Accepted qemu 1:3.1+dfsg-1 (source) into unstable
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256
Format: 1.8
Date: Sun, 02 Dec 2018 19:10:27 +0300
Source: qemu
Binary: qemu qemu-system qemu-block-extra qemu-system-data qemu-system-common qemu-system-gui qemu-system-misc qemu-system-arm qemu-system-mips qemu-system-ppc qemu-system-sparc qemu-system-x86 qemu-user qemu-user-static qemu-user-binfmt qemu-utils qemu-guest-agent qemu-kvm
Architecture: source
Version: 1:3.1+dfsg-1
Distribution: unstable
Urgency: medium
Maintainer: Debian QEMU Team <pkg-qemu-devel@lists.alioth.debian.org>
Changed-By: Michael Tokarev <mjt@tls.msk.ru>
Description:
qemu - fast processor emulator, dummy package
qemu-block-extra - extra block backend modules for qemu-system and qemu-utils
qemu-guest-agent - Guest-side qemu-system agent
qemu-kvm - QEMU Full virtualization on x86 hardware
qemu-system - QEMU full system emulation binaries
qemu-system-arm - QEMU full system emulation binaries (arm)
qemu-system-common - QEMU full system emulation binaries (common files)
qemu-system-data - QEMU full system emulation (data files)
qemu-system-gui - QEMU full system emulation binaries (user interface and audio sup
qemu-system-mips - QEMU full system emulation binaries (mips)
qemu-system-misc - QEMU full system emulation binaries (miscellaneous)
qemu-system-ppc - QEMU full system emulation binaries (ppc)
qemu-system-sparc - QEMU full system emulation binaries (sparc)
qemu-system-x86 - QEMU full system emulation binaries (x86)
qemu-user - QEMU user mode emulation binaries
qemu-user-binfmt - QEMU user mode binfmt registration for qemu-user
qemu-user-static - QEMU user mode emulation binaries (static version)
qemu-utils - QEMU utilities
Closes: 795486 813658 901017 902501 902725 907500 908682 910431 911468 911469 911470 911499 912535 914599 914604 914727 915884
Changes:
qemu (1:3.1+dfsg-1) unstable; urgency=medium
.
* new upstream release (3.1)
* Security bugs fixed by upstream:
Closes: #910431, CVE-2018-10839:
integer overflow leads to buffer overflow issue
Closes: #911468, CVE-2018-17962
pcnet: integer overflow leads to buffer overflow
Closes: #911469, CVE-2018-17963
net: ignore packets with large size
Closes: #908682, CVE-2018-3639
qemu should be able to pass the ssbd cpu flag
Closes: #901017, CVE-2018-11806
m_cat in slirp/mbuf.c in Qemu has a heap-based buffer overflow
via incoming fragmented datagrams
Closes: #902725, CVE-2018-12617
qmp_guest_file_read in qemu-ga has an integer overflow
Closes: #907500, CVE-2018-15746
qemu-seccomp might allow local OS guest users to cause a denial of service
Closes: #915884, CVE-2018-16867
dev-mtp: path traversal in usb_mtp_write_data of the MTP
Closes: #911499, CVE-2018-17958
Buffer Overflow in rtl8139_do_receive in hw/net/rtl8139.c
because an incorrect integer data type is used
Closes: #911470, CVE-2018-18438
integer overflows because IOReadHandler and its associated functions
use a signed integer data type for a size value
Closes: #912535, CVE-2018-18849
lsi53c895a: OOB msg buffer access leads to DoS
Closes: #914604, CVE-2018-18954
pnv_lpc_do_eccb function in hw/ppc/pnv_lpc.c in Qemu before 3.1
allows out-of-bounds write or read access to PowerNV memory
Closes: #914599, CVE-2018-19364
Use-after-free due to race condition while updating fid path
Closes: #914727, CVE-2018-19489
9pfs: crash due to race condition in renaming files
* remove patches which were applied upstream
* add new manpage qemu-cpu-models.7
* qemu-system-ppcemb is gone, use qemu-system-ppc[64]
* do-not-link-everything-with-xen.patch (trivial)
* get-orig-source: handle 3.x and 4.x, and remove roms again, as
upstream wants us to use separate source packages for that stuff
* move generated data from qemu-system-data back to qemu-system-common
* d/control: enable spice on arm64 (Closes: #902501)
(probably should enable on all)
* d/control: change git@salsa urls to https
* add qemu-guest-agent.service (Closes: #795486)
* enable opengl support and virglrenderer (Closes: #813658)
* simplify d/rules just a little bit
* build-depend on libudev-dev, for qga
Checksums-Sha1:
a65a31436ea02a77c21bff8f7afa02ae05938a26 5967 qemu_3.1+dfsg-1.dsc
b6a6c31d146b13e14af253d6dc25f16ccad7d060 8705368 qemu_3.1+dfsg.orig.tar.xz
a07b0298ac2fe6be7ee5e9540fd6fc6d9c1b20ee 72160 qemu_3.1+dfsg-1.debian.tar.xz
2233f07915fcbb0daa421fca2674a139941f832b 16084 qemu_3.1+dfsg-1_source.buildinfo
Checksums-Sha256:
c1b9ec8e25ff07877505291d8c0ef235f7b81117a9a706bdf76deba857c09484 5967 qemu_3.1+dfsg-1.dsc
2f277942759dd3eed21f7e00edfeab52b4f58d6f2f22d4f7e1a8aa4dc54c80d7 8705368 qemu_3.1+dfsg.orig.tar.xz
62ccd57796c3a43d99aac37ffac4b24b7188216f719ff50b0e1ce84f058ccca5 72160 qemu_3.1+dfsg-1.debian.tar.xz
4f53f5acac8637a3716dbd1ea4380d7c08a8c1d15a1de581095963b1e76b560b 16084 qemu_3.1+dfsg-1_source.buildinfo
Files:
059657635379ae27ba846df240e16b54 5967 otherosfs optional qemu_3.1+dfsg-1.dsc
b17f33786c89d547150490811a40f0b2 8705368 otherosfs optional qemu_3.1+dfsg.orig.tar.xz
62ef7391f798ccbd2b4d5f7928033522 72160 otherosfs optional qemu_3.1+dfsg-1.debian.tar.xz
13fd8a8bb95fc80a05de9f1cb33a50ce 16084 otherosfs optional qemu_3.1+dfsg-1_source.buildinfo
-----BEGIN PGP SIGNATURE-----
iQFDBAEBCAAtFiEEe3O61ovnosKJMUsicBtPaxppPlkFAlwQzGwPHG1qdEB0bHMu
bXNrLnJ1AAoJEHAbT2saaT5Z+zUH/1AG3gTlCfodSE7V0FW8268LUMpsJS7mpZ/p
4K8GUdAXtH6TWN1n4vfbUeCaO+dJYHT2g0dTFqwKhJoLElhcCFH8F2pcVQPJfPQQ
YLYQIR/5Mijs+cHIpbzc7KO4Jj2umLOe0GZtEnmbXvBNGRf9/KImb8nRzSitVJSX
qlRSLsr5tLVIgBxGJynPCWYLzwAnvv6chSNBT7e/1vBvo87B1l3gL7ibRdIF3CFJ
s4mYqyYQvIwlEgOE1UKswSunQjcbjZY2ATy0DAxZw5E0ec8etX3cl/tCH8Hq6aSZ
lpDOsBZu/rRukrF3Rt7GSSPCsoLXwWUYa9mRnEsTBWzcw0pJKmc=
=1I7Y
-----END PGP SIGNATURE-----