Accepted php-pecl-http 2.0.4-1+deb8u1 (source amd64) into oldoldstable

[Roberto C. Sanchez]

-BEGIN PGP SIGNED MESSAGE-
Hash: SHA512

Format: 1.8
Date: Fri, 20 Sep 2019 14:33:46 -0400
Source: php-pecl-http
Binary: php5-pecl-http php5-pecl-http-dev
Architecture: source amd64
Version: 2.0.4-1+deb8u1
Distribution: jessie-security
Urgency: high
Maintainer: Facundo Guerrero 
Changed-By: Roberto C. Sanchez 
Description:
 php5-pecl-http - pecl_http module for PHP 5 Extended HTTP Support
 php5-pecl-http-dev - pecl_http module for PHP 5 Extended HTTP Support 
development head
Changes:
 php-pecl-http (2.0.4-1+deb8u1) jessie-security; urgency=high
 .
   * Non-maintainer upload by the LTS Team.
   * CVE-2016-7398: Fix type confusion vulnerability which allows attackers to
 crash PHP and possibly execute arbitrary code via crafted HTTP requests
   * Adjust Build-Depends for php5-dev and php-pear both at version
 5.6.40+dfsg-0+deb8u6, which contain a necessary fix for building PHP
 extensions
Checksums-Sha1:
 306581d7faa20ec047052cceb049ffc9cd81c9bd 2083 php-pecl-http_2.0.4-1+deb8u1.dsc
 a54d97dcd731e9b1442eca9c2dffe4cae346f6f8 152350 php-pecl-http_2.0.4.orig.tar.gz
 1d3564f7e73989193f6ff4fa92e04966c247f998 5104 
php-pecl-http_2.0.4-1+deb8u1.debian.tar.xz
 e7c5f633d3ecd867f3823ce847ea20e9965e70c2 115038 
php5-pecl-http_2.0.4-1+deb8u1_amd64.deb
 3373bf71d03de4ae7a102f8dff02d4fc8333f75c 18994 
php5-pecl-http-dev_2.0.4-1+deb8u1_amd64.deb
Checksums-Sha256:
 f6a8c23e8754984ccc7b980f048638fd8c9386d943c7b673587a710c66c8e363 2083 
php-pecl-http_2.0.4-1+deb8u1.dsc
 739ead1b0a524bb5142bcd50a36f44a35b2ab911211b2467f7a169dc4746bca0 152350 
php-pecl-http_2.0.4.orig.tar.gz
 a35ab16446a115e9e22673771026fc53d31cf24a734795da5c33a65379806aaa 5104 
php-pecl-http_2.0.4-1+deb8u1.debian.tar.xz
 da8a9a5274a54528eb487ca7b28be803515277c5b1241fff6ac59c64702a4997 115038 
php5-pecl-http_2.0.4-1+deb8u1_amd64.deb
 ee459ba7583183e46cd8e20064f2182c9cfa23f41ae4f5fdd8263c4dc0c18b22 18994 
php5-pecl-http-dev_2.0.4-1+deb8u1_amd64.deb
Files:
 2c2ebcce4848b306003c2f161220ebfa 2083 web optional 
php-pecl-http_2.0.4-1+deb8u1.dsc
 75bdcf0e5f3788ef593e97c22cc4b8b1 152350 web optional 
php-pecl-http_2.0.4.orig.tar.gz
 54a389435e0521014baca4699c1e1c08 5104 web optional 
php-pecl-http_2.0.4-1+deb8u1.debian.tar.xz
 aaec08bab4260a01aaf37e0971fb5a83 115038 web optional 
php5-pecl-http_2.0.4-1+deb8u1_amd64.deb
 5fe10e100d01d4017456d10f4aef60b2 18994 web optional 
php5-pecl-http-dev_2.0.4-1+deb8u1_amd64.deb

