Back to qemu PTS page

Accepted qemu 1:2.1+dfsg-12+deb8u5 (source) into proposed-updates->stable-new, proposed-updates



-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256

Format: 1.8
Date: Mon, 01 Feb 2016 23:32:49 +0300
Source: qemu
Binary: qemu qemu-system qemu-system-common qemu-system-misc qemu-system-arm qemu-system-mips qemu-system-ppc qemu-system-sparc qemu-system-x86 qemu-user qemu-user-static qemu-user-binfmt qemu-utils qemu-guest-agent qemu-kvm
Architecture: source
Version: 1:2.1+dfsg-12+deb8u5
Distribution: jessie-security
Urgency: high
Maintainer: Debian QEMU Team <pkg-qemu-devel@lists.alioth.debian.org>
Changed-By: Michael Tokarev <mjt@tls.msk.ru>
Description:
 qemu       - fast processor emulator
 qemu-guest-agent - Guest-side qemu-system agent
 qemu-kvm   - QEMU Full virtualization on x86 hardware
 qemu-system - QEMU full system emulation binaries
 qemu-system-arm - QEMU full system emulation binaries (arm)
 qemu-system-common - QEMU full system emulation binaries (common files)
 qemu-system-mips - QEMU full system emulation binaries (mips)
 qemu-system-misc - QEMU full system emulation binaries (miscelaneous)
 qemu-system-ppc - QEMU full system emulation binaries (ppc)
 qemu-system-sparc - QEMU full system emulation binaries (sparc)
 qemu-system-x86 - QEMU full system emulation binaries (x86)
 qemu-user  - QEMU user mode emulation binaries
 qemu-user-binfmt - QEMU user mode binfmt registration for qemu-user
 qemu-user-static - QEMU user mode emulation binaries (static version)
 qemu-utils - QEMU utilities
Closes: 799452 806373 806741 806742 808130 808131 808144 808145 809229 809232 810519 810527 811201
Changes:
 qemu (1:2.1+dfsg-12+deb8u5) jessie-security; urgency=high
 .
   * applied 3 patches from upstream to fix virtio-net
     possible remote DoS (Closes: #799452 CVE-2015-7295)
   * pcnet-add-check-to-validate-receive-data-size-CVE-2015-7504.patch
     (Closes: #806742, CVE-2015-7504)
   * pcnet-fix-rx-buffer-overflow-CVE-2015-7512.patch
     (Closes: #806741, CVE-2015-7512)
   * msix-implement-pba-write-but-read-only-CVE-2015-7549.patch
     (Closes: #808131, CVE-2015-7549)
   * eepro100-prevent-two-endless-loops-CVE-2015-8345.patch
     (Closes: #806373, CVE-2015-8345)
   * vnc-avoid-floating-point-exception-CVE-2015-8504.patch
     (Closes: #808130, CVE-2015-8504)
   * ehci-make-idt-processing-more-robust-CVE-2015-8558.patch
     (Closes: #808144, CVE-2015-8558)
   * two upstream patches from xsa-155 fixing unsafe shared memory access in xen
     (Closes: #809229, CVE-2015-8550)
   * net-ne2000-fix-bounds-check-in-ioport-operations-CVE-2015-8743.patch
     (Closes: #810519, CVE-2015-8743)
   * net-vmxnet3-avoid-memory-leakage-in-activate_device-[...].patch
     (Closes: #808145, CVE-2015-8567, CVE-2015-8568)
   * scsi-initialise-info-object-with-appropriate-size-CVE-2015-8613.patch
     (Closes: #809232, CVE-2015-8613)
   * vmxnet3-refine-l2-header-validation-CVE-2015-8744.patch
     (Closes: CVE-2015-8744)
   * vmxnet3-support-reading-IMR-registers-on-bar0-CVE-2015-8745.patch
     (Closes: CVE-2015-8745)
   * ide-ahci-reset-ncq-object-to-unused-on-error-CVE-2016-1568.patch
     (Closes: #810527, CVE-2016-1568)
   * fw_cfg-add-check-to-validate-current-entry-value-CVE-2016-1714.patch
     (Closes: CVE-2016-1714)
   * i386-avoid-null-pointer-dereference-CVE-2016-1922.patch
     (Closes: #811201, CVE-2016-1922)
Checksums-Sha1:
 e83e863c38e418b2623c6700b13c8c4c4f6e7eb9 5174 qemu_2.1+dfsg-12+deb8u5.dsc
 54a39c8e48b1b1e7d39beeeb7eb9fc554623897f 127544 qemu_2.1+dfsg-12+deb8u5.debian.tar.xz
Checksums-Sha256:
 5ab190585d859a94c3aee7397c6c54a3f9c9169fbee45a694d33962b2af9b62f 5174 qemu_2.1+dfsg-12+deb8u5.dsc
 938be4ec654e623b0ad783eba71b951d7c92f98f803a1671e27de896d7009beb 127544 qemu_2.1+dfsg-12+deb8u5.debian.tar.xz
Files:
 e51c9efc7305e91cf03a6c5f6b4f49d4 5174 otherosfs optional qemu_2.1+dfsg-12+deb8u5.dsc
 ab8611a4548efcb3c4c0aca8ab64590a 127544 otherosfs optional qemu_2.1+dfsg-12+deb8u5.debian.tar.xz

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v2

iQEcBAEBCAAGBQJWr8SBAAoJEL7lnXSkw9fbzYcH/RA8b2ogrYlEKYvYtcPn6gC2
27WWqxQ4Rkiaja61msNJvsnYFIMOh/HuFGDbXQoewV064I7AltnjNCwSSTs4vPTn
hEZeN2C7tEsW9vQ/O85Xb7g8ZVPxov6hsfF9U/k0OIi84kZp8Vgj5JkJV5Sp1XFL
YrLB8GnMO4AojP5S904mIMTjpB0OfitPUNo29r8Ppce+Wr+s35gPja7iGp+hFwyE
h9x+e//tqMtuj3TNrfhkbnF4rUgOyvmm7T79GY2Ma5vgjMGU9ZT+I6Jl8DsyWMAd
U3AkhMP3K8+86gKPnDoFpleIZeL7u74R5px586BzAQOn2fl1e8JgytUVE4QCV4A=
=l7aU
-----END PGP SIGNATURE-----