1. Forum
  2. Usenet
  3. LINUX.DEBIAN.CHANGES

  • Accepted libslirp 4.4.0-1+deb11u2 (source) into proposed-updates->stabl

    From Debian FTP Masters@21:1/5 to All on Fri Oct 1 21:40:02 2021
    -----BEGIN PGP SIGNED MESSAGE-----
    Hash: SHA256

    Format: 1.8
    Date: Fri, 01 Oct 2021 19:10:39 +0300
    Source: libslirp
    Architecture: source
    Version: 4.4.0-1+deb11u2
    Distribution: bullseye
    Urgency: medium
    Maintainer: Debian QEMU Team <pkg-qemu-devel@lists.alioth.debian.org> Changed-By: Michael Tokarev <mjt@tls.msk.ru>
    Closes: 989993 989994 989995 989996
    Changes:
    libslirp (4.4.0-1+deb11u2) bullseye; urgency=medium
    .
    * fix-DHCP-broken-in-libslirp-v4.6.0.patch from upstream
    this fixes previous change in this area
    (bootp-limit-vendor-area-to-input-packet-CVE-2021-3592.patch).
    https://gitlab.freedesktop.org/slirp/libslirp/-/issues/48
    .
    libslirp (4.4.0-1+deb11u1) bullseye; urgency=medium
    .
    * import a few patches from upstream to fix 4 security issues:
    - add-mtod_check.patch (preparational)
    - bootp-limit-vendor-area-to-input-packet-CVE-2021-3592.patch,
    bootp-check-bootp_input-buffer-size-CVE-2021-3592.patch
    Closes: #989993, CVE-2021-3592: invalid pointer init in bootp_init()
    - tftp-check-tftp_input-buffer-size-CVE-2021-3595.patch,
    tftp-introduce-a-header-structure-CVE-2021-3595.patch
    Closes: #989996, CVE-2021-3595: invalid pointer init in tftp_input()
    - udp-check-upd_input-buffer-size-CVE-2021-3594.patch
    Closes: #989995, CVE-2021-3594: invalid pointer init in udp_input()
    - upd6-check-udp6_input-buffer-size-CVE-2021-3593.patch
    Closes: #989994, CVE-2021-3593: invalid pointer init in udp6_input() Checksums-Sha1:
    c801321aeeb1f979a086e8b9b6abaa52cacb35e9 1721 libslirp_4.4.0-1+deb11u2.dsc
    36cdf7a9a4c4af7404a55c040903076bac52f10c 8756 libslirp_4.4.0-1+deb11u2.debian.tar.xz
    5924db43445d1c23a85b95e032c1dc78a6ca73e0 6982 libslirp_4.4.0-1+deb11u2_source.buildinfo
    Checksums-Sha256:
    38ecb306fa8bc2ef94029b0de0e2caff41e9f58c4a00eb419ff3fda0745ab8d8 1721 libslirp_4.4.0-1+deb11u2.dsc
    533e72fc5454a413acaf06c124f1faa18eb69ec25793d08aa8f7b327f16c8307 8756 libslirp_4.4.0-1+deb11u2.debian.tar.xz
    7451836f1bbe0d5356cf8400a8aef977a836292cfad8893ab5887270c5b3c529 6982 libslirp_4.4.0-1+deb11u2_source.buildinfo
    Files:
    8763e05fad0a2f1d644cefe4bf5c2a0d 1721 net optional libslirp_4.4.0-1+deb11u2.dsc
    4d494afe5fc68feaefd368b10943159e 8756 net optional libslirp_4.4.0-1+deb11u2.debian.tar.xz
    f1c5dbe8b7ec0fc4e2e8e1b3dd4e17f0 6982 net optional libslirp_4.4.0-1+deb11u2_source.buildinfo

    -----BEGIN PGP SIGNATURE-----

    iQFDBAEBCAAtFiEEe3O61ovnosKJMUsicBtPaxppPlkFAmFXNDAPHG1qdEB0bHMu bXNrLnJ1AAoJEHAbT2saaT5ZW68IAJ8OS02+W6115eqA5pQCowgQ+i5ToY0mZIir EPlMv1x6ZwdhyO4XJuuC5akfa3uVscujKoBSFnupWtATTreT8FsERYso8WRaa3VQ tsRLZfyILAPfiX36QUnK1uZF6ks+tk7EveQC/7sQaaEg16zeP+3Of0lyy2yClFGn WrV7iGaAjKZYFu5+aLGpl3+oDj/xOJ7vSEq2X8oMRP2ooIp+8UxIRdmG8NZlKZ7P YoNMNkAe2v/0mu/2+jsCOUrUDGYza6LI7DdZJDydCSWMxJwioDdfF+Tz366ScJwx 6ng9oeLDSoaJ3zklq4gXVNx7w2nwtYzpE6Q96xzUuytWFgj67Jo=
    =Uj0n
    -----END PGP SIGNATURE-----

    --- SoupGate-Win32 v1.05
    * Origin: fsxNet Usenet Gateway (21:1/5)