-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 Format: 3.0 (quilt) Source: qemu Binary: qemu, qemu-system, qemu-system-common, qemu-system-misc, qemu-system-arm, qemu-system-mips, qemu-system-ppc, qemu-system-sparc, qemu-system-x86, qemu-user, qemu-user-static, qemu-user-binfmt, qemu-utils, qemu-guest-agent, qemu-kvm Architecture: any Version: 1:2.1+dfsg-12+deb8u2 Maintainer: Debian QEMU Team <[email protected]> Uploaders: Aurelien Jarno <[email protected]>, Riku Voipio <[email protected]>, Vagrant Cascadian <[email protected]>, Michael Tokarev <[email protected]> Homepage: http://www.qemu.org/ Standards-Version: 3.9.5 Vcs-Browser: http://anonscm.debian.org/gitweb/?p=pkg-qemu/qemu.git Vcs-Git: git://anonscm.debian.org/pkg-qemu/qemu.git Build-Depends: debhelper (>= 9), device-tree-compiler, texinfo, python:any, acpica-tools, libaio-dev [linux-any], libasound2-dev [linux-any], libattr1-dev, libbluetooth-dev [linux-any], libbrlapi-dev, libcap-dev [linux-any], libcap-ng-dev [linux-any], libcurl4-gnutls-dev, libfdt-dev, gnutls-dev, libiscsi-dev (>> 1.9.0~), libncurses5-dev, libpixman-1-dev, libpulse-dev, librados-dev [linux-any], librbd-dev [linux-any], libsasl2-dev, libsdl1.2-dev (>> 1.2.1), libseccomp-dev (>> 2.1.0) [linux-amd64 linux-i386], libspice-server-dev (>= 0.12.2~) [linux-amd64 linux-i386], libspice-protocol-dev (>= 0.12.3~) [linux-amd64 linux-i386], libusb-1.0-0-dev (>= 2:1.0.13~) [linux-any], libusbredirparser-dev (>= 0.6~) [linux-any], libssh2-1-dev, libvdeplug-dev, libx11-dev, libxen-dev [linux-amd64 linux-i386], linux-libc-dev (>= 2.6.34) [linux-any], uuid-dev, xfslibs-dev [linux-any], zlib1g-dev, libjpeg-dev, libpng12-dev Build-Conflicts: oss4-dev Package-List: qemu deb otherosfs optional arch=amd64,arm,arm64,armel,armhf,hppa,i386,ia64,kfreebsd-amd64,kfreebsd-i386,mips,mipsel,powerpc,powerpcspe,ppc64,ppc64el,s390x,sparc,sparc64,x32 qemu-guest-agent deb otherosfs optional arch=any qemu-kvm deb otherosfs optional arch=i386,amd64 qemu-system deb otherosfs optional arch=amd64,arm,arm64,armel,armhf,hppa,i386,ia64,kfreebsd-amd64,kfreebsd-i386,mips,mipsel,powerpc,powerpcspe,ppc64,ppc64el,s390x,sparc,sparc64,x32 qemu-system-arm deb otherosfs optional arch=amd64,arm,arm64,armel,armhf,hppa,i386,ia64,kfreebsd-amd64,kfreebsd-i386,mips,mipsel,powerpc,powerpcspe,ppc64,ppc64el,s390x,sparc,sparc64,x32 qemu-system-common deb otherosfs optional arch=amd64,arm,arm64,armel,armhf,hppa,i386,ia64,kfreebsd-amd64,kfreebsd-i386,mips,mipsel,powerpc,powerpcspe,ppc64,ppc64el,s390x,sparc,sparc64,x32 qemu-system-mips deb otherosfs optional arch=amd64,arm,arm64,armel,armhf,hppa,i386,ia64,kfreebsd-amd64,kfreebsd-i386,mips,mipsel,powerpc,powerpcspe,ppc64,ppc64el,s390x,sparc,sparc64,x32 qemu-system-misc deb otherosfs optional arch=amd64,arm,arm64,armel,armhf,hppa,i386,ia64,kfreebsd-amd64,kfreebsd-i386,mips,mipsel,powerpc,powerpcspe,ppc64,ppc64el,s390x,sparc,sparc64,x32 qemu-system-ppc deb otherosfs optional arch=amd64,arm,arm64,armel,armhf,hppa,i386,ia64,kfreebsd-amd64,kfreebsd-i386,mips,mipsel,powerpc,powerpcspe,ppc64,ppc64el,s390x,sparc,sparc64,x32 qemu-system-sparc deb otherosfs optional arch=amd64,arm,arm64,armel,armhf,hppa,i386,ia64,kfreebsd-amd64,kfreebsd-i386,mips,mipsel,powerpc,powerpcspe,ppc64,ppc64el,s390x,sparc,sparc64,x32 qemu-system-x86 deb otherosfs optional arch=amd64,arm,arm64,armel,armhf,hppa,i386,ia64,kfreebsd-amd64,kfreebsd-i386,mips,mipsel,powerpc,powerpcspe,ppc64,ppc64el,s390x,sparc,sparc64,x32 qemu-user deb otherosfs optional arch=amd64,arm,arm64,armel,armhf,hppa,i386,ia64,mips,mipsel,powerpc,powerpcspe,ppc64,ppc64el,s390x,sparc,sparc64,x32 qemu-user-binfmt deb otherosfs optional arch=amd64,arm,arm64,armel,armhf,hppa,i386,ia64,mips,mipsel,powerpc,powerpcspe,ppc64,ppc64el,s390x,sparc,sparc64,x32 qemu-user-static deb otherosfs optional arch=amd64,arm,arm64,armel,armhf,hppa,i386,ia64,mips,mipsel,powerpc,powerpcspe,ppc64,ppc64el,s390x,sparc,sparc64,x32 qemu-utils deb otherosfs optional arch=amd64,arm,arm64,armel,armhf,hppa,i386,ia64,kfreebsd-amd64,kfreebsd-i386,mips,mipsel,powerpc,powerpcspe,ppc64,ppc64el,s390x,sparc,sparc64,x32 Checksums-Sha1: d0c0314af2b710cf3dbd91522963cc0eefa51390 5163316 qemu_2.1+dfsg.orig.tar.xz a11f28854b972f71bb5e5eebe0da55bc82f23cfd 112728 qemu_2.1+dfsg-12+deb8u2.debian.tar.xz Checksums-Sha256: 34b610c2538c7617638b8f1bdedf8a96ca2ff8cd8ad97b920a70c4d8d481d97f 5163316 qemu_2.1+dfsg.orig.tar.xz 96f8859ab1e020b92e48000a90d06ee1e7d8f044acfa6666d715250100b417bc 112728 qemu_2.1+dfsg-12+deb8u2.debian.tar.xz Files: eae7dcf964948cb0f4ed58d0488ae0de 5163316 qemu_2.1+dfsg.orig.tar.xz 0075b321bff7879126a7282c081673d2 112728 qemu_2.1+dfsg-12+deb8u2.debian.tar.xz -----BEGIN PGP SIGNATURE----- Version: GnuPG v1 iQIcBAEBCgAGBQJV4cjYAAoJEAVMuPMTQ89Eh5wP/3c2ovR+R6aYGbwgNWt563Zg 38VxdlL39CbNEDqSBrSA6sI0dXvT+k4vVcgb4bWzp79RcMZYWJ/u35d0XCurvurf 4BmvvjiF4s2kjRNHKaMsqbL3hXuxVFYfFO9VjaditqmZYXmiPobqvhXmVWdSHYrr 526NY60eGLEcU159pLru5713ockci8ny2e1esPrwDNfuq7hCmuYo8LAghmzwuj/q d6SCBtHDVfoRfCwHqNJqE8aDj8x5o38cRWJOHPCMnMhIo0a6R2jhozqEGCSIp4zE jB1pSWK/FA54h0LG7ftJKxpHUUL1NMZJWakBvPhKAYOUauRK1uog6wbWivIYyDUU zoCRemrrf82SgYS5JQ6dAxi3aTKie1A5Q5bs/S2sMW0HdQB0nRyB6+TWp4estDLm hWMsHEPqOBiuhS6NDKIzKSosEULvjyONJ5VyTBlc0sgbW1hnyHDf3OLcFigciQnf jQaHkVFZK+jkfkG0aR7XBj9XnX6DqBykoaX/njP46NHF9S9z7ArBQ+9ZobxOZ4KG 8wMVcwv5aC1ikGRJImNzw3uitQnUG5SsU5gvE2G+d9vJekXy2e6alEtv27i89KZM plRMXCCiIPFz7c8TmOYFItgo3LJ2Mh4e8mu8212OtJA1swGY2fw6g+TAfDY0XaKm mU8lKpwimVeACCwdCnf4 =pEpZ -----END PGP SIGNATURE----- Changes: qemu (1:2.1+dfsg-12+deb8u2) jessie-security; urgency=high * Non-maintainer upload by the Security Team. * Add 0001-i8254-fix-out-of-bounds-memory-access-in-pit_ioport_.patch patch. CVE-2015-3214: i8254: out-of-bounds memory access in pit_ioport_read function. (Closes: #795461) * Add patches to address heap overflow when processing ATAPI commands. CVE-2015-5154: heap overflow during I/O buffer memory access. (Closes: #793811) * Add CVE-2015-5225.patch patch. CVE-2015-5225: vnc: heap memory corruption in vnc_refresh_server_surface. (Closes: #796465) * Add 0001-virtio-serial-fix-ANY_LAYOUT.patch patch. CVE-2015-5745: buffer overflow in virtio-serial. (Closes: #795087) * Add patches for CVE-2015-5165. CVE-2015-5165: rtl8139 uninitialized heap memory information leakage to guest. (Closes: #794610) -- Salvatore Bonaccorso <[email protected]> Sat, 29 Aug 2015 16:12:31 +0200