-BEGIN PGP SIGNATURE-

iQIzBAEBCgAdFiEEz9ERzDttUsU/BH8iLNd4Xt2nsg8FAl2FHYoACgkQLNd4Xt2n
sg8NERAAp7TqeRz2H+C0+7Q/eSPkijXdvK7y1lm3RpBf7RJ8lvpf6ln2EcbnNfh9
rjdcRA4L2nas46MXRcFc/Ic45yJwdTo5LZNhn15sJHUWJYodp3HK5xT7jhVYntWT
1PBzbWO7xJowIJR15gfelvvxMc2V6pgOl/voRxIOB9U2OFwAGgM4+Sl3qGw9C1pH
8UKEhAqUqdwtcJi5yPqZkQ1XZeMBz8wBUEV22fCjBCAoOXEwiY7/ACT3Jy1AgvAT
NgTVI1WrsI8rRLnpytu9Jt+nBA2LvPPQnOE+1v8ybSOyQ9xPoG40FCVpBPvLVDjT
IUsZaTmPw82c5WbLVnSVzBsJmmac43oKS6UVdXfym5kVwaQ2hcNDZ9BwylxZXIPu
KhBi1mpN3Yr68BabP8GPcancKSLq/AEYPIEu4OTZyXuSP0fXFP1GqDUy9SainlxF
1e3Tk9FdJKOfZiJiW0i/kQnVUinUMQjucg0qrzRl1UPA5N5FGT+Cj/cxonFgxziV
Am8vu5aftGQAv8jN5rrvVMILLRe7qkeWd0mgbrLmSHqPy14LMhS/i1fEso417RTC
8wmM8R6Ki+sE2XC1hkZmTVpF8hMXmUZFsyWfHtaBJu0xDhC2lARWVcvAMYxu2K7z
qOMpX25+roglEfUF13PWNVOBEXpwrQwBjz8R4MtEmzLam18y1DQ=
=H4ot
-END PGP SIGNATURE-

Accepted qemu 1:2.1+dfsg-12+deb8u12 (source amd64) into oldoldstable

[Sylvain Beucler]

