Debian Package Tracker

From: Debian FTP Masters <ftpmaster@ftp-master.debian.org>
To: <debian-changes@lists.debian.org>
Subject: Accepted qemu 1:7.2+dfsg-7+deb12u15 (source) into oldstable-proposed-updates
Date: Mon, 25 Aug 2025 00:03:30 +0000
Signed by: Michael Tokarev <mjt@debian.org>
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

Format: 1.8
Date: Fri, 15 Aug 2025 23:27:17 +0300
Source: qemu
Architecture: source
Version: 1:7.2+dfsg-7+deb12u15
Distribution: bookworm-security
Urgency: medium
Maintainer: Debian QEMU Team <pkg-qemu-devel@lists.alioth.debian.org>
Changed-By: Michael Tokarev <mjt@tls.msk.ru>
Changes:
 qemu (1:7.2+dfsg-7+deb12u15) bookworm-security; urgency=medium
 .
   * d/binfmt-install: stop using C (Credentials) flag for binfmt_misc
     registration.  qemu-user binaries were never meant to be used in
     suid/sgid scenarios, but was used in debian since late 2009.  Any
     foreign suid/sgid binary accessible to the users, in presence of
     qemu-user binfmt, is trivially exploitable to gain elevated privileges.
     This change might break existing setups since for many years people
     relied on qemu-user binfmt working with suid binaries, but this is
     a situation where it is definitely better be safe than sorry.
Checksums-Sha1:
 e0eab422f12a852146c4f3c4406c2587c4705f22 6811 qemu_7.2+dfsg-7+deb12u15.dsc
 6ea9655c72a2f21ed0d301479e11194c84978514 23523172 qemu_7.2+dfsg.orig.tar.xz
 5600aa0d61b53256190e83b7a57621db0e884342 376508 qemu_7.2+dfsg-7+deb12u15.debian.tar.xz
 276fbbc25e704421a493989d8d5ced91f702254a 16721 qemu_7.2+dfsg-7+deb12u15_source.buildinfo
Checksums-Sha256:
 b5aa6d140a2138cc46a7e873552d351d9513c38f91e447bba44b1e300016e1d2 6811 qemu_7.2+dfsg-7+deb12u15.dsc
 91aca71520040edc40b8d437aa3004dae614f58e286cf653ee8996c07af2962f 23523172 qemu_7.2+dfsg.orig.tar.xz
 8fda07872ce40af2b952d00b11eb03e4c45cf5604a3a6521f608457ead8e5703 376508 qemu_7.2+dfsg-7+deb12u15.debian.tar.xz
 407d0436eeeca76a8c94e4112b497c2119316c7e1962d4f7922047bcd1492c83 16721 qemu_7.2+dfsg-7+deb12u15_source.buildinfo
Files:
 deac6b4327abaaf1de8718cab4d7d9d7 6811 otherosfs optional qemu_7.2+dfsg-7+deb12u15.dsc
 865ae004abc45245029b6812734365c8 23523172 otherosfs optional qemu_7.2+dfsg.orig.tar.xz
 4518ab09e2c88a81dcabaf0cbb1ba442 376508 otherosfs optional qemu_7.2+dfsg-7+deb12u15.debian.tar.xz
 13cdb175edff4bf1e1ca476257351a8e 16721 otherosfs optional qemu_7.2+dfsg-7+deb12u15_source.buildinfo

-----BEGIN PGP SIGNATURE-----

iQIzBAEBCgAdFiEEZKoqtTHVaQM2a/75gqpKJDselHgFAmifmUAACgkQgqpKJDse
lHgTaA//SXR+Cd7ZhSQUL0KnylzJaDI42YNghdXESdCm3711YvKEIGw5jBqREURq
s2DjjiYh86djCrfm5XKtx0+wPOfHyOIqCFdpqFV2c+3QN7F7Nt94Fv4rdDouUHcm
NoTN8nze6EU/FZ8FsHgl2ctA+Y8dYZ+pvJSwkWjfYzXUZ78rxXPuYTCwcQfA/3VY
z3N4i0MdLlGI97Fnr16fhJ+F08VY1auYZy/EYvSvNRjEAhivj6bRNk5x4rAK+0L3
q3xHFcJ69Lt88doEObdSYWd/oIXdF5Gy3Z76N4wJ6t2iLM9KYOG4ZOE0Dz/taNdE
6BmYfAXwYdRaTOVFPysd6ngpQV80lxYioHP3SqWZCWc/kRqOA/BJBtnWKUsy69LO
4aOTystiNR2HponlFlOPxB026n/8R4pCk/yq/lFYoKJizlBAwzuti2px/LK5qsuM
zceQwX6PNMRA9Gq/nrJXDlKSk927guoSZA/2u8o3tpgcz7sBxxaJqVJnMF+Ncxe3
vt89aav+PlKOEl3IPywU0wbHS6UvtNo2xfKn7gEfQffAk+8S3zV3U9hNbzFuAHjy
qQ23wY9U3Dgx4YhPGV7Gchjwtn3/akAxdEpYnwjL1Zvzk0FU46HmU413tDmdlRV7
FqsdqY5FkK0C6jqjyLD2FqG1lNyXnSJnl80t9VgnOUs3+hDNtP8=
=3yI8
-----END PGP SIGNATURE-----
News for package qemu
