1. Forum
  2. Usenet
  3. LINUX.DEBIAN.CHANGES

  • Accepted qemu 1:5.2+dfsg-11+deb11u1 (source) into proposed-updates->sta

    From Debian FTP Masters@21:1/5 to All on Sat Oct 9 22:30:03 2021
    -----BEGIN PGP SIGNED MESSAGE-----
    Hash: SHA256

    Format: 1.8
    Date: Wed, 29 Sep 2021 13:14:52 +0300
    Source: qemu
    Architecture: source
    Version: 1:5.2+dfsg-11+deb11u1
    Distribution: bullseye-security
    Urgency: medium
    Maintainer: Debian QEMU Team <pkg-qemu-devel@lists.alioth.debian.org> Changed-By: Michael Tokarev <mjt@tls.msk.ru>
    Closes: 988174 989042 991911 992726 992727 993401
    Changes:
    qemu (1:5.2+dfsg-11+deb11u1) bullseye-security; urgency=medium
    .
    [ Michael Tokarev ]
    * usbredir-fix-free-call-CVE-2021-3682.patch
    Closes: #991911, CVE-2021-3682: wrong free in usbredir in bufp_alloc()
    * uas-add-stream-number-sanity-checks-CVE-2021-3713.patch
    Closes: #992727, CVE-2021-3713: an OOB write to UASDevice fields
    in UAS device emulation code
    * virtio-net-fix-use-after-unmap-free-for-sg-CVE-2021-3748.patch
    Closes: #993401, CVE-2021-3748: use-after-free in virtio_net_receive_rcu
    * ati_2d-fix-buffer-overflow-in-ati_2d_blt-CVE-2021-3638.patch
    Closes: #992726, CVE-2021-3638:
    inconsistent check in ati_2d_blt() may lead to out-of-bounds write
    * vhost-user-gpu fixes from upstream, 7 patches:
    CVE-2021-3544: multiple memory leaks
    CVE-2021-3545: information disclosure due to uninitialized memory reads
    CVE-2021-3546: out-of-bounds write in virgl_cmd_get_capset()
    Closes: #989042, CVE-2021-3544, CVE-2021-3545, CVE-2021-3546
    .
    [ Cyril Brulebois ]
    * linux-user-elfload-fix-address-calculation-in-fallback.patch
    This fixes problems with some access to an unmounted /proc, as seen
    while building images for the Raspberry Pi devices. With thanks to
    Diederik de Haas for the report and to Bernhard Übelacker for
    pinpointing the upstream fix to backport. (Closes: #988174) Checksums-Sha1:
    f5368915217bef0116032710a0bf149384e2094a 6636 qemu_5.2+dfsg-11+deb11u1.dsc
    e8eb0f04f1c0926a4e6285e897581080346c3344 19661072 qemu_5.2+dfsg.orig.tar.xz
    ba3b53e4884a1a69e29de81ed162bd27e1a4e980 122260 qemu_5.2+dfsg-11+deb11u1.debian.tar.xz
    4e3b73b7d178e2640871dd52ed16f38a8f933db9 10911 qemu_5.2+dfsg-11+deb11u1_source.buildinfo
    Checksums-Sha256:
    6359cc007ca984647e7dad426f254dc6133fcb0020a9839221415b8577544486 6636 qemu_5.2+dfsg-11+deb11u1.dsc
    be5ae7ddc88d68af81c7b2435b95c1cad4e9416c9a1426ee5a6a4b9a9c0bf87e 19661072 qemu_5.2+dfsg.orig.tar.xz
    e93e31688aa45b055a7200af2ebc764988482a0c7470abfbf4e60de5626c37ea 122260 qemu_5.2+dfsg-11+deb11u1.debian.tar.xz
    adf023c84464b444d970983a3c5f40b10f238e0e44e62b2c08b89e01fc6c3ca7 10911 qemu_5.2+dfsg-11+deb11u1_source.buildinfo
    Files:
    dca448577f930997f4e8dd373833969f 6636 otherosfs optional qemu_5.2+dfsg-11+deb11u1.dsc
    02abb3409bd2475287bb122ee8b0f99c 19661072 otherosfs optional qemu_5.2+dfsg.orig.tar.xz
    dd853c6aad3f4dc31d2dcdff5cc9ce8a 122260 otherosfs optional qemu_5.2+dfsg-11+deb11u1.debian.tar.xz
    b703f8ea0ecee69aa7f6def4106d22bd 10911 otherosfs optional qemu_5.2+dfsg-11+deb11u1_source.buildinfo

    -----BEGIN PGP SIGNATURE-----

    iQFDBAEBCAAtFiEEe3O61ovnosKJMUsicBtPaxppPlkFAmFWzPMPHG1qdEB0bHMu bXNrLnJ1AAoJEHAbT2saaT5ZdA8H/3Qeu+GkSS92p7doEXUcmXjrr9Gb5ACOSDdU ze1hQUU3+ty8fzcZTKLL97Gij2+ktSSugOEfjCv2kCl7hC/YC1ySjxdE5Azj8x5U h+Mpd7f+dNOCTsqYENa3VNDOAqLXyD4XbZD2K/bWenWr2I3p75Pn7CwfnZorpZMU TBF+hKpkyCcpDL2bH4/+oxYSequ6RxgjGroRAQ0RdmzqcRMJGAn05yaNaSrte/EN w4VHnV0qnJ8PKQCEUASDpn58aswdiMOsyTiomG4IDaZvwoaJwYxe0lJL5/d0F68a a6DAl4gHhi033tWJ+/Ct8VQ+PYPE+6MO01ZaHplD2ywx2HfyA0I=
    =N5PN
    -----END PGP SIGNATURE-----

    --- SoupGate-Win32 v1.05
    * Origin: fsxNet Usenet Gateway (21:1/5)