Bug#686977: marked as done (CVE-2012-2652)

[Debian Bug Tracking System]

Your message dated Sun, 09 Sep 2012 15:02:54 +0000
with message-id <e1taj2e-0003pu...@franck.debian.org>
and subject line Bug#686977: fixed in qemu-kvm 0.12.5+dfsg-5+squeeze9
has caused the Debian Bug report #686977,
regarding CVE-2012-2652
to be marked as done.

This means that you claim that the problem has been dealt with.
If this is not the case it is now your responsibility to reopen the
Bug report if necessary, and/or fix the problem forthwith.

(NB: If you are a system administrator and have no idea what this
message is talking about, this may indicate a serious mail system
misconfiguration somewhere. Please contact ow...@bugs.debian.org
immediately.)


-- 
686977: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=686977
Debian Bug Tracking System
Contact ow...@bugs.debian.org with problems

--- Begin Message ---

Package: qemu
Severity: grave
Tags: security

Please see https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2012-2652 for
details and a reference to the upstream patch.

Cheers,
        Moritz

--- End Message ---

--- Begin Message ---

Source: qemu-kvm
Source-Version: 0.12.5+dfsg-5+squeeze9

We believe that the bug you reported is fixed in the latest version of
qemu-kvm, which is due to be installed in the Debian FTP archive.

A summary of the changes between this version and the previous one is
attached.

Thank you for reporting the bug, which will now be closed.  If you
have further comments please address them to 686...@bugs.debian.org,
and the maintainer will reopen the bug report if appropriate.

Debian distribution maintenance software
pp.
Michael Tokarev <m...@tls.msk.ru> (supplier of updated qemu-kvm package)

(This message was generated automatically at their request; if you
believe that there is a problem with it please contact the archive
administrators by mailing ftpmas...@debian.org)


-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Format: 1.8
Date: Sat, 08 Sep 2012 09:36:46 +0400
Source: qemu-kvm
Binary: qemu-kvm qemu-kvm-dbg kvm
Architecture: source i386
Version: 0.12.5+dfsg-5+squeeze9
Distribution: stable-security
Urgency: low
Maintainer: Jan Lübbe <jlue...@debian.org>
Changed-By: Michael Tokarev <m...@tls.msk.ru>
Description: 
 kvm        - dummy transitional package from kvm to qemu-kvm
 qemu-kvm   - Full virtualization on x86 hardware
 qemu-kvm-dbg - Debugging info for qemu-kvm
Closes: 686974 686977
Changes: 
 qemu-kvm (0.12.5+dfsg-5+squeeze9) stable-security; urgency=low
 .
   * console-bounds-check-whenever-changing-the-cursor-CVE-2012-3515.patch
     upstream fix for CVE-2012-3515, VT100 emulation vulnerability.
     (Closes: #686974)
   * block-prevent-snapshot-mode-TMPDIR-symlink-attack-CVE-2012-2652.patch
     upstream fix for CVE-2012-2652, symlink attacks in snapshot mode.
     (Closes: #686977)
Checksums-Sha1: 
 ea8adf0237bec21decfd135db1c9d37d6c8d0c32 1814 
qemu-kvm_0.12.5+dfsg-5+squeeze9.dsc
 765a13c805895fcf37e45cb1b9c090836429c4f8 317192 
qemu-kvm_0.12.5+dfsg-5+squeeze9.diff.gz
 e45d5a1eeab366740c7eb0cab37862f1f0a8ae6e 1498508 
qemu-kvm_0.12.5+dfsg-5+squeeze9_i386.deb
 e2279a3818171b2b748e1fd0c4bbafb0c1bf3e07 2787306 
qemu-kvm-dbg_0.12.5+dfsg-5+squeeze9_i386.deb
 7d629bd2c17bfa27d38fe08601cb643dfe3a04fc 13866 
kvm_0.12.5+dfsg-5+squeeze9_i386.deb
Checksums-Sha256: 
 a042a27b0b424f497bcdf2df3abdf4818979e656de3e76828e0e9c7a0f6f7d60 1814 
qemu-kvm_0.12.5+dfsg-5+squeeze9.dsc
 d693c0ddb774cadad135daae29b25468a899ef427817a496986cb0484cfbf4b6 317192 
qemu-kvm_0.12.5+dfsg-5+squeeze9.diff.gz
 f3d3d28af17e4d3b026db4440f7e36fdb280aa98893faec1c66bea95bba8d99f 1498508 
qemu-kvm_0.12.5+dfsg-5+squeeze9_i386.deb
 188d49a931c6c3151754817ce662028bb61b4861c0a05404838a9e0feac85181 2787306 
qemu-kvm-dbg_0.12.5+dfsg-5+squeeze9_i386.deb
 5e7fd91938234979cbdec347232a8f96cfe93480fc4b0bd2a0ca2ff921c3a96a 13866 
kvm_0.12.5+dfsg-5+squeeze9_i386.deb
Files: 
 d0c1dde3c47aa7b4e2e42092288f9fd4 1814 misc optional 
qemu-kvm_0.12.5+dfsg-5+squeeze9.dsc
 ca4d171180f908cb6fb8ef1d6137d26e 317192 misc optional 
qemu-kvm_0.12.5+dfsg-5+squeeze9.diff.gz
 017bed51cd2b9a56526b85d47553b3ba 1498508 misc optional 
qemu-kvm_0.12.5+dfsg-5+squeeze9_i386.deb
 44be8545b7d540f4a931e62779c573ba 2787306 debug extra 
qemu-kvm-dbg_0.12.5+dfsg-5+squeeze9_i386.deb
 55692e66c03b12d8d7d3e73d76fcdbf3 13866 oldlibs extra 
kvm_0.12.5+dfsg-5+squeeze9_i386.deb

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.12 (GNU/Linux)

iJwEAQECAAYFAlBK390ACgkQUlPFrXTwyDh3aAP/eq4FfIdrfeLFbuwuzreTJy+e
58Es97zNbGZI+rXYAxWlCnMjHMnQ0mLdfw9F5K17LNQH1CdAJIr5FhPaWchjLcB3
m2w1IZpDaSWPhPL7I03JJA99piy29kqEX5aiotq7v7BDIkz+6Owa2VkggJ2PYXxl
+clz+LWWZEJDhN93uE8=
=T9W/
-----END PGP SIGNATURE-----

--- End Message ---