMU Team <pkg-qemu-devel@lists.alioth.debian.org>:
Bug#856969; Package src:qemu.
(Mon, 06 Mar 2017 18:51:03 GMT) (full text, mbox, link).
Acknowledgement sent
to Salvatore Bonaccorso <carnil@debian.org>:
New Bug report received and forwarded. Copy sent to carnil@debian.org, team@security.debian.org, secure-testing-team@lists.alioth.debian.org, Debian QEMU Team <pkg-qemu-devel@lists.alioth.debian.org>.
(Mon, 06 Mar 2017 18:51:04 GMT) (full text, mbox, link).
Message #5 received at submit@bugs.debian.org (full text, mbox, reply):
Source: qemu
Version: 1:2.1+dfsg-11
Severity: normal
Tags: patch security upstream
Hi,
the following vulnerability was published for qemu.
CVE-2017-6505[0]:
usb: an infinite loop issue in ohci_service_ed_list
If you fix the vulnerability please also make sure to include the
CVE (Common Vulnerabilities & Exposures) id in your changelog entry.
For further information see:
[0] https://security-tracker.debian.org/tracker/CVE-2017-6505
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-6505
[1] http://git.qemu-project.org/?p=qemu.git;a=commitdiff;h=95ed56939eb2eaa4e2f349fe6dcd13ca4edfd8fb
Regards,
Salvatore
Added tag(s) pending.
Request was from <mjt@tls.msk.ru>
to control@bugs.debian.org.
(Sun, 26 Mar 2017 10:51:06 GMT) (full text, mbox, link).
Reply sent
to Michael Tokarev <mjt@tls.msk.ru>:
You have taken responsibility.
(Tue, 18 Apr 2017 09:06:13 GMT) (full text, mbox, link).
Notification sent
to Salvatore Bonaccorso <carnil@debian.org>:
Bug acknowledged by developer.
(Tue, 18 Apr 2017 09:06:13 GMT) (full text, mbox, link).
Message #12 received at 856969-close@bugs.debian.org (full text, mbox, reply):
Source: qemu
Source-Version: 1:2.8+dfsg-4
We believe that the bug you reported is fixed in the latest version of
qemu, which is due to be installed in the Debian FTP archive.
A summary of the changes between this version and the previous one is
attached.
Thank you for reporting the bug, which will now be closed. If you
have further comments please address them to 856969@bugs.debian.org,
and the maintainer will reopen the bug report if appropriate.
Debian distribution maintenance software
pp.
Michael Tokarev <mjt@tls.msk.ru> (supplier of updated qemu package)
(This message was generated automatically at their request; if you
believe that there is a problem with it please contact the archive
administrators by mailing ftpmaster@ftp-master.debian.org)
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256
Format: 1.8
Date: Mon, 03 Apr 2017 16:28:49 +0300
Source: qemu
Binary: qemu qemu-system qemu-block-extra qemu-system-common qemu-system-misc qemu-system-arm qemu-system-mips qemu-system-ppc qemu-system-sparc qemu-system-x86 qemu-user qemu-user-static qemu-user-binfmt qemu-utils qemu-guest-agent qemu-kvm
Architecture: source
Version: 1:2.8+dfsg-4
Distribution: unstable
Urgency: high
Maintainer: Debian QEMU Team <pkg-qemu-devel@lists.alioth.debian.org>
Changed-By: Michael Tokarev <mjt@tls.msk.ru>
Description:
qemu - fast processor emulator
qemu-block-extra - extra block backend modules for qemu-system and qemu-utils
qemu-guest-agent - Guest-side qemu-system agent
qemu-kvm - QEMU Full virtualization on x86 hardware
qemu-system - QEMU full system emulation binaries
qemu-system-arm - QEMU full system emulation binaries (arm)
qemu-system-common - QEMU full system emulation binaries (common files)
qemu-system-mips - QEMU full system emulation binaries (mips)
qemu-system-misc - QEMU full system emulation binaries (miscellaneous)
qemu-system-ppc - QEMU full system emulation binaries (ppc)
qemu-system-sparc - QEMU full system emulation binaries (sparc)
qemu-system-x86 - QEMU full system emulation binaries (x86)
qemu-user - QEMU user mode emulation binaries
qemu-user-binfmt - QEMU user mode binfmt registration for qemu-user
qemu-user-static - QEMU user mode emulation binaries (static version)
qemu-utils - QEMU utilities
Closes: 840950 844566 846084 856969 857744 859854
Changes:
qemu (1:2.8+dfsg-4) unstable; urgency=high
.
* usb-ohci-limit-the-number-of-link-eds-CVE-2017-6505.patch
Closes: #856969, CVE-2017-6505
* linux-user-fix-apt-get-update-on-linux-user-hppa.patch
Closes: #846084
* update to 2.8.1 upstream stable/bugfix release
(v2.8.1.diff from upstream, except of seabios blob bits).
