-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 Format: 1.8 Date: Mon, 28 Apr 2025 15:28:13 -0300 Source: qemu Architecture: source Version: 1:5.2+dfsg-11+deb11u4 Distribution: bullseye-security Urgency: medium Maintainer: Debian QEMU Team <pkg-qemu-devel@lists.alioth.debian.org> Changed-By: Santiago Ruano Rincón <santiagorr@riseup.net> Changes: qemu (1:5.2+dfsg-11+deb11u4) bullseye-security; urgency=medium . * Non-maintainer upload by the LTS Security Team. * Fix CVE-2023-1544: potential out-of-bounds read and crash via VMWare's paravirtual RDMA device * Fix CVE-2023-3019: use-after-free error in the e1000e NIC emulation * Fix CVE-2023-5088: IDE guest I/O operation addressed to an arbitrary disk offset might get targeted to offset 0 instead, potentially overwriting the VM's boot code * Fix CVE-2023-6693: Stack based buffer overflow in the virtio-net device of QEMU. * Fix CVE-2024-3447: heap-based buffer overflow in SDHCI device emulation. Checksums-Sha1: 0c31d36f6b44ee05c8bda02a4a33ff33484cadd2 6388 qemu_5.2+dfsg-11+deb11u4.dsc 9214b566b497dd40e009e9d1a632d3cc999b0a5b 140600 qemu_5.2+dfsg-11+deb11u4.debian.tar.xz 76147b7621b0e9df8e1d423d6c7352dc7b9ee384 33039 qemu_5.2+dfsg-11+deb11u4_amd64.buildinfo Checksums-Sha256: a0ba63eb0df54cd1c3c44d71ff97c388d1a8d51a8b120af3023986180cd53286 6388 qemu_5.2+dfsg-11+deb11u4.dsc 380545322e47a2faccb5e43c1cb3cb689ad7f6038cf45bdcbf48efc812e108cf 140600 qemu_5.2+dfsg-11+deb11u4.debian.tar.xz 6ad465431a12b46285cf42e72c52d8fb930dc7890bbe02a68a4be06159e7386d 33039 qemu_5.2+dfsg-11+deb11u4_amd64.buildinfo Files: aad079b3ae07b15ce6f87fe33ce30b1c 6388 otherosfs optional qemu_5.2+dfsg-11+deb11u4.dsc c04aa38812bf418d6d1eb0d8452b4c32 140600 otherosfs optional qemu_5.2+dfsg-11+deb11u4.debian.tar.xz 0d8e1f244c077d7a1a05570d497c8aed 33039 otherosfs optional qemu_5.2+dfsg-11+deb11u4_amd64.buildinfo -----BEGIN PGP SIGNATURE----- iIwEARYKADQWIQR+lHTq7mkJOyB6t2Un3j1FEEiG7wUCaBJLyxYcc2FudGlhZ29y ckByaXNldXAubmV0AAoJECfePUUQSIbvqkMA/2+ErIK16Mtw0e1BqNVk1JNbKXpB gUnNauEFu+g1xyC/AP9B2QoxWBzAarbssl+zI9wsufjBOVqslIa9mlwEIkLQAw== =qGcn -----END PGP SIGNATURE-----