virglrenderer - Debian Package Tracker

general

source: virglrenderer (main)
version: 0.8.2-5
maintainer: Gert Wollny (DMD)
arch: any
std-ver: 4.5.0
VCS: Git (Browse, QA)

versions [more versions can be listed by madison] [old versions available from snapshot.debian.org]

[pool directory]

stable: 0.7.0-2
testing: 0.8.2-5
unstable: 0.8.2-5
exp: 0.9.0-1~exp1

versioned links

0.7.0-2: [.dsc, use dget on this link to retrieve source package] [changelog] [copyright] [rules] [control]
0.8.2-5: [.dsc, use dget on this link to retrieve source package] [changelog] [copyright] [rules] [control]
0.9.0-1~exp1: [.dsc, use dget on this link to retrieve source package] [changelog] [copyright] [rules] [control]

binaries

libvirglrenderer-dev
libvirglrenderer1
virgl-server

action needed

A new upstream version is available: 0.9.0 high

A new upstream version 0.9.0 is available, you should consider packaging it.

Created: 2021-04-06 Last update: 2021-04-17 18:06

Fails to build during reproducibility testing normal

A package building reproducibly enables third parties to verify that the source matches the distributed binaries. It has been identified that this source package produced different results, failed to build or had other issues in a test environment. Please read about how to improve the situation!

Created: 2021-03-31 Last update: 2021-04-17 14:35

1 new commit since last upload, is it time to release? normal

vcswatch reports that this package seems to have new commits in its VCS but has not yet updated debian/changelog. You should consider updating the Debian changelog and uploading this new version into the archive.

Here are the relevant commit logs:

commit 7e89623515fa87410ee2ed0201efb8be238497c4
Author: Gert Wollny <gw.fossdev@gmail.com>
Date:   Tue Apr 6 18:30:57 2021 +0200

    d/gitlab.ci: try to fix the additional files

Created: 2021-04-06 Last update: 2021-04-12 22:11

6 low-priority security issues in buster low

There are 6 open security issues in buster.

6 issues left for the package maintainer to handle:

CVE-2019-18388: (needs triaging) A NULL pointer dereference in vrend_renderer.c in virglrenderer through 0.8.0 allows guest OS users to cause a denial of service via malformed commands.
CVE-2019-18389: (needs triaging) A heap-based buffer overflow in the vrend_renderer_transfer_write_iov function in vrend_renderer.c in virglrenderer through 0.8.0 allows guest OS users to cause a denial of service, or QEMU guest-to-host escape and code execution, via VIRGL_CCMD_RESOURCE_INLINE_WRITE commands.
CVE-2019-18390: (needs triaging) An out-of-bounds read in the vrend_blit_need_swizzle function in vrend_renderer.c in virglrenderer through 0.8.0 allows guest OS users to cause a denial of service via VIRGL_CCMD_BLIT commands.
CVE-2019-18391: (needs triaging) A heap-based buffer overflow in the vrend_renderer_transfer_write_iov function in vrend_renderer.c in virglrenderer through 0.8.0 allows guest OS users to cause a denial of service via VIRGL_CCMD_RESOURCE_INLINE_WRITE commands.
CVE-2020-8002: (needs triaging) A NULL pointer dereference in vrend_renderer.c in virglrenderer through 0.8.1 allows attackers to cause a denial of service via commands that attempt to launch a grid without previously providing a Compute Shader (CS).
CVE-2020-8003: (needs triaging) A double-free vulnerability in vrend_renderer.c in virglrenderer through 0.8.1 allows attackers to cause a denial of service by triggering texture allocation failure, because vrend_renderer_resource_allocated_texture is not an appropriate place for a free.

You can find information about how to handle these issues in the security team's documentation.

Created: 2021-02-19 Last update: 2021-03-21 19:04

Standards version of the package is outdated. wishlist

The package should be updated to follow the last version of Debian Policy (Standards-Version 4.5.1 instead of 4.5.0).

Created: 2020-11-17 Last update: 2020-12-07 16:10

news

[rss feed]

[2021-04-06] Accepted virglrenderer 0.9.0-1~exp1 (source) into experimental (Gert Wollny)
[2020-12-12] virglrenderer 0.8.2-5 MIGRATED to testing (Debian testing watch)
[2020-12-07] Accepted virglrenderer 0.8.2-5 (source) into unstable (Gert Wollny)
[2020-08-03] virglrenderer 0.8.2-4 MIGRATED to testing (Debian testing watch)
[2020-07-28] Accepted virglrenderer 0.8.2-4 (source) into unstable (Gert Wollny)
[2020-07-18] virglrenderer 0.8.2-3 MIGRATED to testing (Debian testing watch)
[2020-07-12] Accepted virglrenderer 0.8.2-3 (source) into unstable (Gert Wollny)
[2020-05-01] virglrenderer 0.8.2-2 MIGRATED to testing (Debian testing watch)
[2020-04-26] Accepted virglrenderer 0.8.2-2 (source) into unstable (Gert Wollny)
[2020-04-25] Accepted virglrenderer 0.8.2-2~exp1 (source) into experimental (Gert Wollny)
[2020-02-18] virglrenderer 0.8.2-1 MIGRATED to testing (Debian testing watch)
[2020-02-12] Accepted virglrenderer 0.8.2-1 (source) into unstable (Gert Wollny)
[2020-01-19] virglrenderer 0.8.1-6 MIGRATED to testing (Debian testing watch)
[2020-01-13] Accepted virglrenderer 0.8.1-6 (source) into unstable (Gert Wollny)
[2020-01-13] Accepted virglrenderer 0.8.1-5 (source) into unstable (Gert Wollny)
[2020-01-11] Accepted virglrenderer 0.8.1-4 (source) into unstable (Gert Wollny)
[2020-01-10] Accepted virglrenderer 0.8.1-3 (source) into unstable (Gert Wollny)
[2020-01-09] Accepted virglrenderer 0.8.1-2 (source) into unstable (Gert Wollny)
[2019-12-20] Accepted virglrenderer 0.8.1-1 (source) into unstable (Gert Wollny)
[2019-10-28] virglrenderer 0.8.0-2 MIGRATED to testing (Debian testing watch)
[2019-10-23] Accepted virglrenderer 0.8.0-2 (source) into unstable (Gert Wollny)
[2019-09-29] virglrenderer 0.8.0-1 MIGRATED to testing (Debian testing watch)
[2019-09-24] Accepted virglrenderer 0.8.0-1 (source) into unstable (Gert Wollny)
[2019-09-03] Accepted virglrenderer 0.8.0-1~exp1 (source amd64) into experimental, experimental (Gert Wollny)
[2019-01-14] virglrenderer 0.7.0-2 MIGRATED to testing (Debian testing watch)
[2019-01-09] Accepted virglrenderer 0.7.0-2 (source) into unstable (Gert Wollny)
[2018-10-16] virglrenderer 0.7.0-1 MIGRATED to testing (Debian testing watch)
[2018-10-11] Accepted virglrenderer 0.7.0-1 (source amd64) into unstable (Laurent Bigonville)
[2017-08-30] virglrenderer 0.6.0-2 MIGRATED to testing (Debian testing watch)
[2017-08-25] Accepted virglrenderer 0.6.0-2 (source) into unstable (Adam Borowski)

bugs [bug history graph]

all: 1
RC: 0
I&N: 1
M&W: 0
F&P: 0
patch: 0

links

homepage
lintian
buildd: logs, exp, clang, reproducibility, cross
popcon
browse source code
edit tags
other distros
security tracker

ubuntu

[Information about Ubuntu for Debian Developers]

version: 0.8.2-5
1 bug