home  bbs  files  messages ]

      ZZLI4418             linux.debian.changes             419 messages      

[ previous | next | reply ]

[ list messages | list forums ]

  Msg # 45 of 419 on ZZLI4418, Tuesday 8-25-25, 12:59  
  From: DEBIAN FTP MASTERS  
  To: ALL  
  Subj: Accepted qemu 1:10.0.2+ds-2+deb13u1 (sou  
 From: ftpmaster@ftp-master.debian.org 
  
 -----BEGIN PGP SIGNED MESSAGE----- 
 Hash: SHA512 
  
 Format: 1.8 
 Date: Fri, 15 Aug 2025 12:54:40 +0300 
 Source: qemu 
 Architecture: source 
 Version: 1:10.0.2+ds-2+deb13u1 
 Distribution: trixie-security 
 Urgency: medium 
 Maintainer: Debian QEMU Team  
 Changed-By: Michael Tokarev  
 Closes: 1109989 
 Changes: 
  qemu (1:10.0.2+ds-2+deb13u1) trixie-security; urgency=medium 
  . 
    * d/binfmt-install: stop using C (Credentials) flag for binfmt_misc 
      registration.  qemu-user binaries were never meant to be used in 
      suid/sgid scenarios, but was used in debian since late 2009.  Any 
      foreign suid/sgid binary accessible to the users, in presence of 
      qemu-user binfmt, is trivially exploitable to gain elevated privileges. 
      This change might break existing setups since for many years people 
      relied on qemu-user binfmt working with suid binaries, but this is 
      a situation where it is definitely better be safe than sorry. 
    * pcie_sriov-Fix-configuration-and-state-synchronizati.patch 
      (Closes: #1109989, CVE-2025-54566, CVE-2025-54567) 
 Checksums-Sha1: 
  0fb120292fc6c74a4c2035bea94bd5b1992b8d12 12455 qemu_10.0.2+ds-2+deb13u1.dsc 
  0da721835b445ce31e3d69631ac878ebe218a6af 39449628 qemu_10.0.2+ds.orig.tar. 
 xz 
  759580a21004aea649a42789c1a2de75cfd80a0a 139060 qemu_10.0.2+ds- 
 +deb13u1.debian.tar.xz 
  3ff3c108eaa1155c243ed73014836e75bb520694 7565 qemu_10.0.2+ds-2+ 
 eb13u1_source.buildinfo 
 Checksums-Sha256: 
  b61a67c1b580435742e42613fa8d4d38f9abaa75fc9c034f7e650e62ed97720a 12455 
 qemu_10.0.2+ds-2+deb13u1.dsc 
  0901da33844a331bf8b3602b9c1fbd178e60b737c8e3ade678255bd090c9b9f1 39449628 
 qemu_10.0.2+ds.orig.tar.xz 
  7d77c31eaff3ce9ef265a9dbba0b5b05508003aad9a8d41cc7999063b671dd8f 139060 
 qemu_10.0.2+ds-2+deb13u1.debian.tar.xz 
  87d0ee897cce710d82f3077bea4cac389f354f83ed2e06385fcd2341f37af508 7565 
 qemu_10.0.2+ds-2+deb13u1_source.buildinfo 
 Files: 
  5891b15bfd0c8293134c785ae71bc44e 12455 otherosfs optional qemu_ 
 0.0.2+ds-2+deb13u1.dsc 
  ab6f1a263053221b049421b31f683047 39449628 otherosfs optional qe 
 u_10.0.2+ds.orig.tar.xz 
  9845432790844d8e7a3c1f3ae7e81c9f 139060 otherosfs optional qemu 
 10.0.2+ds-2+deb13u1.debian.tar.xz 
  2266abbc4d5d97c2f288183f35847a9a 7565 otherosfs optional qemu_1 
 .0.2+ds-2+deb13u1_source.buildinfo 
  
 -----BEGIN PGP SIGNATURE----- 
  
 iQIzBAEBCgAdFiEEZKoqtTHVaQM2a/75gqpKJDselHgFAmifmcYACgkQgqpKJDse 
 lHg8WA/+JKNjfF6w5YN6nwUh5BTu6TcwWsCVebE58P50nb6acBiqMlFThTke+rH3 
 4PlDpgyv1fNFho2k0981aV3onvEJ8QuV3ZZEF0DxGW78CAJatHlOaDT/Xm3zde61 
 kD8kbvzn2hFz9OfSS+LG2QjADvqql8jOCOi9zmrTpppjuOowijCw5lzLG4NwOIQb 
 JXROzMuRhNVTy9RDL3nySvUli/JhofL4MBsDvor/GbShZOg5Z/wcsNTowi8e79Lg 
 Q+WZM9Zc8uXRgJ0HahDuVtTGTCpwbUTevhC5sCd1BRAfgDSmFjNcdJNnc+j/3iDw 
 oEypSzQ74G4qce9lrmAq9JQf0GlE5y0TsG9DCbsCj2dVsHizwT7mnfs2ER2pBdc1 
 wKgxBISEW0kvfZkoAXJ7zVazAdoCFCK60oYd8VlWTBvB8hWTKdOQrQvyg2yfdEa4 
 31D6PEGF8VoSa2EmC5arVysHkJ/OkzYtuXgqIF3JqVHWA/JAjo3HBpDCWWsgsZCj 
 K5rezyl+rUe4QSEreJfugJ73n7AxlIWufZ1wbUnfGfeDWHq7B1cuVIDtWffbfLez 
 2hkcc4Olw0+rUXwN5xMUlpIIR2PHU7YrRdvxpmosD8m2EmBYL70Kkd1p1D7NP7Hf 
 6Tthiibka6qaZNjEWsx7xCV21n8PPF+EYFJupvNOSV6DcPhYzNM= 
 =C28a 
 -----END PGP SIGNATURE----- 
  
  
 --==============y63618410407907495=Content-Type: application/pgp-signature 
  
 -----BEGIN PGP SIGNATURE----- 
  
 iHUEABYIAB0WIQTziqJOuF8J+ZI8pJSb9qggYcy5IQUCaKuoEQAKCRCb9qggYcy5 
 IV5MAP4i9V+inL6Fj2vvMnOWKUYr88KdF4rRUeoOaNqdI6gijQD+PGTuvDo1pf9c 
 x2vg6tKh4LFxBdlylLfO7QKA01lqDQE=fXND 
 -----END PGP SIGNATURE----- 
  
 --- SoupGate-Win32 v1.05 
  * Origin: you cannot sedate... all the things you hate (1:229/2) 

[ list messages | list forums | previous | next | reply ]

search for:

328,100 visits
(c) 1994,  bbs@darkrealms.ca