Debian Package Tracker

From: Debian FTP Masters <ftpmaster@ftp-master.debian.org>
To: <debian-changes@lists.debian.org>
Subject: Accepted qemu 1:3.1+dfsg-8+deb10u8 (source) into proposed-updates->stable-new, proposed-updates
Date: Thu, 17 Sep 2020 21:02:11 +0000
Signed by: Michael Tokarev <mjt@debian.org>

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256

Format: 1.8
Date: Fri, 24 Jul 2020 15:00:34 +0300
Source: qemu
Architecture: source
Version: 1:3.1+dfsg-8+deb10u8
Distribution: buster-security
Urgency: medium
Maintainer: Debian QEMU Team <pkg-qemu-devel@lists.alioth.debian.org>
Changed-By: Michael Tokarev <mjt@tls.msk.ru>
Closes: 961451 968947
Changes:
 qemu (1:3.1+dfsg-8+deb10u8) buster-security; urgency=medium
 .
   * mention fixing of CVE-2020-13765 in 3.1+dfsg-8+deb10u6
   * xgmac-fix-buffer-overflow-in-xgmac_enet_send-CVE-2020-15863.patch
     ARM-only XGMAC NIC, possible buffer overflow during packet transmission
     Closes: CVE-2020-15863
   * sm501 OOB read/write due to integer overflow in sm501_2d_operation()
     List of patches:
      sm501-convert-printf-abort-to-qemu_log_mask.patch
      sm501-shorten-long-variable-names-in-sm501_2d_operation.patch
      sm501-use-BIT-macro-to-shorten-constant.patch
      sm501-clean-up-local-variables-in-sm501_2d_operation.patch
      sm501-replace-hand-written-implementation-with-pixman-CVE-2020-12829.patch
     Closes: #961451, CVE-2020-12829
   * usb-fix-setup_len-init-CVE-2020-14364.patch
     Fix OOB r/w access in USB emulation
     Closes: #968947, CVE-2020-14364
   * net-assertion-in-net_tx_pkt_add_raw_fragment-CVE-2020-16092.patch
     Fix net_tx_pkt_add_raw_fragment assertion in e1000e & vmxnet3
     Closes: CVE-2020-16092
Checksums-Sha1:
 06ce21a4f3e334d44b93815fd52a8e8af7bf9de0 6155 qemu_3.1+dfsg-8+deb10u8.dsc
 2fdfb7149f38a1004dea729b167dac0c5af04877 117240 qemu_3.1+dfsg-8+deb10u8.debian.tar.xz
 5d0bd3c17f6d080fdea23beba500ea65976f78b7 16555 qemu_3.1+dfsg-8+deb10u8_source.buildinfo
Checksums-Sha256:
 643ff49e51001ea7b5cb6558553fbe066fefe15a9538f31cb2ba09f57fffb2a9 6155 qemu_3.1+dfsg-8+deb10u8.dsc
 d0cc0d21c917c961d1f6be8be36e4bba5f6a11528d51e6dac413628c5d65333e 117240 qemu_3.1+dfsg-8+deb10u8.debian.tar.xz
 3592d35b979a5cf65bcad939b6e0ad3e8a4924dc2b5cd74d176aec1d5fda341d 16555 qemu_3.1+dfsg-8+deb10u8_source.buildinfo
Files:
 839388fcb2aa5aa1de369121b5499496 6155 otherosfs optional qemu_3.1+dfsg-8+deb10u8.dsc
 c546a461ca5d92acc854e77be28ba4db 117240 otherosfs optional qemu_3.1+dfsg-8+deb10u8.debian.tar.xz
 8934dfa9453dc9fa41cb8b3bf8ae2f26 16555 otherosfs optional qemu_3.1+dfsg-8+deb10u8_source.buildinfo

-----BEGIN PGP SIGNATURE-----

iQFDBAEBCAAtFiEEe3O61ovnosKJMUsicBtPaxppPlkFAl9SHLkPHG1qdEB0bHMu
bXNrLnJ1AAoJEHAbT2saaT5ZlRwIAIPFG2MULYSWJi7c0hNlXD0dvMO/uzu//PGn
DK+ZQjKUfaY6ozqOb2s4xfMgITHieATWwEausFpmqvfuWBDv7/d9g5bI9iC80FZ2
D/17i8wwfH8soFQKAErcylORWwcFEC1XqQHOjj2raCqZN0+A8Yj3Hi+i6JcxzQZr
KgvVcxi0i6sDBKQdc1K3h74s5Fp3StSvBguxTq9EJA04H9uUDybceSPEj5OiSUIu
M7ybpJ01/M3Q31hRVaTTMa/j5dqLhSObvYfsJUou+WNtNi126qxFapbjaYNmo0X1
sHuw5Be3Vbrxyw3NnC2EaMBFZNWp6P4Lepud1g64Bx12af0UfoI=
=qv36
-----END PGP SIGNATURE-----

News for package qemu