-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256
Format: 1.8
Date: Fri, 01 Oct 2021 19:10:39 +0300
Source: libslirp
Architecture: source
Version: 4.4.0-1+deb11u2
Distribution: bullseye
Urgency: medium
Maintainer: Debian QEMU Team <
pkg-qemu-devel@lists.alioth.debian.org> Changed-By: Michael Tokarev <
mjt@tls.msk.ru>
Closes: 989993 989994 989995 989996
Changes:
libslirp (4.4.0-1+deb11u2) bullseye; urgency=medium
.
* fix-DHCP-broken-in-libslirp-v4.6.0.patch from upstream
this fixes previous change in this area
(bootp-limit-vendor-area-to-input-packet-CVE-2021-3592.patch).
https://gitlab.freedesktop.org/slirp/libslirp/-/issues/48
.
libslirp (4.4.0-1+deb11u1) bullseye; urgency=medium
.
* import a few patches from upstream to fix 4 security issues:
- add-mtod_check.patch (preparational)
- bootp-limit-vendor-area-to-input-packet-CVE-2021-3592.patch,
bootp-check-bootp_input-buffer-size-CVE-2021-3592.patch
Closes: #989993, CVE-2021-3592: invalid pointer init in bootp_init()
- tftp-check-tftp_input-buffer-size-CVE-2021-3595.patch,
tftp-introduce-a-header-structure-CVE-2021-3595.patch
Closes: #989996, CVE-2021-3595: invalid pointer init in tftp_input()
- udp-check-upd_input-buffer-size-CVE-2021-3594.patch
Closes: #989995, CVE-2021-3594: invalid pointer init in udp_input()
- upd6-check-udp6_input-buffer-size-CVE-2021-3593.patch
Closes: #989994, CVE-2021-3593: invalid pointer init in udp6_input() Checksums-Sha1:
c801321aeeb1f979a086e8b9b6abaa52cacb35e9 1721 libslirp_4.4.0-1+deb11u2.dsc
36cdf7a9a4c4af7404a55c040903076bac52f10c 8756 libslirp_4.4.0-1+deb11u2.debian.tar.xz
5924db43445d1c23a85b95e032c1dc78a6ca73e0 6982 libslirp_4.4.0-1+deb11u2_source.buildinfo
Checksums-Sha256:
38ecb306fa8bc2ef94029b0de0e2caff41e9f58c4a00eb419ff3fda0745ab8d8 1721 libslirp_4.4.0-1+deb11u2.dsc
533e72fc5454a413acaf06c124f1faa18eb69ec25793d08aa8f7b327f16c8307 8756 libslirp_4.4.0-1+deb11u2.debian.tar.xz
7451836f1bbe0d5356cf8400a8aef977a836292cfad8893ab5887270c5b3c529 6982 libslirp_4.4.0-1+deb11u2_source.buildinfo
Files:
8763e05fad0a2f1d644cefe4bf5c2a0d 1721 net optional libslirp_4.4.0-1+deb11u2.dsc
4d494afe5fc68feaefd368b10943159e 8756 net optional libslirp_4.4.0-1+deb11u2.debian.tar.xz
f1c5dbe8b7ec0fc4e2e8e1b3dd4e17f0 6982 net optional libslirp_4.4.0-1+deb11u2_source.buildinfo
-----BEGIN PGP SIGNATURE-----
iQFDBAEBCAAtFiEEe3O61ovnosKJMUsicBtPaxppPlkFAmFXNDAPHG1qdEB0bHMu bXNrLnJ1AAoJEHAbT2saaT5ZW68IAJ8OS02+W6115eqA5pQCowgQ+i5ToY0mZIir EPlMv1x6ZwdhyO4XJuuC5akfa3uVscujKoBSFnupWtATTreT8FsERYso8WRaa3VQ tsRLZfyILAPfiX36QUnK1uZF6ks+tk7EveQC/7sQaaEg16zeP+3Of0lyy2yClFGn WrV7iGaAjKZYFu5+aLGpl3+oDj/xOJ7vSEq2X8oMRP2ooIp+8UxIRdmG8NZlKZ7P YoNMNkAe2v/0mu/2+jsCOUrUDGYza6LI7DdZJDydCSWMxJwioDdfF+Tz366ScJwx 6ng9oeLDSoaJ3zklq4gXVNx7w2nwtYzpE6Q96xzUuytWFgj67Jo=
=Uj0n
-----END PGP SIGNATURE-----
--- SoupGate-Win32 v1.05
* Origin: fsxNet Usenet Gateway (21:1/5)