[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Accepted qemu 1:10.0.3+ds-3 (source) into unstable

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

Format: 1.8
Date: Thu, 14 Aug 2025 17:25:52 +0300
Source: qemu
Architecture: source
Version: 1:10.0.3+ds-3
Distribution: unstable
Urgency: medium
Maintainer: Debian QEMU Team <pkg-qemu-devel@lists.alioth.debian.org>
Changed-By: Michael Tokarev <mjt@tls.msk.ru>
Changes:
 qemu (1:10.0.3+ds-3) unstable; urgency=medium
 .
   * d/binfmt-install: stop using C (Credentials) flag for binfmt_misc
     registration.  This means suid and sgid binaries under qemu-user
     will work without changing credentials.  This is a serious security
     issue, since qemu-user never supposed to be used in this way, and
     it is trivial to get elevated privileges for an attacker if there's
     any suid/sgid binary under qemu-user which is runnable for an
     attacker.  This change might break CI/testing environment expectations.
   * d/qemu-user.postinst: trigger /usr/lib/binfmt.d (#1110982)
   * d/rules: fix typo in comment (it is qemu-system-data, not qemu-user-data)
Checksums-Sha1:
 47196d21933cc7164aec7f922777b41e5d358163 12440 qemu_10.0.3+ds-3.dsc
 feee34ca7b3c07c66929b69b3d89eb641b6f8b0a 140796 qemu_10.0.3+ds-3.debian.tar.xz
 6bebb569fe65ffb09d98ea13383be40cebe7fcd5 7533 qemu_10.0.3+ds-3_source.buildinfo
Checksums-Sha256:
 3ad812b19c1c6a7a259ed90d7acfaa793e21abc2a40358c5029b77bbec736d4b 12440 qemu_10.0.3+ds-3.dsc
 172584306aae7d354c64178d03e937327763f421922a9b6694b89f53c6cfcc8c 140796 qemu_10.0.3+ds-3.debian.tar.xz
 64dbbe9ce143fe21cd284fd4667a9f1c2166f98c3e60d2f47201cda54a4434b0 7533 qemu_10.0.3+ds-3_source.buildinfo
Files:
 123e9e94df7c9643c7b7f38715f66792 12440 otherosfs optional qemu_10.0.3+ds-3.dsc
 f442b1cd838db950d25201140b611eec 140796 otherosfs optional qemu_10.0.3+ds-3.debian.tar.xz
 46600995cdcda66f32775dcdba3ae5f8 7533 otherosfs optional qemu_10.0.3+ds-3_source.buildinfo

-----BEGIN PGP SIGNATURE-----

iQIzBAEBCgAdFiEEZKoqtTHVaQM2a/75gqpKJDselHgFAmid8hMACgkQgqpKJDse
lHh58g/8DQeeVhIFRueQPLUg0StX2Morw7LoV7aW0vYHNomejL9/hhP+K33pCPwf
N2/ZklBGR0Jk+eBKfn2sFiI36nkPRxwxuAx7rUSxQsHyql/CY8m7ByLAdmg2GTM8
UC24r/stgCjkf5KCPgVpo4/q96ONnTVFIHEeWePVU7wo0oiX4vbYZp5VgdFvT0j5
3BZT2rmawyehSOj8ALQ5MlbuXbGma6TM2qLS184nKQCHiA36ThMO9JLMjbHnHzQ3
EQaUlWL4zmj7xbpk0xTuvP/Ue/eDknWsVhzSlfxl5brLlTp7BO6DhUuhncs88RDJ
BwhT7YjWN4xPR/OWfpE47QkmrHGX9ZXUK6ULkqVBmau2SUhgs0rNyLELrx3Jtcvw
nUbr2hsNPaKq0DePJJ7pw1YqriIJ1F/lkeENMJTArnlcJZrRtR4OitzkSWVl2ZUO
G83xyLSbNoo+sEV6Qe9IYyRV+ZoBWRxFgtk9P9S0c1VmjvXEeMrA+Ddb22pyW1dd
D1P2q8sacIEVB8Up7EvHOLT3Lqd7PIstbSa6F6SdFfM8oCtvAzuA/3m2rx4zJT/A
LNcPv4UYX1hGH/us8cdoM19IjoSzfCWH27JYvP5JPo4MMnUe8I4RPdrqW49ohPYS
FN2pbTXz5h44sDm2Y5GL5iAr1HtBNZYgTg/FZMWnikyEXcym8uc=
=xfSd
-----END PGP SIGNATURE-----

Attachment: pgpaNM9k1aWIA.pgp
Description: PGP signature

Reply to: