Accepted qemu 1:2.8+dfsg-6+deb9u2 (source) into proposed-updates->stable-new, proposed-updates
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256
Format: 1.8
Date: Wed, 02 Aug 2017 16:57:34 +0300
Source: qemu
Binary: qemu qemu-system qemu-block-extra qemu-system-common qemu-system-misc qemu-system-arm qemu-system-mips qemu-system-ppc qemu-system-sparc qemu-system-x86 qemu-user qemu-user-static qemu-user-binfmt qemu-utils qemu-guest-agent qemu-kvm
Architecture: source
Version: 1:2.8+dfsg-6+deb9u2
Distribution: stretch-security
Urgency: high
Maintainer: Debian QEMU Team <pkg-qemu-devel@lists.alioth.debian.org>
Changed-By: Michael Tokarev <mjt@tls.msk.ru>
Description:
qemu - fast processor emulator
qemu-block-extra - extra block backend modules for qemu-system and qemu-utils
qemu-guest-agent - Guest-side qemu-system agent
qemu-kvm - QEMU Full virtualization on x86 hardware
qemu-system - QEMU full system emulation binaries
qemu-system-arm - QEMU full system emulation binaries (arm)
qemu-system-common - QEMU full system emulation binaries (common files)
qemu-system-mips - QEMU full system emulation binaries (mips)
qemu-system-misc - QEMU full system emulation binaries (miscellaneous)
qemu-system-ppc - QEMU full system emulation binaries (ppc)
qemu-system-sparc - QEMU full system emulation binaries (sparc)
qemu-system-x86 - QEMU full system emulation binaries (x86)
qemu-user - QEMU user mode emulation binaries
qemu-user-binfmt - QEMU user mode binfmt registration for qemu-user
qemu-user-static - QEMU user mode emulation binaries (static version)
qemu-utils - QEMU utilities
Closes: 865755 867751 869171 869173 869945
Changes:
qemu (1:2.8+dfsg-6+deb9u2) stretch-security; urgency=high
.
* actually apply the nbd server patches, not only include in debian/patches/
Really closes: #865755, CVE-2017-9524
* slirp-check-len-against-dhcp-options-array-end-CVE-2017-11434.patch
Closes: #869171, CVE-2017-11434
* exec-use-qemu_ram_ptr_length-to-access-guest-ram-CVE-2017-11334.patch
Closes: #869173, CVE-2017-11334
* usb-redir-fix-stack-overflow-in-usbredir_log_data-CVE-2017-10806.patch
Closes: #867751, CVE-2017-10806
* add reference to #869706 to
xen-disk-don-t-leak-stack-data-via-response-ring-CVE-2017-10911.patch
* disable xhci recursive calls fix for now, as it causes instant crash
(xhci-guard-xhci_kick_epctx-against-recursive-calls-CVE-2017-9375.patch)
Reopens: #864219, CVE-2017-9375
Closes: #869945
Checksums-Sha1:
1a2314a55308cbd977d6255a00d886c424155c51 5579 qemu_2.8+dfsg-6+deb9u2.dsc
e237d980c29f2e0bbd9bdfd81d2c2ecfa8bc84c7 125676 qemu_2.8+dfsg-6+deb9u2.debian.tar.xz
2552189938eb0e241d8f006b3dd5947b7e047272 10780 qemu_2.8+dfsg-6+deb9u2_source.buildinfo
Checksums-Sha256:
e831a68fee079d0e731dcc259b77067b04e6f0ad13903d4fc7eebdb86b5e27f7 5579 qemu_2.8+dfsg-6+deb9u2.dsc
62e98ed5db40ba75d10cf589fedbf1f47b0d6e27e5457808a03a48a124e579de 125676 qemu_2.8+dfsg-6+deb9u2.debian.tar.xz
3f9cf6d7be6fe32b6bbf5d641b9c871d23a104b1bb5e55d256c1f63312d8f6b6 10780 qemu_2.8+dfsg-6+deb9u2_source.buildinfo
Files:
205e0d50a023ddf4a5505991681861c3 5579 otherosfs optional qemu_2.8+dfsg-6+deb9u2.dsc
48289e903387296142e73f37525a02be 125676 otherosfs optional qemu_2.8+dfsg-6+deb9u2.debian.tar.xz
76891081c5865b92a5912d58f0fcb6ea 10780 otherosfs optional qemu_2.8+dfsg-6+deb9u2_source.buildinfo
-----BEGIN PGP SIGNATURE-----
iQFDBAEBCAAtFiEEe3O61ovnosKJMUsicBtPaxppPlkFAlmB4U4PHG1qdEB0bHMu
bXNrLnJ1AAoJEHAbT2saaT5ZDf0H/0zW8YtkXgYy+V9emiib1j2J91IHF+YtYrwz
Ix89CbkNkCjl7sd1YMiSEb1R2iTR2A4LXE3B6UUmNJ/LWCIVFzJXQz1SzPzqCOeh
vz5lAIPhsuYhzw6/jOMiNQLn7iS8TNkyBdWqTeaiLYevDePTyvnPLTnhjXrswINK
flCWIfi6esjnk9Rzn87BwVm7k/DclVJt3A+JlrGAkq7vnHCPUnjcUkAGdhl0LMop
T/SgJ+Kj0IefuLRvSEQOd287cT+INEK1mQf0uuOLoxy4gTQNkKNAWhb6fUwes/z8
YNWkxwWwVQ5ypfitM24+Lq3s+BNiNXdpktO2xDtfghi0OthoAnM=
=nmt+
-----END PGP SIGNATURE-----