Bug#1123033: trixie-pu: package qemu/1:10.0.7+ds-0+deb13u1

To: Michael Tokarev <mjt@tls.msk.ru>, 1123033@bugs.debian.org
Subject: Bug#1123033: trixie-pu: package qemu/1:10.0.7+ds-0+deb13u1
From: "Adam D. Barratt" <adam@adam-barratt.org.uk>
Date: Thu, 01 Jan 2026 13:57:47 +0000
Message-id: <[🔎] 0ecbe2d3da093621b00b6eb64a4fbee61a4c47d9.camel@adam-barratt.org.uk>
Reply-to: "Adam D. Barratt" <adam@adam-barratt.org.uk>, 1123033@bugs.debian.org
In-reply-to: <176587085255.3606855.2287834411358054803.reportbug@localhost>
References: <176587085255.3606855.2287834411358054803.reportbug@localhost> <176587085255.3606855.2287834411358054803.reportbug@localhost>

Control: tags -1 + confirmed

On Tue, 2025-12-16 at 10:40 +0300, Michael Tokarev wrote:
> There's a new upstream stable/bugfix release of qemu,
> v10.0.7, wich includes a large assortment of fixes.
> Among these, there are fixes for two securty issues:
>  #1119917, CVE-2025-12464 (buffer overflow in e1000_receive_iov)
>  #1117153, CVE-2025-11234 (UAF in websocket handshake code)
> 
> Additionally, there are fixes for xen packaging (missing
> dependency, which has alredy been fixed for bookworm but
> were forgotten in trixie), -- #1035676, #1120146.

Please go ahead.

Regards,

Adam

Reply to:

Prev by Date: Processed: Re: Bug#1123033: trixie-pu: package qemu/1:10.0.7+ds-0+deb13u1
Next by Date: NEW changes in oldstable-new
Previous by thread: Bug#1124036: trixie-pu: package lxc/1:6.0.4-4+deb13u1
Next by thread: Processed: Re: Bug#1123033: trixie-pu: package qemu/1:10.0.7+ds-0+deb13u1
Index(es):
- Date
- Thread