Accepted qemu-kvm 0.12.5+dfsg-5+squeeze2 (source i386)
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
Format: 1.8
Date: Sat, 21 May 2011 10:45:52 +0400
Source: qemu-kvm
Binary: qemu-kvm qemu-kvm-dbg kvm
Architecture: source i386
Version: 0.12.5+dfsg-5+squeeze2
Distribution: stable-security
Urgency: high
Maintainer: Jan Lübbe <jluebbe@debian.org>
Changed-By: Michael Tokarev <mjt@tls.msk.ru>
Description:
kvm - dummy transitional package from kvm to qemu-kvm
qemu-kvm - Full virtualization on x86 hardware
qemu-kvm-dbg - Debugging info for qemu-kvm
Closes: 627448
Changes:
qemu-kvm (0.12.5+dfsg-5+squeeze2) stable-security; urgency=high
.
* fix CVE-2011-1751 for 0.12. The actual fix is in
hotplug-4-ignore-pci-hotplug-requests-for-unpluggable-devices-CVE-2011-1751
but that change, while trivial, required 6 more changes to be backported
to 0.12:
o pci-cleanly-backout-of-pci_qdev_init-925fe64ae7
(moving common code to a separate function and using it from another
place to fix a memory leak)
o hotplug-0-acpi_piix4-qdevfy-e8ec0571e1
this qdevifies acpi_piix4 device
o hotplug-1-pci-allow-devices-being-tagged-as-not-hotpluggable-180c22e18b
introduce a "no_hotplug" attribute and check it in common places
to ensure such devices wont be hot-(un)plugged. This needs
the pci-cleanly-backout-of-pci_qdev_init patch mentioned above
o hotplug-2-piix-tag-as-not-hotpluggable-0965f12da6
o hotplug-3-vga-tag-as-not-hotplugable-be92bbf73d
mark certain devices as non-hotpluggable
And finally the actual fix for CVE-2011-1751, which verifies the
no_hotplug attribute when handling hot-unplug request from guest.
(closes: #627448)
Checksums-Sha1:
c3928fa7262371ef4a0b4061a62338a1b7ed9ad7 1688 qemu-kvm_0.12.5+dfsg-5+squeeze2.dsc
2cc46474c3befb09320829b36868f1418569b57e 305179 qemu-kvm_0.12.5+dfsg-5+squeeze2.diff.gz
2739d3ef81bf7fca6d56eef9e6d6b4ae164a4a23 1503126 qemu-kvm_0.12.5+dfsg-5+squeeze2_i386.deb
4bff60472840f5fedf82baa8885d45527a750d3f 2787362 qemu-kvm-dbg_0.12.5+dfsg-5+squeeze2_i386.deb
235b9fac4032b33b8728e15af8959078818181df 12938 kvm_0.12.5+dfsg-5+squeeze2_i386.deb
Checksums-Sha256:
c91738d633be356e4694072eea98a7c0b24257dc2b944083fe220d70baaf5d37 1688 qemu-kvm_0.12.5+dfsg-5+squeeze2.dsc
4aeeb278ea738e2da51f3e0b01dd9804a3c4ec81b6cd21303caf83326ce5a755 305179 qemu-kvm_0.12.5+dfsg-5+squeeze2.diff.gz
608ae97258cbb5bd5ae12ea0bdc4c82654318b9beb453c692e530eabdc3d43a8 1503126 qemu-kvm_0.12.5+dfsg-5+squeeze2_i386.deb
bbfd73baa964342b54af2de0debd6965ec04097bcb7cf443f65483178cf3d1c0 2787362 qemu-kvm-dbg_0.12.5+dfsg-5+squeeze2_i386.deb
09a281ef16543076fd79a9ac0c7f98b2f3049e746e7b0ca7914b559d306316b1 12938 kvm_0.12.5+dfsg-5+squeeze2_i386.deb
Files:
96cb2e91d0df3b8f32fcf626da1b6494 1688 misc optional qemu-kvm_0.12.5+dfsg-5+squeeze2.dsc
f16806be78c550e9451e9a0729621841 305179 misc optional qemu-kvm_0.12.5+dfsg-5+squeeze2.diff.gz
2fa9dc17741424d76edf0733fe4a563c 1503126 misc optional qemu-kvm_0.12.5+dfsg-5+squeeze2_i386.deb
5f88bcfdb592926b0d2de52288ff4a8e 2787362 debug extra qemu-kvm-dbg_0.12.5+dfsg-5+squeeze2_i386.deb
6a51a60d342b81ad529bc0c28f84a426 12938 oldlibs extra kvm_0.12.5+dfsg-5+squeeze2_i386.deb
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.11 (GNU/Linux)
iD8DBQFN2plzn88szT8+ZCYRAum7AJ48XGkrGmyuauB1cjez23gdpSS+XwCcCRzo
mgUiE3gZKRWeJdyOUV7SmDg=
=+bBH
-----END PGP SIGNATURE-----
Accepted:
kvm_0.12.5+dfsg-5+squeeze2_i386.deb
to main/q/qemu-kvm/kvm_0.12.5+dfsg-5+squeeze2_i386.deb
qemu-kvm-dbg_0.12.5+dfsg-5+squeeze2_i386.deb
to main/q/qemu-kvm/qemu-kvm-dbg_0.12.5+dfsg-5+squeeze2_i386.deb
qemu-kvm_0.12.5+dfsg-5+squeeze2.diff.gz
to main/q/qemu-kvm/qemu-kvm_0.12.5+dfsg-5+squeeze2.diff.gz
qemu-kvm_0.12.5+dfsg-5+squeeze2.dsc
to main/q/qemu-kvm/qemu-kvm_0.12.5+dfsg-5+squeeze2.dsc
qemu-kvm_0.12.5+dfsg-5+squeeze2_i386.deb
to main/q/qemu-kvm/qemu-kvm_0.12.5+dfsg-5+squeeze2_i386.deb
Reply to: