Debian Package Tracker
Register | Log in
Subscribe

libslirp

Choose email to subscribe with

general
  • source: libslirp (main)
  • version: 4.9.3-1
  • maintainer: Debian QEMU Team (archive) (DMD)
  • uploaders: Michael Tokarev [DMD]
  • arch: any
  • std-ver: 4.7.0
  • VCS: Git (Browse, QA)
versions [more versions can be listed by madison] [old versions available from snapshot.debian.org]
[pool directory]
  • o-o-stable: 4.4.0-1+deb11u2
  • oldstable: 4.7.0-1
  • stable: 4.8.0-1
  • testing: 4.9.3-1
  • unstable: 4.9.3-1
versioned links
  • 4.4.0-1+deb11u2: [.dsc, use dget on this link to retrieve source package] [changelog] [copyright] [rules] [control]
  • 4.7.0-1: [.dsc, use dget on this link to retrieve source package] [changelog] [copyright] [rules] [control]
  • 4.8.0-1: [.dsc, use dget on this link to retrieve source package] [changelog] [copyright] [rules] [control]
  • 4.9.3-1: [.dsc, use dget on this link to retrieve source package] [changelog] [copyright] [rules] [control]
binaries
  • libslirp-dev (1 bugs: 0, 1, 0, 0)
  • libslirp0 (1 bugs: 0, 0, 1, 0)
action needed
A new upstream version is available: 20201217 high
A new upstream version 20201217 is available, you should consider packaging it.
Created: 2026-05-24 Last update: 2026-06-29 19:03
1 security issue in bullseye high

There is 1 open security issue in bullseye.

1 important issue:
  • CVE-2026-9539: An out-of-bounds heap read and integer underflow in the TCP urgent data handling (sosendoob) in freedesktop.org libslirp version before v4.9.2 on hypervisor host environments (e.g., QEMU) allows a privileged guest VM attacker (root or CAP_NET_RAW) to leak gigabytes of sensitive host-process heap memory via sending crafted TCP segments with manipulated URG flags and urgent pointers (ti_urp).
Created: 2026-06-24 Last update: 2026-06-26 20:30
1 security issue in bookworm high

There is 1 open security issue in bookworm.

1 important issue:
  • CVE-2026-9539: An out-of-bounds heap read and integer underflow in the TCP urgent data handling (sosendoob) in freedesktop.org libslirp version before v4.9.2 on hypervisor host environments (e.g., QEMU) allows a privileged guest VM attacker (root or CAP_NET_RAW) to leak gigabytes of sensitive host-process heap memory via sending crafted TCP segments with manipulated URG flags and urgent pointers (ti_urp).
Created: 2026-06-24 Last update: 2026-06-26 20:30
1 bug tagged patch in the BTS normal
The BTS contains patches fixing 1 bug, consider including or untagging them.
Created: 2026-06-02 Last update: 2026-06-29 23:30
1 new commit since last upload, is it time to release? normal
vcswatch reports that this package seems to have new commits in its VCS but has not yet updated debian/changelog. You should consider updating the Debian changelog and uploading this new version into the archive.

Here are the relevant commit logs:
commit 125524af1bc4176148a28870f7e3b5c13244a3ba
Author: Michael Tokarev <mjt@tls.msk.ru>
Date:   Fri Jun 26 19:34:07 2026 +0300

