Accepted qemu 1:2.8+dfsg-6+deb9u8 (source) into oldstable-proposed-updates->oldstable-new, oldstable-proposed-updates
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256
Format: 1.8
Date: Fri, 09 Aug 2019 13:41:43 +0300
Source: qemu
Architecture: source
Version: 1:2.8+dfsg-6+deb9u8
Distribution: stretch-security
Urgency: medium
Maintainer: Debian QEMU Team <pkg-qemu-devel@lists.alioth.debian.org>
Changed-By: Michael Tokarev <mjt@tls.msk.ru>
Closes: 873012 931351 933741
Changes:
qemu (1:2.8+dfsg-6+deb9u8) stretch-security; urgency=medium
.
[ Michal Arbet ]
* Fix improper backport of CVE-2017-9524 fix that caused NBD
connections to hang (Closes: #873012). Thanks to Geoffrey Thomas.
- nbd-fully-initialize-client-in-case-of-failed-negotiation-CVE-2017-9524.patch:
Don't move nbd_set_handlers before nbd_negotiate.
- nbd-fix-regression-on-resiliency-to-port-scan-CVE-2017-9524.patch:
Refresh.
.
[ Michael Tokarev ]
* slirp-fix-heap-overflow-in-ip_reass-on-big-packet-input-CVE-2019-14378.patch
bugfix in user-level networking
Closes: #933741, CVE-2019-14378
* qemu-bridge-helper-restrict-interface-name-to-IFNAMSIZ-CVE-2019-13164.patch
Closes: #931351, CVE-2019-13164
* integrate fix-md-clear-backport.patch into enable-md-clear.patch
Thanks Moritz Mühlenhoff and Vincent Tondellier
* device_tree-dont-use-load_image-CVE-2018-20815.patch
fix unlikely overflow via saved image file size
Closes: CVE-2018-20815
Checksums-Sha1:
8fbeafc7c10912d1e137d6697b609f768b3232aa 5579 qemu_2.8+dfsg-6+deb9u8.dsc
30ed9844cd7b60441d5532b4a7ff5bfcc04baebb 162212 qemu_2.8+dfsg-6+deb9u8.debian.tar.xz
351e1efe0fef0262cf2a2013aa0215679c2815af 7869 qemu_2.8+dfsg-6+deb9u8_source.buildinfo
Checksums-Sha256:
0a4987c1ba44baa25341ea25c3e3ac06358994abc662a7db5ed1545a191048c1 5579 qemu_2.8+dfsg-6+deb9u8.dsc
e3c0cd85409403824efe9ead0d5f110f2943c82986e460d5e3bb37bdb71d7fbb 162212 qemu_2.8+dfsg-6+deb9u8.debian.tar.xz
67b01392505ec7e5664968ba798324212027e9fca92f989e62f3580f9d1bc77c 7869 qemu_2.8+dfsg-6+deb9u8_source.buildinfo
Files:
0bf19074279779e05fe2bd9233a77409 5579 otherosfs optional qemu_2.8+dfsg-6+deb9u8.dsc
15c10c07febb626168caff7f2e20f56e 162212 otherosfs optional qemu_2.8+dfsg-6+deb9u8.debian.tar.xz
12fc5e4ac1ad9c7754054a5c4bee85a0 7869 otherosfs optional qemu_2.8+dfsg-6+deb9u8_source.buildinfo
-----BEGIN PGP SIGNATURE-----
iQFDBAEBCAAtFiEEe3O61ovnosKJMUsicBtPaxppPlkFAl1fod4PHG1qdEB0bHMu
bXNrLnJ1AAoJEHAbT2saaT5ZNlcIAMAc64zOaMb6Yvuln+EvTTgXVLO5RIxH8e92
a7bA87TF9h98s2FeOabcIhno3b3kDZX0rjB+yFRPItQHPYwtY8YTSW6kLUb8q2Ds
9xh7RFMlEKfd1AHsRf3eeWCrxxNib0nqsUqaG5ZSEc8U8BANXwSP8Z8A2DR4/AE8
NveJZ8zaQy53RSNPjo9Sd3PlUcKTPW568QABfbkIQ43uVoXwsf8FiifhrN/LY8nD
GrygXNiYpTDjS4Uvkhvjt+RMAxCvfRzlfLeMm2BEv/PFDHtOWqDsF+9m7hLaEMre
45CYUECpxZn22UDvT/L7K/7CFTy+ocwvSgqbKE6h0gqwADB8MR0=
=GR5X
-----END PGP SIGNATURE-----
Reply to: