1. Forum
  2. Usenet
  3. LINUX.DEBIAN.CHANGES

  • Accepted qemu 1:5.2+dfsg-11+deb11u2 (source) into proposed-updates->sta

    From Debian FTP Masters@21:1/5 to All on Sat May 14 13:50:01 2022
    -----BEGIN PGP SIGNED MESSAGE-----
    Hash: SHA256

    Format: 1.8
    Date: Wed, 04 May 2022 22:50:01 +0300
    Source: qemu
    Architecture: source
    Version: 1:5.2+dfsg-11+deb11u2
    Distribution: bullseye-security
    Urgency: medium
    Maintainer: Debian QEMU Team <pkg-qemu-devel@lists.alioth.debian.org> Changed-By: Michael Tokarev <mjt@tls.msk.ru>
    Changes:
    qemu (1:5.2+dfsg-11+deb11u2) bullseye-security; urgency=medium
    .
    * virtio-net-fix-map-leaking-on-error-during-receive-CVE-2022-26353.patch
    fix memory leak after fix for CVE-2021-3748
    * vhost-vsock-detach-the-virqueue-element-on-error-CVE-2022-26354.patch
    vhost-sock device was not detaching invalid element from
    the virtqueue on error
    * ui-cursor-fix-integer-overflow-in-cursor_alloc-CVE-2021-4206.patch,
    display-qxl-render-fix-race-condition-in-qxl_cursor-CVE-2021-4207.patch
    two flaws can lead to allocation of small cursor object followed by a
    subsequent heap-based buffer overflow with a potential for executing
    arbitrary code within the context of QEMU process
    * virtiofsd-drop-membership-of-all-supplementary-group-CVE-2022-0358.patch
    potential group escalation allowed by virtiofsd
    Checksums-Sha1:
    d3d88738d0ae4893edd1d96b854d8f5aad5c8f40 6636 qemu_5.2+dfsg-11+deb11u2.dsc
    03264bd6f417b16c6f87874a3c4840381005946d 125164 qemu_5.2+dfsg-11+deb11u2.debian.tar.xz
    fb3605462e1c72f67e660b03c9a769adb5bf6cbf 12418 qemu_5.2+dfsg-11+deb11u2_source.buildinfo
    Checksums-Sha256:
    6c3675cb803c23c1c2133e7c0bafccb8e9bd4a752c969f483cfc76583181f3d7 6636 qemu_5.2+dfsg-11+deb11u2.dsc
    6204ddd09ec5965120bcf10a464dca9558f14ed3da83f00b6db141c85cd71cc6 125164 qemu_5.2+dfsg-11+deb11u2.debian.tar.xz
    a94f1a1eefd43cc417a6eadf274c434b04659feb5494a8fb11824f9628a27d82 12418 qemu_5.2+dfsg-11+deb11u2_source.buildinfo
    Files:
    33f16747ad236e046439bb123ebe5bd3 6636 otherosfs optional qemu_5.2+dfsg-11+deb11u2.dsc
    ea8c9aa3537c62419f24c66eb7956a09 125164 otherosfs optional qemu_5.2+dfsg-11+deb11u2.debian.tar.xz
    8db623b19b0d9d602b745e2be0bab539 12418 otherosfs optional qemu_5.2+dfsg-11+deb11u2_source.buildinfo

    -----BEGIN PGP SIGNATURE-----

    iQFDBAEBCAAtFiEEe3O61ovnosKJMUsicBtPaxppPlkFAmJ1Ju0PHG1qdEB0bHMu bXNrLnJ1AAoJEHAbT2saaT5ZAEkIAI/QmqyCETqJ6LjCoOG8icxLoDwkN/v+FfFA ORN70wS1cm6tDfzwT8oruyjbIVx3kVGvqgIajvbd7DetfGkch/ZMMWEAgjxl6EfO tmLXYn6epNGlRqbPIH9UIOG6Xw6B4gkH6Ty8H4886OT2NIE0OBUysUbkYcZkXsig c6aQCFU8x83zGbBm7rQet1h8+DKlxZtEH2Flxo1jjUiMPmLuXJTNip+wJqcgs83q 0ftYtuh7E6PKZ/EaEXIKz5V8XMws7tneP1JwF9wauFSoeWmMMQK4qogba/V1cmFH 5cmGxd3Nu5njPmF8BbOOF/aRkY4Ww8qKAjLy38xpe+8+3IfAY8M=
    =B5gp
    -----END PGP SIGNATURE-----

    --- SoupGate-Win32 v1.05
    * Origin: fsxNet Usenet Gateway (21:1/5)