-BEGIN PGP SIGNED MESSAGE-
Hash: SHA512

Format: 1.8
Date: Wed, 11 Sep 2019 11:56:13 +0200
Source: qemu
Binary: qemu qemu-system qemu-system-common qemu-system-misc qemu-system-arm 
qemu-system-mips qemu-system-ppc qemu-system-sparc qemu-system-x86 qemu-user 
qemu-user-static qemu-user-binfmt qemu-utils qemu-guest-agent qemu-kvm
Architecture: source amd64
Version: 1:2.1+dfsg-12+deb8u12
Distribution: jessie-security
Urgency: medium
Maintainer: Debian QEMU Team 
Changed-By: Sylvain Beucler 
Description:
 qemu   - fast processor emulator
 qemu-guest-agent - Guest-side qemu-system agent
 qemu-kvm   - QEMU Full virtualization on x86 hardware
 qemu-system - QEMU full system emulation binaries
 qemu-system-arm - QEMU full system emulation binaries (arm)
 qemu-system-common - QEMU full system emulation binaries (common files)
 qemu-system-mips - QEMU full system emulation binaries (mips)
 qemu-system-misc - QEMU full system emulation binaries (miscelaneous)
 qemu-system-ppc - QEMU full system emulation binaries (ppc)
 qemu-system-sparc - QEMU full system emulation binaries (sparc)
 qemu-system-x86 - QEMU full system emulation binaries (x86)
 qemu-user  - QEMU user mode emulation binaries
 qemu-user-binfmt - QEMU user mode binfmt registration for qemu-user
 qemu-user-static - QEMU user mode emulation binaries (static version)
 qemu-utils - QEMU utilities
Changes:
 qemu (1:2.1+dfsg-12+deb8u12) jessie-security; urgency=medium
 .
   * Non-maintainer upload by the LTS team.
 .
   [Mike Gabriel]
   * CVE-2017-9375: Track xhci_kick_ep processing being active in a variable.
 Check the variable at the beginning of xhci_kick_ep. Add an assert right
 before processing the kick.
   * CVE-2019-12155: qxl: Check release info object. When releasing spice
 resources in release_resource() routine, if release info object
 'ext.info' is null, it leads to null pointer dereference. Add check
 to avoid it.
   * CVE-2016-5403: virtio: error out if guest exceeds virtqueue size. Plus
 set vq->inuse correctly at various places.
   * CVE-2016-5126: block/iscsi: avoid potential overflow of acb->task->cdb.
   * Remove unused/redundant patch files.
 .
   [Sylvain Beucler]
   * CVE-2019-12068: scsi: lsi: exit infinite loop while executing script
   * CVE-2019-13164: qemu-bridge-helper.c in QEMU 4.0.0 does not ensure
 that a network interface name (obtained from bridge.conf or a
 --br=bridge option) is limited to the IFNAMSIZ size, which can
 lead to an ACL bypass.
   * CVE-2019-14378: ip_reass in ip_input.c in libslirp has a
 heap-based buffer overflow via a large packet because it
 mishandles a case involving the first fragment.
   * CVE-2019-15890: libslirp has a use-after-free in ip_reass in ip_input.c.
Checksums-Sha1:
 4acefb7d871bc0d17f87c7970d2fcf560a3d971f 5193 qemu_2.1+dfsg-12+deb8u12.dsc
 964a44f2db3bc24ebe0e1cb4e445ea14dd54e9ad 223924 
qemu_2.1+dfsg-12+deb8u12.debian.tar.xz
 fa3a787fe60a85d5d3dfba8ea05439bb5b719809 126996 
qemu_2.1+dfsg-12+deb8u12_amd64.deb
 5ed3b13f43d2e55d0f31972c163d22d1da0ad5ed 56230 
qemu-system_2.1+dfsg-12+deb8u12_amd64.deb
 3cc4435e0aa76321a87630d7bf09b10eee75675b 286938 
qemu-system-common_2.1+dfsg-12+deb8u12_amd64.deb
 07dbe5deecd3800e0848ff36e2a8446e8767a182 4795244 
qemu-system-misc_2.1+dfsg-12+deb8u12_amd64.deb
 9295641efd9cfd44694eb1e423e075f84f0e23ab 2240822 
qemu-system-arm_2.1+dfsg-12+deb8u12_amd64.deb
 a5eae3703d9f833ffa5b8ee476fff37c61c52f9b 2841670 
qemu-system-mips_2.1+dfsg-12+deb8u12_amd64.deb
 b332d823ae8c9cb05d144e72c3ad5112fcb65088 2750384 
qemu-system-ppc_2.1+dfsg-12+deb8u12_amd64.deb
 112d0b66616a81ad7989ee9867672261a8afcca2 1673754 
qemu-system-sparc_2.1+dfsg-12+deb8u12_amd64.deb
 3c28434b3a212c8f10f1c75b79c9b0c69b2c47c9 2050640 
qemu-system-x86_2.1+dfsg-12+deb8u12_amd64.deb
 1c3cdde2d2f54761263c9166fba43200d4c6505c 6114562 
qemu-user_2.1+dfsg-12+deb8u12_amd64.deb
 ea0ef1aaafb429abe81946a93d07d466b99f6a60 8393026 
qemu-user-static_2.1+dfsg-12+deb8u12_amd64.deb
 d3ad6dd0db93f0236f5bf05bc71bcb34c7170a99 2932 
qemu-user-binfmt_2.1+dfsg-12+deb8u12_amd64.deb
 f85bab6b6c469efd0208da378e025c8f45cf885b 487968 
qemu-utils_2.1+dfsg-12+deb8u12_amd64.deb
 5ffd889d65f4fdc57d5773d15818738da88fd1ea 140284 
qemu-guest-agent_2.1+dfsg-12+deb8u12_amd64.deb
 3a326759e3eb4e7e41c8cc02fe085e176806899f 56894 
qemu-kvm_2.1+dfsg-12+deb8u12_amd64.deb
Checksums-Sha256:
 9798c54b3cc0e1aa5baac8c5269ecf989ab65c091647c283d747141ad7440f41 5193 
qemu_2.1+dfsg-12+deb8u12.dsc
 7fed0281e9e41bb1cd1517223ce57c95cf69765551a070f457653c859802bbf6 223924 
qemu_2.1+dfsg-12+deb8u12.debian.tar.xz
 1197c0aeec9a512101dfbf723414c39c6c65e995eb4b7cfddba1e6436e05b349 126996 
qemu_2.1+dfsg-12+deb8u12_amd64.deb
 39729d2e28265e1612cb861e762771dbb703431bb0aee083a6afc743f1e45bb9 56230 
qemu-system_2.1+dfsg-12+deb8u12_amd64.deb
 6533502e56c381d08cb2e7a84594fa57cb3e1b5be6bea65e417874c3abaebd4b 286938 
qemu-system-common_2.1+dfsg-12+deb8u12_amd64.deb