Accepted qemu 1:4.1-1 (source) into unstable
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256
Format: 1.8
Date: Tue, 27 Aug 2019 12:43:43 +0300
Source: qemu
Architecture: source
Version: 1:4.1-1
Distribution: unstable
Urgency: medium
Maintainer: Debian QEMU Team <pkg-qemu-devel@lists.alioth.debian.org>
Changed-By: Michael Tokarev <mjt@tls.msk.ru>
Closes: 897054 916442 922461 922923 927924 931351 933741 935324
Changes:
qemu (1:4.1-1) unstable; urgency=medium
.
* new upstream release v4.1
Closes: #933741, CVE-2019-14378 (slirp buff overflow in packet reassembly)
(use internal slirp copy for now)
Closes: #931351, CVE-2019-13164 (qemu-bridge-helper long IFNAME)
Closes: #922923, CVE-2019-8934 (ppc64 emulator leaks hw identity)
Closes: #916442, CVE-2018-20123 (pvrdma memory leak in device hotplug)
Closes: #922461, CVE-2018-20124 (pvrdma num_sge can exceed MAX_SGE)
Closes: #927924 (new upstream version)
Closes: #897054 (AMD Zen CPU support)
Closes: #935324 (FTBFS due to gluster API change)
Closes: #916442, CVE-2018-20123 (pvrdma: memleak after init error)
Closes: #922461, CVE-2018-20124 (pvrdma: OOB access with large num_sge)
Closes: CVE-2018-20125 (pvrdma: DoS in create_cq_ring|create_qp_rings)
Closes: CVE-2018-20126 (pvrdma: memleaks in create_cq_ring|create_qp_rings)
Closes: CVE-2018-20191 (pvrdma: DoS due to missing read operation impl.)
Closes: CVE-2018-20216 (pvrdma: infinite loop in pvrdma_dev_ring.c)
* remove patches which are applied upstream, refresh remaining patches
(bt-use-size_t-...-CVE-2018-19665.patch hasn't been applied upstream,
bluetooth subsystem is going to be removed, we keep it for now)
* debian/source/options: ignore slirp/ submodule
* use python3 for building, not python
* debian/optionrom.mk: add pvh.bin
* switch from libssh2 to libssh, and enable libssh support in ubuntu
* bump spice version requiriment to 0.12.5
* enable pvrdma
* debian/control-in: remove reference to libsdl
* debian/rules: add new objects for s390-ccw fw
* debian/control: add build dependency on python3-sphinx for docs
* install ui/icons/qemu.svg and qemu.desktop
* debian/rules: remove pc-bios/bamboo.dtb before building it
* install vhost-user-gpu binary and 50-qemu-gpu.json
* debian/rules: remove old maintscript-helper invocations, not needed anymore
* remove +dfsg for now, upload whole upstream source, will trim it later
Checksums-Sha1:
0981c2f6e35546d7787d6ea4b4c36faf4ac47345 6102 qemu_4.1-1.dsc
29c99be326cd8f3b2b75d7fec9066ca24854df1e 54001708 qemu_4.1.orig.tar.xz
ab5d0e86ae09511987cb5c12d5f14d63b97f0436 81024 qemu_4.1-1.debian.tar.xz
661143f9f74ff573da87191fbaf31558107cce60 7970 qemu_4.1-1_source.buildinfo
Checksums-Sha256:
63f844d4d43d8933e80fc4c10e6293253fb7947ca8bd3319621f499d12f992b8 6102 qemu_4.1-1.dsc
656e60218689bdeec69903087fd7582d5d3e72238d02f4481d8dc6d79fd909c6 54001708 qemu_4.1.orig.tar.xz
f701f2e6e8cd758ea4ecf422a351f72984ed6a4a873148ddf512a9cd29cf83de 81024 qemu_4.1-1.debian.tar.xz
3846ef36a892b02b5cacb4c391acaa14a1fb2eb9941f64245b03df4b1f5314c4 7970 qemu_4.1-1_source.buildinfo
Files:
2d0f3096e4f77a06577d6e9edcc50a37 6102 otherosfs optional qemu_4.1-1.dsc
cdf2b5ca52b9abac9bacb5842fa420f8 54001708 otherosfs optional qemu_4.1.orig.tar.xz
687c7663a5982d46f6edc3389ec35f3f 81024 otherosfs optional qemu_4.1-1.debian.tar.xz
2ec5b4b58509a2c4743cfc5f66c298dd 7970 otherosfs optional qemu_4.1-1_source.buildinfo
-----BEGIN PGP SIGNATURE-----
iQFDBAEBCAAtFiEEe3O61ovnosKJMUsicBtPaxppPlkFAl1k+7EPHG1qdEB0bHMu
bXNrLnJ1AAoJEHAbT2saaT5ZyhsIAI0tiZRWnNZAuJuq7a910TPt0eyLmsagec9q
xuC8iJQalRipvWgQ9NIYLQ8dIbKGi7BZVx7xDt/u0pIRbvj4K2ugyBXVhCEH1Oeb
mTvh64xrk1CXVvz63RVdqmQoYOnqe7kqZu6yFUgkcdyoQjovBvopJz4fGn5wqXwE
zkM0MoojF+MlhRKBbyw0G8pxcQy6yB94Us/3XzmOXRmEP6Ou02cebIQDAxGu0P9j
F8n0xTsMMI/tlgStnlbCW7g/X4hG2UK86M11yzRCIRvtmVsqK9tHcTM4YWV4R6XI
GkrMh2skttrWsqYw0Uj08mTjwlT2VRE4NQ0xBA4hmAGVv5TIr1U=
=CksG
-----END PGP SIGNATURE-----