Accepted qemu 1:2.8+dfsg-6+deb9u4 (source) into proposed-updates->stable-new, proposed-updates
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256
Format: 1.8
Date: Sat, 26 May 2018 13:06:04 +0300
Source: qemu
Binary: qemu qemu-system qemu-block-extra qemu-system-common qemu-system-misc qemu-system-arm qemu-system-mips qemu-system-ppc qemu-system-sparc qemu-system-x86 qemu-user qemu-user-static qemu-user-binfmt qemu-utils qemu-guest-agent qemu-kvm
Architecture: source
Version: 1:2.8+dfsg-6+deb9u4
Distribution: stretch-security
Urgency: high
Maintainer: Debian QEMU Team <pkg-qemu-devel@lists.alioth.debian.org>
Changed-By: Michael Tokarev <mjt@tls.msk.ru>
Description:
qemu - fast processor emulator
qemu-block-extra - extra block backend modules for qemu-system and qemu-utils
qemu-guest-agent - Guest-side qemu-system agent
qemu-kvm - QEMU Full virtualization on x86 hardware
qemu-system - QEMU full system emulation binaries
qemu-system-arm - QEMU full system emulation binaries (arm)
qemu-system-common - QEMU full system emulation binaries (common files)
qemu-system-mips - QEMU full system emulation binaries (mips)
qemu-system-misc - QEMU full system emulation binaries (miscellaneous)
qemu-system-ppc - QEMU full system emulation binaries (ppc)
qemu-system-sparc - QEMU full system emulation binaries (sparc)
qemu-system-x86 - QEMU full system emulation binaries (x86)
qemu-user - QEMU user mode emulation binaries
qemu-user-binfmt - QEMU user mode binfmt registration for qemu-user
qemu-user-static - QEMU user mode emulation binaries (static version)
qemu-utils - QEMU utilities
Closes: 877890 880832 880836 882136 883399 883625 884806 886532 887392 892041
Changes:
qemu (1:2.8+dfsg-6+deb9u4) stretch-security; urgency=high
.
* CVE-2017-5715 (spectre/meltdown) fixes for i386 and s390x:
CVE-2017-5715/i386-increase-X86CPUDefinition-model_id-to-49.patch
CVE-2017-5715/i386-add-support-for-SPEC_CTRL-MSR.patch
CVE-2017-5715/i386-add-spec-ctrl-CPUID-bit.patch
CVE-2017-5715/i386-add-FEAT_8000_0008_EBX-CPUID-feature-word.patch
CVE-2017-5715/i386-add-new-IBRS-versions-of-Intel-CPU-models.patch
CVE-2017-5715/s390x-kvm-introduce-branch-prediction-blocking-contr.patch
CVE-2017-5715/s390x-kvm-handle-bpb-feature.patch
Closes: #886532, CVE-2017-5715
* multiboot-bss_end_addr-can-be-zero-CVE-2018-7550.patch
Closes: #892041, CVE-2018-7550
* vga-check-the-validation-of-memory-addr-when-draw-text-CVE-2018-5683.patch
Closes: #887392, CVE-2018-5683
* osdep-fix-ROUND_UP-64-bit-32-bit-CVE-2017-18043.patch
Closes: CVE-2017-18043
* virtio-check-VirtQueue-Vring-object-is-set-CVE-2017-17381.patch
Closes: #883625, CVE-2017-17381
* ps2-check-PS2Queue-pointers-in-post_load-routine-CVE-2017-16845.patch
Closes: #882136, CVE-2017-16845
* cirrus-fix-oob-access-in-mode4and5-write-functions-CVE-2017-15289.patch