Closes: #857744, CVE-2016-9603
Patches dropped because they're included in 2.8.1 release:
9pfs-symlink-attack-fixes-CVE-2016-9602.patch
char-fix-ctrl-a-b-not-working.patch
cirrus-add-blit_is_unsafe-to-cirrus_bitblt_cputovideo-CVE-2017-2620.patch
cirrus-fix-oob-access-issue-CVE-2017-2615.patch
cirrus-ignore-source-pitch-as-needed-in-blit_is_unsafe.patch
linux-user-fix-s390x-safe-syscall-for-z900.patch
nbd_client-fix-drop_sync-CVE-2017-2630.patch
s390x-use-qemu-cpu-model-in-user-mode.patch
sd-sdhci-check-data-length-during-dma_memory_read-CVE-2017-5667.patch
virtio-crypto-fix-possible-integer-and-heap-overflow-CVE-2017-5931.patch
vmxnet3-fix-memory-corruption-on-vlan-header-stripping-CVE-2017-6058.patch
* bump seabios dependency to 1.10.2 due to ahci fix in 2.8.1
* 9pfs-fix-file-descriptor-leak-CVE-2017-7377.patch
(Closes: #859854, CVE-2017-7377)
* dma-rc4030-limit-interval-timer-reload-value-CVE-2016-8667.patch
Closes: #840950, CVE-2016-8667
* make d/control un-writable to stop users from changing a generated file
* two patches from upstream to fix user-mode network with IPv6
slirp-make-RA-build-more-flexible.patch
slirp-send-RDNSS-in-RA-only-if-host-has-an-IPv6-DNS.patch
(Closes: #844566)
Checksums-Sha1:
5f5b776f9d7c2beea9a2e8e04c7796b04aafebcc 5551 qemu_2.8+dfsg-4.dsc
b835f29184ab3603ded9f1a125f0a0f1105c4255 113924 qemu_2.8+dfsg-4.debian.tar.xz
3925546a2f789495225046c91888cbc6b9800234 10240 qemu_2.8+dfsg-4_source.buildinfo
Checksums-Sha256:
f603cf3374992c289aba54e00ada26cad87e5f308f3ae75223143a33f48b06e2 5551 qemu_2.8+dfsg-4.dsc
75d58a998e23d63a487c7da2448e6b8f89b6f676d79015176223c212dd13091a 113924 qemu_2.8+dfsg-4.debian.tar.xz
9be5e2a7714a953586dc3c08d41c82581125a51cc44b4ddc7e56deceff880ee7 10240 qemu_2.8+dfsg-4_source.buildinfo
Files:
8d85db5eacd832851653f94e381de18a 5551 otherosfs optional qemu_2.8+dfsg-4.dsc
47092a8502555c58898ac782c999966f 113924 otherosfs optional qemu_2.8+dfsg-4.debian.tar.xz
89a786f008bb4d955f5371287c7f6c6b 10240 otherosfs optional qemu_2.8+dfsg-4_source.buildinfo
-----BEGIN PGP SIGNATURE-----
iQFDBAEBCAAtFiEEe3O61ovnosKJMUsicBtPaxppPlkFAlj1zi0PHG1qdEB0bHMu
bXNrLnJ1AAoJEHAbT2saaT5ZHXQH/0ePF2U6ocuBQZNHzDbe+KM3oodFw2oQGpQY
Eai9NrMv+aS+9c/MgjpzjiEaushHI03ilqNFVMIBJENzXzCTPymGLDbesm9OhzXF
aLVahhdJkkPYAQS47bkzJzE1HlonsPIc8w5ACGccJEcuB3i9vtyw8d+wETpg9M//
4YRSN5FPyZ9VvlZlxyyLfYwvs4yp1JvjGM+Rvg8mWGPJUsJujFedwaP2hKmGuwC/
QdtuXG2HOpspnnkWUb0IElUXgzVHzexgOiCOD9Rnurv23l5Aj6r9XXIL5BcaJ8Fd
m1lHXkgWRbWm/tt7C376LzlrTSaiLOFOcOw34ywXOoSqRrXX3nk=
=Rep0
-----END PGP SIGNATURE-----
Bug archived.
Request was from Debbugs Internal Request <owner@bugs.debian.org>
to internal_control@bugs.debian.org.
(Sun, 21 May 2017 07:28:13 GMT) (full text, mbox, link).
Send a report that this bug log contains spam.
Debian bug tracking system administrator <owner@bugs.debian.org>.
Last modified:
Wed Jun 19 16:49:33 2019;
Machine Name:
beach
Debian Bug tracking system
Debbugs is free software and licensed under the terms of the GNU
Public License version 2. The current version can be obtained
from https://bugs.debian.org/debbugs-source/.
Copyright © 1999 Darren O. Benham,
1997,2003 nCipher Corporation Ltd,
1994-97 Ian Jackson,
2005-2017 Don Armstrong, and many other contributors.
Vulmon