    d/gbp.conf: pristine-tar & sign-tags
Created: 2026-06-26 Last update: 2026-06-26 18:30
1 open merge request in Salsa normal
There is 1 open merge request for this package on Salsa. You should consider reviewing and/or merging these merge requests.
Created: 2025-08-19 Last update: 2025-08-19 06:28
Standards version of the package is outdated. wishlist
The package should be updated to follow the last version of Debian Policy (Standards-Version 4.7.4 instead of 4.7.0).
Created: 2025-02-21 Last update: 2026-05-27 01:32
news
[rss feed]
  • [2026-06-02] libslirp 4.9.3-1 MIGRATED to testing (Debian testing watch)
  • [2026-05-26] Accepted libslirp 4.9.3-1 (source) into unstable (Michael Tokarev)
  • [2026-05-23] Accepted libslirp 4.9.2-1 (source) into unstable (Michael Tokarev)
  • [2025-09-16] libslirp 4.9.1-1 MIGRATED to testing (Debian testing watch)
  • [2025-09-09] Accepted libslirp 4.9.1-1 (source) into unstable (Michael Tokarev)
  • [2024-06-22] libslirp 4.8.0-1 MIGRATED to testing (Debian testing watch)
  • [2024-06-16] Accepted libslirp 4.8.0-1 (source) into unstable (Michael Tokarev)
  • [2022-05-06] libslirp 4.7.0-1 MIGRATED to testing (Debian testing watch)
  • [2022-04-30] Accepted libslirp 4.7.0-1 (source) into unstable (Michael Tokarev)
  • [2021-10-01] Accepted libslirp 4.4.0-1+deb11u2 (source) into proposed-updates->stable-new, proposed-updates (Debian FTP Masters) (signed by: Michael Tokarev)
  • [2021-10-01] Accepted libslirp 4.4.0-1+deb11u1 (source) into proposed-updates->stable-new, proposed-updates (Debian FTP Masters) (signed by: Michael Tokarev)
  • [2021-08-25] libslirp 4.6.1-1 MIGRATED to testing (Debian testing watch)
  • [2021-08-19] Accepted libslirp 4.6.1-1 (source) into unstable (Michael Tokarev)
  • [2020-12-26] libslirp 4.4.0-1 MIGRATED to testing (Debian testing watch)
  • [2020-12-21] Accepted libslirp 4.4.0-1 (source) into unstable (Michael Tokarev)
  • [2020-08-13] Accepted libslirp 4.3.1-1~bpo10+1 (source amd64) into buster-backports, buster-backports (Debian FTP Masters) (signed by: Michael Tokarev)
  • [2020-07-16] libslirp 4.3.1-1 MIGRATED to testing (Debian testing watch)
  • [2020-07-10] Accepted libslirp 4.3.1-1 (source) into unstable (Michael Tokarev)
  • [2020-04-23] libslirp 4.2.0-2 MIGRATED to testing (Debian testing watch)
  • [2020-04-21] Accepted libslirp 4.2.0-2 (source) into unstable (Michael Tokarev)
  • [2020-04-20] libslirp 4.2.0-1 MIGRATED to testing (Debian testing watch)
  • [2020-04-14] Accepted libslirp 4.2.0-1 (source) into unstable (Michael Tokarev)
  • [2020-01-19] libslirp 4.1.0-2 MIGRATED to testing (Debian testing watch)
  • [2020-01-17] Accepted libslirp 4.1.0-2 (source) into unstable (Michael Tokarev)
  • [2019-12-12] libslirp 4.1.0-1 MIGRATED to testing (Debian testing watch)
  • [2019-12-07] Accepted libslirp 4.1.0-1 (source) into unstable (Michael Tokarev)
  • [2019-12-03] libslirp 4.0.0-2 MIGRATED to testing (Debian testing watch)
  • [2019-11-28] Accepted libslirp 4.0.0-2 (source) into unstable (Michael Tokarev)
  • [2019-11-11] Accepted libslirp 4.0.0-1 (source amd64) into unstable, unstable (Michael Tokarev)
bugs [bug history graph]
  • all: 2
  • RC: 0
  • I&N: 1
  • M&W: 1
  • F&P: 0
  • patch: 1
links
  • homepage
  • lintian
  • buildd: logs, reproducibility, cross
  • popcon
  • browse source code
  • other distros
  • security tracker
ubuntu Ubuntu logo [Information about Ubuntu for Debian Developers]
  • version: 4.9.3-1ubuntu1
  • patches for 4.9.3-1ubuntu1

Debian Package Tracker — Copyright 2013-2025 The Distro Tracker Developers
Report problems to the tracker.debian.org pseudo-package in the Debian BTS.
Documentation — Bugs — Git Repository — Contributing