Accepted qemu-kvm 1.1.2+dfsg-6+deb7u14 (source amd64) into oldstable
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256
Format: 1.8
Date: Fri, 29 Jul 2016 16:32:58 +0200
Source: qemu-kvm
Binary: qemu-kvm qemu-kvm-dbg kvm
Architecture: source amd64
Version: 1.1.2+dfsg-6+deb7u14
Distribution: wheezy-security
Urgency: medium
Maintainer: Michael Tokarev <mjt@tls.msk.ru>
Changed-By: Guido Günther <agx@sigxcpu.org>
Description:
kvm - dummy transitional package from kvm to qemu-kvm
qemu-kvm - Full virtualization on x86 hardware
qemu-kvm-dbg - Debugging info for qemu-kvm
Closes: 832767
Changes:
qemu-kvm (1.1.2+dfsg-6+deb7u14) wheezy-security; urgency=medium
.
* Non-maintainer upload by the LTS team.
* CVE-2016-5403: virtio: error out if guest exceeds virtqueue size
(Closes: #832767)
* CVE-2016-4439, CVE-2016-6351, CVE-2016-6351: several issue in the 53C9X
Fast SCSI Controller
* CVE-2016-4020: The patch_instruction function in hw/i386/kvmvapic.c in
QEMU does not initialize the imm32 variable, which allows local guest OS
administrators to obtain sensitive information from host stack memory by
accessing the Task Priority Register (TPR).
* CVE-2016-2857: The net_checksum_calculate function in net/checksum.c in
QEMU allows local guest OS users to cause a denial of service
(out-of-bounds heap read and crash) via the payload length in a crafted
packet.
* CVE-2015-5239: Integer overflow in vnc_client_read() and
protocol_client_msg()
Checksums-Sha1:
55b5958cb052410320b76c49f23c94efcc202b38 2471 qemu-kvm_1.1.2+dfsg-6+deb7u14.dsc
345ad82cfe41c4b584ba36e45918cbaeef6f3c64 128457 qemu-kvm_1.1.2+dfsg-6+deb7u14.debian.tar.gz
4b158fc59b8b4d85775bb96f10dee1ea52670ec8 1682278 qemu-kvm_1.1.2+dfsg-6+deb7u14_amd64.deb
2927e1fa1b5ea80452efb73d121b90ba677cd15d 5277662 qemu-kvm-dbg_1.1.2+dfsg-6+deb7u14_amd64.deb
97534db21940cd4fafee2d435a1476f2ce591c10 25672 kvm_1.1.2+dfsg-6+deb7u14_amd64.deb
Checksums-Sha256:
89d567c61df07c96fca17da857b7ca9a9dfd36eea3212eda253e4c12585473fa 2471 qemu-kvm_1.1.2+dfsg-6+deb7u14.dsc
141ce80a6d54ff7e953ed21e96f5ff16bbdbabc2df963f356109518ffde1b0c0 128457 qemu-kvm_1.1.2+dfsg-6+deb7u14.debian.tar.gz
57385cb443185ac77f30c03bbde0fa61653f02c70bf4a7f948a907ac9e9de705 1682278 qemu-kvm_1.1.2+dfsg-6+deb7u14_amd64.deb
f82507c84dd249fbe37b74747ca053fa8c2e11401b6d445d63b308e13dbac60b 5277662 qemu-kvm-dbg_1.1.2+dfsg-6+deb7u14_amd64.deb
89995f0a705bfad97faa3ae84e6f6ae27c1116dfb0fa965182ac489cdaf72eeb 25672 kvm_1.1.2+dfsg-6+deb7u14_amd64.deb
Files:
0a1505ffa5ac686918c1872c6619d44c 2471 misc optional qemu-kvm_1.1.2+dfsg-6+deb7u14.dsc
54d90987d263bdad22934387dd2a3531 128457 misc optional qemu-kvm_1.1.2+dfsg-6+deb7u14.debian.tar.gz
12ebd25d808efcc780f857aa887cee3b 1682278 misc optional qemu-kvm_1.1.2+dfsg-6+deb7u14_amd64.deb
84f0ec9e483810a5936040302046ecb3 5277662 debug extra qemu-kvm-dbg_1.1.2+dfsg-6+deb7u14_amd64.deb
510b68dcccf03cb26ffd0861b0c2a604 25672 oldlibs extra kvm_1.1.2+dfsg-6+deb7u14_amd64.deb
-----BEGIN PGP SIGNATURE-----
iQIcBAEBCAAGBQJXm3pAAAoJEAe4t7DqmBILM6QQAMkucpe+5bKht1PqGOj1KH6u
rkPz2iXlBC8cuXqU7iWR8FibMhlybyt/kJ4Gm7s+wM7Ydg61kI1oyqnwCX41B5aU
7v3LN4brS0Znfozc5Na+ws1SVXDrocwk0hMRiktCVbvUJDAikyKs8qI2JAcZik5m
I8OhLEBY+stx0f/IvdueAnfkP33+9Lg4W91S/lGcER73DGAjzHazGfDEIUHsQ/Ei
OrBa4Ah/EpBd4+NSRf8ffnZi+Rkz4/PkiF3yOIHlYh1dVdWuBASMLDkPoO9AfVC8
ksemxY1UsJW8o50QT7onzu2f8nLvnamQxlPDYNiNFxS/z4OoSGZ41AdUhvTVYgpf
AkSOSuwbuACjV9ezGcb8/CqdFLSGx6jYtAi2xnva5WJ+TzqDtJWb2cPbw4xKsgkl
eq+HmzYNztYP4qunZ50XIL+y8NVjW9FCxRXnfJCDnBN6ve+Z/zJ8+9c8yk067msA
CzfLgCHPHw0RCODq4kOsIU8AubuMFtmbMUeLtQIVT+gmrgXEWAy6jvVzinYzrAm5
lL7KeL5pUeuvXr0YlWrFpMM0hB9cmLpXeQ13lKFSOSoJw5RP8CFdnFB0lAMdJFbT
koqKVWwMJelr0tKkBbeqcabhaIVSuG+hCfhfHMBD1wcjohrhAOcwR6z5CAdrPw9Q
lzAgPx+G+/MXc0bnH64R
=VUYa
-----END PGP SIGNATURE-----