Just released, including security updates:
9.1.8-20171004
Updates in 2 source package(s), 4 binary package(s):
Source libidn2-0, binaries: libidn2-0:amd64 libidn2-0:arm64
libidn2-0 (0.16-1+deb9u1) stretch-security; urgency=high
* CVE-2017-14062: Fix integer overflow in decode_digit (Closes: #873902)
* Add myself to Uploaders:
Source qemu, binaries: qemu-utils:amd64 qemu-utils:arm64
qemu (1:2.8+dfsg-6+deb9u3) stretch-security; urgency=high
* xhci-dont-kick-in-xhci_submit-and-xhci_fire_ctl_transfer.patch
This is a pre-required patch for the next patch to work right.
Closes: #869945
* xhci-guard-xhci_kick_epctx-against-recursive-calls-CVE-2017-9375.patch
After applying previous patch, this one can be applied again
Closes: #864219, CVE-2017-9375
* ide-do-not-flush-empty-CDROM-drives-CVE-2017-12809.patch
Closes: #873849, CVE-2017-12809
* vga-stop-passing-pointers-to-vga_draw_line-functions-CVE-2017-13672.patch
Closes: #873851, CVE-2017-13672
* multiboot-validate-multiboot-header-address-values-CVE-2017-14167.patch
Closes: #874606, CVE-2017-14167
* slirp-fix-clearing-ifq_so-from-pending-packets-CVE-2017-13711.patch
Closes: #873875, CVE-2017-13711
* exec-add-lock-parameter-to-qemu_ram_ptr_length.patch
upstream patch fixing memory leak after
exec-use-qemu_ram_ptr_length-to-access-guest-ram-CVE-2017-11334.patch
Closes: #871648, #871702, #872257
https://cloud.debian.org/images/openstack/current-9/
--
Steve McIntyre, Cambridge, UK. steve@einval.com
Welcome my son, welcome to the machine.
Attachment:
signature.asc
Description: PGP signature