Back to qemu PTS page

Accepted qemu 1:3.1+dfsg-1 (source) into unstable

Hash: SHA256

Format: 1.8
Date: Sun, 02 Dec 2018 19:10:27 +0300
Source: qemu
Binary: qemu qemu-system qemu-block-extra qemu-system-data qemu-system-common qemu-system-gui qemu-system-misc qemu-system-arm qemu-system-mips qemu-system-ppc qemu-system-sparc qemu-system-x86 qemu-user qemu-user-static qemu-user-binfmt qemu-utils qemu-guest-agent qemu-kvm
Architecture: source
Version: 1:3.1+dfsg-1
Distribution: unstable
Urgency: medium
Maintainer: Debian QEMU Team <>
Changed-By: Michael Tokarev <>
 qemu       - fast processor emulator, dummy package
 qemu-block-extra - extra block backend modules for qemu-system and qemu-utils
 qemu-guest-agent - Guest-side qemu-system agent
 qemu-kvm   - QEMU Full virtualization on x86 hardware
 qemu-system - QEMU full system emulation binaries
 qemu-system-arm - QEMU full system emulation binaries (arm)
 qemu-system-common - QEMU full system emulation binaries (common files)
 qemu-system-data - QEMU full system emulation (data files)
 qemu-system-gui - QEMU full system emulation binaries (user interface and audio sup
 qemu-system-mips - QEMU full system emulation binaries (mips)
 qemu-system-misc - QEMU full system emulation binaries (miscellaneous)
 qemu-system-ppc - QEMU full system emulation binaries (ppc)
 qemu-system-sparc - QEMU full system emulation binaries (sparc)
 qemu-system-x86 - QEMU full system emulation binaries (x86)
 qemu-user  - QEMU user mode emulation binaries
 qemu-user-binfmt - QEMU user mode binfmt registration for qemu-user
 qemu-user-static - QEMU user mode emulation binaries (static version)
 qemu-utils - QEMU utilities
Closes: 795486 813658 901017 902501 902725 907500 908682 910431 911468 911469 911470 911499 912535 914599 914604 914727 915884
 qemu (1:3.1+dfsg-1) unstable; urgency=medium
   * new upstream release (3.1)
   * Security bugs fixed by upstream:
     Closes: #910431, CVE-2018-10839:
      integer overflow leads to buffer overflow issue
     Closes: #911468, CVE-2018-17962
      pcnet: integer overflow leads to buffer overflow
     Closes: #911469, CVE-2018-17963
      net: ignore packets with large size
     Closes: #908682, CVE-2018-3639
      qemu should be able to pass the ssbd cpu flag
     Closes: #901017, CVE-2018-11806
      m_cat in slirp/mbuf.c in Qemu has a heap-based buffer overflow
      via incoming fragmented datagrams
     Closes: #902725, CVE-2018-12617
      qmp_guest_file_read in qemu-ga has an integer overflow
     Closes: #907500, CVE-2018-15746
      qemu-seccomp might allow local OS guest users to cause a denial of service
     Closes: #915884, CVE-2018-16867
      dev-mtp: path traversal in usb_mtp_write_data of the MTP
     Closes: #911499, CVE-2018-17958
      Buffer Overflow in rtl8139_do_receive in hw/net/rtl8139.c
      because an incorrect integer data type is used
     Closes: #911470, CVE-2018-18438
      integer overflows because IOReadHandler and its associated functions
      use a signed integer data type for a size value
     Closes: #912535, CVE-2018-18849
      lsi53c895a: OOB msg buffer access leads to DoS
     Closes: #914604, CVE-2018-18954
      pnv_lpc_do_eccb function in hw/ppc/pnv_lpc.c in Qemu before 3.1
      allows out-of-bounds write or read access to PowerNV memory
     Closes: #914599, CVE-2018-19364
      Use-after-free due to race condition while updating fid path
     Closes: #914727, CVE-2018-19489
      9pfs: crash due to race condition in renaming files
   * remove patches which were applied upstream
   * add new manpage qemu-cpu-models.7
   * qemu-system-ppcemb is gone, use qemu-system-ppc[64]
   * do-not-link-everything-with-xen.patch (trivial)
   * get-orig-source: handle 3.x and 4.x, and remove roms again, as
     upstream wants us to use separate source packages for that stuff
   * move generated data from qemu-system-data back to qemu-system-common
   * d/control: enable spice on arm64 (Closes: #902501)
     (probably should enable on all)
   * d/control: change git@salsa urls to https
   * add qemu-guest-agent.service (Closes: #795486)
   * enable opengl support and virglrenderer (Closes: #813658)
   * simplify d/rules just a little bit
   * build-depend on libudev-dev, for qga
 a65a31436ea02a77c21bff8f7afa02ae05938a26 5967 qemu_3.1+dfsg-1.dsc
 b6a6c31d146b13e14af253d6dc25f16ccad7d060 8705368 qemu_3.1+dfsg.orig.tar.xz
 a07b0298ac2fe6be7ee5e9540fd6fc6d9c1b20ee 72160 qemu_3.1+dfsg-1.debian.tar.xz
 2233f07915fcbb0daa421fca2674a139941f832b 16084 qemu_3.1+dfsg-1_source.buildinfo
 c1b9ec8e25ff07877505291d8c0ef235f7b81117a9a706bdf76deba857c09484 5967 qemu_3.1+dfsg-1.dsc
 2f277942759dd3eed21f7e00edfeab52b4f58d6f2f22d4f7e1a8aa4dc54c80d7 8705368 qemu_3.1+dfsg.orig.tar.xz
 62ccd57796c3a43d99aac37ffac4b24b7188216f719ff50b0e1ce84f058ccca5 72160 qemu_3.1+dfsg-1.debian.tar.xz
 4f53f5acac8637a3716dbd1ea4380d7c08a8c1d15a1de581095963b1e76b560b 16084 qemu_3.1+dfsg-1_source.buildinfo
 059657635379ae27ba846df240e16b54 5967 otherosfs optional qemu_3.1+dfsg-1.dsc
 b17f33786c89d547150490811a40f0b2 8705368 otherosfs optional qemu_3.1+dfsg.orig.tar.xz
 62ef7391f798ccbd2b4d5f7928033522 72160 otherosfs optional qemu_3.1+dfsg-1.debian.tar.xz
 13fd8a8bb95fc80a05de9f1cb33a50ce 16084 otherosfs optional qemu_3.1+dfsg-1_source.buildinfo