Closes: #880832, CVE-2017-15289
* io-monitor-encoutput-buffer-size-from-websocket-GSource-CVE-2017-15268.patch
Closes: #880836, CVE-2017-15268
* nbd-server-CVE-2017-15119-Reject-options-larger-than-32M.patch
Closes: #883399, CVE-2017-15119
* 9pfs-use-g_malloc0-to-allocate-space-for-xattr-CVE-2017-15038.patch
Closes: #877890, CVE-2017-15038
* CVE-2017-15124 (VNC server unbounded memory usage) fixes:
CVE-2017-15124/01-ui-remove-sync-parameter-from-vnc_update_client.patch
CVE-2017-15124/02-ui-remove-unreachable-code-in-vnc_update_client.patch
CVE-2017-15124/03-ui-remove-redundant-indentation-in-vnc_client_update.patch
CVE-2017-15124/04-ui-avoid-pointless-VNC-updates-if-framebuffer-isn-t-.patch
CVE-2017-15124/05-ui-track-how-much-decoded-data-we-consumed-when-doin.patch
CVE-2017-15124/06-ui-introduce-enum-to-track-VNC-client-framebuffer-up.patch
CVE-2017-15124/07-ui-correctly-reset-framebuffer-update-state-after-pr.patch
CVE-2017-15124/08-ui-refactor-code-for-determining-if-an-update-should.patch
CVE-2017-15124/09-ui-fix-VNC-client-throttling-when-audio-capture-is-a.patch
CVE-2017-15124/10-ui-fix-VNC-client-throttling-when-forced-update-is-r.patch
CVE-2017-15124/11-ui-place-a-hard-cap-on-VNC-server-output-buffer-size.patch
CVE-2017-15124/12-ui-add-trace-events-related-to-VNC-client-throttling.patch
CVE-2017-15124/13-ui-mix-misleading-comments-return-types-of-VNC-I-O-h.patch
Closes: #884806, CVE-2017-15124
Checksums-Sha1:
3eaadd4404ea50f67274eb28d97037825a1b2869 5579 qemu_2.8+dfsg-6+deb9u4.dsc
ade882b6e42713bd6f4094c8eeb636a918dac5f9 151696 qemu_2.8+dfsg-6+deb9u4.debian.tar.xz
39ef066f758beadcbde371f43e60ffa095ddd247 11987 qemu_2.8+dfsg-6+deb9u4_source.buildinfo
Checksums-Sha256:
be323ab557fed1ae4f615c4c19e3ae7abe9b94f0281119721e019cbb5123f909 5579 qemu_2.8+dfsg-6+deb9u4.dsc
34b2b6da67ffa71f1e70d6d0f836aa27a840e767d2c3c7bc1734ae2814b52f94 151696 qemu_2.8+dfsg-6+deb9u4.debian.tar.xz
437b71b24b8da96278ffafb8a2a98887827b5e1706ecef207825059b4ba666b1 11987 qemu_2.8+dfsg-6+deb9u4_source.buildinfo
Files:
6e3771006299c70b45f37ad8c8c27605 5579 otherosfs optional qemu_2.8+dfsg-6+deb9u4.dsc
9654bc03a47e11d133ae87d1e0fdbe52 151696 otherosfs optional qemu_2.8+dfsg-6+deb9u4.debian.tar.xz
3b009fc18d489fad8c1a1623e669931a 11987 otherosfs optional qemu_2.8+dfsg-6+deb9u4_source.buildinfo
-----BEGIN PGP SIGNATURE-----
iQFDBAEBCAAtFiEEe3O61ovnosKJMUsicBtPaxppPlkFAlsJMcwPHG1qdEB0bHMu
bXNrLnJ1AAoJEHAbT2saaT5Z3mUH/A8PPA4y5oHpa5wUQqpGyAWhhPMN+dmJkGnl
aygGdg05ggGbRM4wZW6KhlCGHXq6v42M9kufA3wvuQ9Db7UtjjeB6Rf47RgPr8f9
ZX3IZjSWFR0nmYofcxo6a+bzulKcKbOmO/BAj53p7j5R+qT/WyzXgHarHajfGD+B
oykXsqrwE6EiWn/yQxU9omKiOU2L56q8fFBjxak4dHMEDWGXDOpdOJ8/aVc0lFu4
6NA5Q62VKBdpk0JaLxxsn/tz/MWH2SiQMBUTV/yB2nx/ZJMzHFOqOFEfrzARzDGa
xp7fkkErWSkQiT7kklX3ZucZ44TwBG7bwJ9b/vsaj/7HzWpOIOY=
=Veds
-----END PGP SIGNATURE-----