Accepted qemu 1:2.1+dfsg-12+deb8u2 (source) into proposed-updates->stable-new, proposed-updates
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512
Format: 1.8
Date: Sat, 29 Aug 2015 16:12:31 +0200
Source: qemu
Binary: qemu qemu-system qemu-system-common qemu-system-misc qemu-system-arm qemu-system-mips qemu-system-ppc qemu-system-sparc qemu-system-x86 qemu-user qemu-user-static qemu-user-binfmt qemu-utils qemu-guest-agent qemu-kvm
Architecture: source
Version: 1:2.1+dfsg-12+deb8u2
Distribution: jessie-security
Urgency: high
Maintainer: Debian QEMU Team <pkg-qemu-devel@lists.alioth.debian.org>
Changed-By: Salvatore Bonaccorso <carnil@debian.org>
Closes: 793811 794610 795087 795461 796465
Description:
qemu - fast processor emulator
qemu-guest-agent - Guest-side qemu-system agent
qemu-kvm - QEMU Full virtualization on x86 hardware
qemu-system - QEMU full system emulation binaries
qemu-system-arm - QEMU full system emulation binaries (arm)
qemu-system-common - QEMU full system emulation binaries (common files)
qemu-system-mips - QEMU full system emulation binaries (mips)
qemu-system-misc - QEMU full system emulation binaries (miscelaneous)
qemu-system-ppc - QEMU full system emulation binaries (ppc)
qemu-system-sparc - QEMU full system emulation binaries (sparc)
qemu-system-x86 - QEMU full system emulation binaries (x86)
qemu-user - QEMU user mode emulation binaries
qemu-user-binfmt - QEMU user mode binfmt registration for qemu-user
qemu-user-static - QEMU user mode emulation binaries (static version)
qemu-utils - QEMU utilities
Changes:
qemu (1:2.1+dfsg-12+deb8u2) jessie-security; urgency=high
.
* Non-maintainer upload by the Security Team.
* Add 0001-i8254-fix-out-of-bounds-memory-access-in-pit_ioport_.patch patch.
CVE-2015-3214: i8254: out-of-bounds memory access in pit_ioport_read
function. (Closes: #795461)
* Add patches to address heap overflow when processing ATAPI commands.
CVE-2015-5154: heap overflow during I/O buffer memory access.
(Closes: #793811)
* Add CVE-2015-5225.patch patch.
CVE-2015-5225: vnc: heap memory corruption in
vnc_refresh_server_surface. (Closes: #796465)
* Add 0001-virtio-serial-fix-ANY_LAYOUT.patch patch.
CVE-2015-5745: buffer overflow in virtio-serial. (Closes: #795087)
* Add patches for CVE-2015-5165.
CVE-2015-5165: rtl8139 uninitialized heap memory information leakage to
guest. (Closes: #794610)
Checksums-Sha1:
ac15c1363023106bbf9f73d7f9a7d5a8b212b78d 5520 qemu_2.1+dfsg-12+deb8u2.dsc
a11f28854b972f71bb5e5eebe0da55bc82f23cfd 112728 qemu_2.1+dfsg-12+deb8u2.debian.tar.xz
Checksums-Sha256:
254db070d83650461ae37dc470346304209d0065fea6852479378344bac92e7f 5520 qemu_2.1+dfsg-12+deb8u2.dsc
96f8859ab1e020b92e48000a90d06ee1e7d8f044acfa6666d715250100b417bc 112728 qemu_2.1+dfsg-12+deb8u2.debian.tar.xz
Files:
a23f7c6041f858efc24ba57b49869e25 5520 otherosfs optional qemu_2.1+dfsg-12+deb8u2.dsc
0075b321bff7879126a7282c081673d2 112728 otherosfs optional qemu_2.1+dfsg-12+deb8u2.debian.tar.xz
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1
iQIcBAEBCgAGBQJV4cjiAAoJEAVMuPMTQ89E+0EP/1IMxmuGwUSoeBVNKKl4weMx
w7RFN4OtpMAK2ZbLESBRLTP0N1EH0xfqv7r5Snu0bcwG+26Zz1UwcEi+AZpSW2gd
fYKzWorz8pCdMiSsDv0gGLfzk7xf264zhCxciyagI0r8blVQpiS9ebj/jwY6/RtS
XtiPGQb10GmMeZzjy1s4ZZsiatIi8CdFh8yZMu4UKdAIfkzgIbNaExdY70jX01S+
pts7gBqET5aYlhKxKJT+6bNIXbGe2DiDZDHcqIuci7TLLJ/OFQCxtJlntkoo6qX0
FdaKHoGfs9TnKUpl0+nBlWzSzhjHMwDVolGOTVZ+uy4SPlh7UZmyMtnDeaADTuUw
F3OnlohyFfzMoPLp6IAucc+tlKFYc7nKMhLHBCKMjPQxVy7HF/VwboD4tGb1lQvz
uL1gK3aYz5AMou+q4yPeiLwh2tVgwrrkb4hRBqMt+/kM6nzoejdcQsqLfG7aRJGn
NyOA5Cr6eCKDl+nym6jIq0PkCqhuDzgfNfWIGv323DIFE6aljNrwGwbQwAGg+rgM
qnxZXjyAChHOIHBQbddA5htL90ERcc7+DH2hHaFG776MQ33FVQY9dS7JS1jLl2ty
dZrMZ62azcq2FyQmg1xeel39qbpBAYiU/wWomSIbCat+yy0mqe1kcwBFY0JlnXEq
ZFACMxr1PX7mQc+pO3of
=U3/8
-----END PGP SIGNATURE-----
Reply to: