-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
Format: 1.7
Date: Mon, 30 Apr 2007 06:55:27 +0300
Source: qemu
Binary: qemu
Architecture: source i386
Version: 0.6.1+20050407-1sarge1
Distribution: oldstable-security
Urgency: high
Maintainer: Debian QEMU Team <[EMAIL PROTECTED]>
Changed-By: Guillem Jover <[EMAIL PROTECTED]>
Description:
qemu - fast processor emulator
Changes:
qemu (0.6.1+20050407-1sarge1) oldstable-security; urgency=high
.
[ Guillem Jover ]
* Fix several security issues found by Tavis Ormandy <[EMAIL PROTECTED]>:
- Cirrus LGD-54XX "bitblt" heap overflow. CVE-2007-1320
- NE2000 "mtu" heap overflow.
- QEMU NE2000 "receive" integer signedness error. CVE-2007-1321
- Infinite loop in the emulated SB16 device.
- Unprivileged 'aam' instruction does not correctly handle the
undocumented divisor operand. CVE-2007-1322
- Unprivileged 'icebp' instruction will halt emulation. CVE-2007-1322
- debian/patches/90_security.patch: New file.
Files:
0d4d669e862d4249af1fd6d4e62ed21e 860 misc optional
qemu_0.6.1+20050407-1sarge1.dsc
a4cb70b9b701668c1c37705f9b5baae6 991912 misc optional
qemu_0.6.1+20050407.orig.tar.gz
9940e2b1c7e3edce24a941d79cc45f1c 456776 misc optional
qemu_0.6.1+20050407-1sarge1.diff.gz
b3fd3a2a4c01ccd3a22ffb079c2da48a 1888278 misc optional
qemu_0.6.1+20050407-1sarge1_i386.deb
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.6 (GNU/Linux)
iD8DBQFGNXjHuW9ciZ2SjJsRAhKiAKCTKCiU+vo3ZAKmkd6l1D9NXpw+5QCg8VTc
eSqhIhapgMIX5MznVtW622Q=
=bHM8
-----END PGP SIGNATURE-----
Accepted:
qemu_0.6.1+20050407-1sarge1.diff.gz
to pool/main/q/qemu/qemu_0.6.1+20050407-1sarge1.diff.gz
qemu_0.6.1+20050407-1sarge1.dsc
to pool/main/q/qemu/qemu_0.6.1+20050407-1sarge1.dsc
qemu_0.6.1+20050407-1sarge1_i386.deb
to pool/main/q/qemu/qemu_0.6.1+20050407-1sarge1_i386.deb
--
To UNSUBSCRIBE, email to [EMAIL PROTECTED]
with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
