[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Accepted libslirp 4.4.0-1+deb11u2 (source) into proposed-updates->stable-new, proposed-updates

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256

Format: 1.8
Date: Fri, 01 Oct 2021 19:10:39 +0300
Source: libslirp
Architecture: source
Version: 4.4.0-1+deb11u2
Distribution: bullseye
Urgency: medium
Maintainer: Debian QEMU Team <pkg-qemu-devel@lists.alioth.debian.org>
Changed-By: Michael Tokarev <mjt@tls.msk.ru>
Closes: 989993 989994 989995 989996
Changes:
 libslirp (4.4.0-1+deb11u2) bullseye; urgency=medium
 .
   * fix-DHCP-broken-in-libslirp-v4.6.0.patch from upstream
     this fixes previous change in this area
     (bootp-limit-vendor-area-to-input-packet-CVE-2021-3592.patch).
     https://gitlab.freedesktop.org/slirp/libslirp/-/issues/48
 .
 libslirp (4.4.0-1+deb11u1) bullseye; urgency=medium
 .
   * import a few patches from upstream to fix 4 security issues:
    - add-mtod_check.patch (preparational)
    - bootp-limit-vendor-area-to-input-packet-CVE-2021-3592.patch,
      bootp-check-bootp_input-buffer-size-CVE-2021-3592.patch
      Closes: #989993, CVE-2021-3592: invalid pointer init in bootp_init()
    - tftp-check-tftp_input-buffer-size-CVE-2021-3595.patch,
      tftp-introduce-a-header-structure-CVE-2021-3595.patch
      Closes: #989996, CVE-2021-3595: invalid pointer init in tftp_input()
    - udp-check-upd_input-buffer-size-CVE-2021-3594.patch
      Closes: #989995, CVE-2021-3594: invalid pointer init in udp_input()
    - upd6-check-udp6_input-buffer-size-CVE-2021-3593.patch
      Closes: #989994, CVE-2021-3593: invalid pointer init in udp6_input()
Checksums-Sha1:
 c801321aeeb1f979a086e8b9b6abaa52cacb35e9 1721 libslirp_4.4.0-1+deb11u2.dsc
 36cdf7a9a4c4af7404a55c040903076bac52f10c 8756 libslirp_4.4.0-1+deb11u2.debian.tar.xz
 5924db43445d1c23a85b95e032c1dc78a6ca73e0 6982 libslirp_4.4.0-1+deb11u2_source.buildinfo
Checksums-Sha256:
 38ecb306fa8bc2ef94029b0de0e2caff41e9f58c4a00eb419ff3fda0745ab8d8 1721 libslirp_4.4.0-1+deb11u2.dsc
 533e72fc5454a413acaf06c124f1faa18eb69ec25793d08aa8f7b327f16c8307 8756 libslirp_4.4.0-1+deb11u2.debian.tar.xz
 7451836f1bbe0d5356cf8400a8aef977a836292cfad8893ab5887270c5b3c529 6982 libslirp_4.4.0-1+deb11u2_source.buildinfo
Files:
 8763e05fad0a2f1d644cefe4bf5c2a0d 1721 net optional libslirp_4.4.0-1+deb11u2.dsc
 4d494afe5fc68feaefd368b10943159e 8756 net optional libslirp_4.4.0-1+deb11u2.debian.tar.xz
 f1c5dbe8b7ec0fc4e2e8e1b3dd4e17f0 6982 net optional libslirp_4.4.0-1+deb11u2_source.buildinfo

-----BEGIN PGP SIGNATURE-----

iQFDBAEBCAAtFiEEe3O61ovnosKJMUsicBtPaxppPlkFAmFXNDAPHG1qdEB0bHMu
bXNrLnJ1AAoJEHAbT2saaT5ZW68IAJ8OS02+W6115eqA5pQCowgQ+i5ToY0mZIir
EPlMv1x6ZwdhyO4XJuuC5akfa3uVscujKoBSFnupWtATTreT8FsERYso8WRaa3VQ
tsRLZfyILAPfiX36QUnK1uZF6ks+tk7EveQC/7sQaaEg16zeP+3Of0lyy2yClFGn
WrV7iGaAjKZYFu5+aLGpl3+oDj/xOJ7vSEq2X8oMRP2ooIp+8UxIRdmG8NZlKZ7P
YoNMNkAe2v/0mu/2+jsCOUrUDGYza6LI7DdZJDydCSWMxJwioDdfF+Tz366ScJwx
6ng9oeLDSoaJ3zklq4gXVNx7w2nwtYzpE6Q96xzUuytWFgj67Jo=
=Uj0n
-----END PGP SIGNATURE-----
Reply to: