Your message dated Wed, 22 Jul 2020 17:04:30 +0000
with message-id <[email protected]>
and subject line Bug#961451: fixed in qemu 1:5.0-12
has caused the Debian Bug report #961451,
regarding CVE-2020-12829
to be marked as done.
This means that you claim that the problem has been dealt with.
If this is not the case it is now your responsibility to reopen the
Bug report if necessary, and/or fix the problem forthwith.
(NB: If you are a system administrator and have no idea what this
message is talking about, this may indicate a serious mail system
misconfiguration somewhere. Please contact [email protected]
immediately.)
--
961451: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=961451
Debian Bug Tracking System
Contact [email protected] with problems
--- Begin Message ---
Source: qemu
Severity: normal
Tags: security
This was originally reported in Red Hat Bugzilla:
https://bugzilla.redhat.com/show_bug.cgi?id=1808510
https://bugzilla.redhat.com/show_bug.cgi?id=1786026
Cheers,
Moritz
--- End Message ---
--- Begin Message ---
Source: qemu
Source-Version: 1:5.0-12
Done: Michael Tokarev <[email protected]>
We believe that the bug you reported is fixed in the latest version of
qemu, which is due to be installed in the Debian FTP archive.
A summary of the changes between this version and the previous one is
attached.
Thank you for reporting the bug, which will now be closed. If you
have further comments please address them to [email protected],
and the maintainer will reopen the bug report if appropriate.
Debian distribution maintenance software
pp.
Michael Tokarev <[email protected]> (supplier of updated qemu package)
(This message was generated automatically at their request; if you
believe that there is a problem with it please contact the archive
administrators by mailing [email protected])
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256
Format: 1.8
Date: Wed, 22 Jul 2020 19:42:29 +0300
Source: qemu
Architecture: source
Version: 1:5.0-12
Distribution: unstable
Urgency: medium
Maintainer: Debian QEMU Team <[email protected]>
Changed-By: Michael Tokarev <[email protected]>
Closes: 961451 965381
Changes:
qemu (1:5.0-12) unstable; urgency=medium
.
* acpi-accept-byte-and-word-access-to-core-ACPI-registers.patch
this replace cpi-allow-accessing-acpi-cnt-register-by-byte.patch
and acpi-tmr-allow-2-byte-reads.patch, a more complete fix
* xhci-fix-valid.max_access_size-to-access-address-registers.patch
fix one more incarnation of the breakage after the CVE-2020-13754 fix
* do not install outdated (0.12 and before) Changelog (Closes: #965381)
* xgmac-fix-buffer-overflow-in-xgmac_enet_send-CVE-2020-15863.patch
ARM-only XGMAC NIC, possible buffer overflow during packet transmission
Closes: CVE-2020-15863
* sm501 OOB read/write due to integer overflow in sm501_2d_operation()
List of patches:
sm501-convert-printf-abort-to-qemu_log_mask.patch
sm501-shorten-long-variable-names-in-sm501_2d_operation.patch
sm501-use-BIT-macro-to-shorten-constant.patch
sm501-clean-up-local-variables-in-sm501_2d_operation.patch
sm501-replace-hand-written-implementation-with-pixman-CVE-2020-12829.patch
Closes: #961451, CVE-2020-12829
Checksums-Sha1:
acdffeace8089ecf9530588419e51876495569cd 6737 qemu_5.0-12.dsc
a1d77be7d5fd34fe75591e383dcf5b49a67de9ae 114036 qemu_5.0-12.debian.tar.xz
40c61403cc1385c5f82948a97d1155e8159fd435 9221 qemu_5.0-12_source.buildinfo
Checksums-Sha256:
fd3cd3feefe5874c8437d91f13a25658de982568c627e8acf312c2bea8aa12e1 6737
qemu_5.0-12.dsc
343cec4500af60e38dc61bc08daf1de9690b1c28fca9af1f8ebf67fa27c8c06b 114036
qemu_5.0-12.debian.tar.xz
e573e5a52c876c55f2f29682b28c11606f6abf5bafcce167eca632a3fb64f9a3 9221
qemu_5.0-12_source.buildinfo
Files:
f6fe0d46491a2e00f0a4b196f66a961a 6737 otherosfs optional qemu_5.0-12.dsc
1421cb72bd4f5c5715d97f78748b4ab5 114036 otherosfs optional
qemu_5.0-12.debian.tar.xz
230ef9ffd97ec0a34ac3b36b488443ab 9221 otherosfs optional
qemu_5.0-12_source.buildinfo
-----BEGIN PGP SIGNATURE-----
iQFDBAEBCAAtFiEEe3O61ovnosKJMUsicBtPaxppPlkFAl8YbaQPHG1qdEB0bHMu
bXNrLnJ1AAoJEHAbT2saaT5ZVxYIAJzIJhDCUyR8MhhiXMDwm68qqTTTQMYSnEHN
80ObhUk2lLCJbYi/4Uu5RJjKJP74XTshicN2CdVhX1P9rhyDfKL007ldzH76Dgt1
mPP/PIXoMpIlNrR5r6Iz/VAg6MY6+o9hfqFX2i4/n9uT8zgsLMLH5fpT6kNBE2h/
rwi6ojY8+oAU7wrBDBfSqFlm0hIujhgbvcNmbI74TW5O9gC2UBapsvy/5bgcF1Sv
6OroRGMHUVkKfy7iWxBp46QAH5XsrMccrSmocmaGJPWYasC9isRZcy7SMhZ4oyQI
cWRAGT6D5UvnnTKo1Se5LSe2tNbnN4Ckn0DNn7o/NGxDgvCKAe8=
=xUq7
-----END PGP SIGNATURE-----
--- End Message ---
