home  bbs  files  messages ]

      ZZLI4418             linux.debian.changes             419 messages      

[ previous | next | reply ]

[ list messages | list forums ]

  Msg # 52 of 419 on ZZLI4418, Tuesday 8-25-25, 12:59  
  From: DEBIAN FTP MASTERS  
  To: ALL  
  Subj: Accepted qemu 1:7.2+dfsg-7+deb12u15 (sou  
 From: ftpmaster@ftp-master.debian.org 
  
 -----BEGIN PGP SIGNED MESSAGE----- 
 Hash: SHA512 
  
 Format: 1.8 
 Date: Fri, 15 Aug 2025 23:27:17 +0300 
 Source: qemu 
 Architecture: source 
 Version: 1:7.2+dfsg-7+deb12u15 
 Distribution: bookworm-security 
 Urgency: medium 
 Maintainer: Debian QEMU Team  
 Changed-By: Michael Tokarev  
 Changes: 
  qemu (1:7.2+dfsg-7+deb12u15) bookworm-security; urgency=medium 
  . 
    * d/binfmt-install: stop using C (Credentials) flag for binfmt_misc 
      registration.  qemu-user binaries were never meant to be used in 
      suid/sgid scenarios, but was used in debian since late 2009.  Any 
      foreign suid/sgid binary accessible to the users, in presence of 
      qemu-user binfmt, is trivially exploitable to gain elevated privileges. 
      This change might break existing setups since for many years people 
      relied on qemu-user binfmt working with suid binaries, but this is 
      a situation where it is definitely better be safe than sorry. 
 Checksums-Sha1: 
  e0eab422f12a852146c4f3c4406c2587c4705f22 6811 qemu_7.2+dfsg-7+deb12u15.dsc 
  6ea9655c72a2f21ed0d301479e11194c84978514 23523172 qemu_7.2+dfsg.orig.tar.xz 
  5600aa0d61b53256190e83b7a57621db0e884342 376508 qemu_7.2+dfsg-7 
 deb12u15.debian.tar.xz 
  276fbbc25e704421a493989d8d5ced91f702254a 16721 qemu_7.2+dfsg-7+ 
 eb12u15_source.buildinfo 
 Checksums-Sha256: 
  b5aa6d140a2138cc46a7e873552d351d9513c38f91e447bba44b1e300016e1d2 6811 
 qemu_7.2+dfsg-7+deb12u15.dsc 
  91aca71520040edc40b8d437aa3004dae614f58e286cf653ee8996c07af2962f 23523172 
 qemu_7.2+dfsg.orig.tar.xz 
  8fda07872ce40af2b952d00b11eb03e4c45cf5604a3a6521f608457ead8e5703 376508 
 qemu_7.2+dfsg-7+deb12u15.debian.tar.xz 
  407d0436eeeca76a8c94e4112b497c2119316c7e1962d4f7922047bcd1492c83 16721 
 qemu_7.2+dfsg-7+deb12u15_source.buildinfo 
 Files: 
  deac6b4327abaaf1de8718cab4d7d9d7 6811 otherosfs optional qemu_7 
 2+dfsg-7+deb12u15.dsc 
  865ae004abc45245029b6812734365c8 23523172 otherosfs optional qe 
 u_7.2+dfsg.orig.tar.xz 
  4518ab09e2c88a81dcabaf0cbb1ba442 376508 otherosfs optional qemu 
 7.2+dfsg-7+deb12u15.debian.tar.xz 
  13cdb175edff4bf1e1ca476257351a8e 16721 otherosfs optional qemu_ 
 .2+dfsg-7+deb12u15_source.buildinfo 
  
 -----BEGIN PGP SIGNATURE----- 
  
 iQIzBAEBCgAdFiEEZKoqtTHVaQM2a/75gqpKJDselHgFAmifmUAACgkQgqpKJDse 
 lHgTaA//SXR+Cd7ZhSQUL0KnylzJaDI42YNghdXESdCm3711YvKEIGw5jBqREURq 
 s2DjjiYh86djCrfm5XKtx0+wPOfHyOIqCFdpqFV2c+3QN7F7Nt94Fv4rdDouUHcm 
 NoTN8nze6EU/FZ8FsHgl2ctA+Y8dYZ+pvJSwkWjfYzXUZ78rxXPuYTCwcQfA/3VY 
 z3N4i0MdLlGI97Fnr16fhJ+F08VY1auYZy/EYvSvNRjEAhivj6bRNk5x4rAK+0L3 
 q3xHFcJ69Lt88doEObdSYWd/oIXdF5Gy3Z76N4wJ6t2iLM9KYOG4ZOE0Dz/taNdE 
 6BmYfAXwYdRaTOVFPysd6ngpQV80lxYioHP3SqWZCWc/kRqOA/BJBtnWKUsy69LO 
 4aOTystiNR2HponlFlOPxB026n/8R4pCk/yq/lFYoKJizlBAwzuti2px/LK5qsuM 
 zceQwX6PNMRA9Gq/nrJXDlKSk927guoSZA/2u8o3tpgcz7sBxxaJqVJnMF+Ncxe3 
 vt89aav+PlKOEl3IPywU0wbHS6UvtNo2xfKn7gEfQffAk+8S3zV3U9hNbzFuAHjy 
 qQ23wY9U3Dgx4YhPGV7Gchjwtn3/akAxdEpYnwjL1Zvzk0FU46HmU413tDmdlRV7 
 FqsdqY5FkK0C6jqjyLD2FqG1lNyXnSJnl80t9VgnOUs3+hDNtP8= 
 =3yI8 
 -----END PGP SIGNATURE----- 
  
  
 --============== 44355224837053607=Content-Type: application/pgp-signature 
  
 -----BEGIN PGP SIGNATURE----- 
  
 iHUEABYIAB0WIQTziqJOuF8J+ZI8pJSb9qggYcy5IQUCaKuoUgAKCRCb9qggYcy5 
 IS4IAP43RzCQ8Md9i/DBJqhB4IXZafeSBNoMhJTHdB7HIkTcXwEA6f34K+UtXqnd 
 sOUIPQI0X6It3gSBpYC15ed4QgmAgwk=bJMY 
 -----END PGP SIGNATURE----- 
  
 --- SoupGate-Win32 v1.05 
  * Origin: you cannot sedate... all the things you hate (1:229/2) 

[ list messages | list forums | previous | next | reply ]

search for:

328,127 visits
(c) 1994,  bbs@darkrealms.ca