Your message dated Wed, 10 Feb 2016 22:19:42 +0000 with message-id <e1atd6s-0000qd...@franck.debian.org> and subject line Bug#808130: fixed in qemu 1.1.2+dfsg-6a+deb7u12 has caused the Debian Bug report #808130, regarding CVE-2015-8504: vnc floating point exception to be marked as done.
This means that you claim that the problem has been dealt with. If this is not the case it is now your responsibility to reopen the Bug report if necessary, and/or fix the problem forthwith. (NB: If you are a system administrator and have no idea what this message is talking about, this may indicate a serious mail system misconfiguration somewhere. Please contact ow...@bugs.debian.org immediately.) -- 808130: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=808130 Debian Bug Tracking System Contact ow...@bugs.debian.org with problems
--- Begin Message ---Source: qemu Version: 1:2.1+dfsg-12 Severity: important Tags: security upstream patch fixed-upstream There's a floating point exception in qemu-system vnc server, being tracked as CVE-2015-8504. Upstream commit: http://git.qemu.org/?p=qemu.git;a=commit;h=4c65fed8bdf96780735dbdb92a8bd0d6b6526cc3
--- End Message ---
--- Begin Message ---Source: qemu Source-Version: 1.1.2+dfsg-6a+deb7u12 We believe that the bug you reported is fixed in the latest version of qemu, which is due to be installed in the Debian FTP archive. A summary of the changes between this version and the previous one is attached. Thank you for reporting the bug, which will now be closed. If you have further comments please address them to 808...@bugs.debian.org, and the maintainer will reopen the bug report if appropriate. Debian distribution maintenance software pp. Michael Tokarev <m...@tls.msk.ru> (supplier of updated qemu package) (This message was generated automatically at their request; if you believe that there is a problem with it please contact the archive administrators by mailing ftpmas...@ftp-master.debian.org) -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Format: 1.8 Date: Mon, 01 Feb 2016 23:53:18 +0300 Source: qemu Binary: qemu qemu-keymaps qemu-system qemu-user qemu-user-static qemu-utils Architecture: source all amd64 Version: 1.1.2+dfsg-6a+deb7u12 Distribution: wheezy-security Urgency: high Maintainer: Debian QEMU Team <pkg-qemu-de...@lists.alioth.debian.org> Changed-By: Michael Tokarev <m...@tls.msk.ru> Description: qemu - fast processor emulator qemu-keymaps - QEMU keyboard maps qemu-system - QEMU full system emulation binaries qemu-user - QEMU user mode emulation binaries qemu-user-static - QEMU user mode emulation binaries (static version) qemu-utils - QEMU utilities Closes: 799452 806373 806741 806742 808130 808144 810519 810527 811201 Changes: qemu (1.1.2+dfsg-6a+deb7u12) wheezy-security; urgency=high . * applied 3 patches from upstream to fix virtio-net possible remote DoS (Closes: #799452 CVE-2015-7295) * pcnet-add-check-to-validate-receive-data-size-CVE-2015-7504.patch (Closes: #806742, CVE-2015-7504) * pcnet-fix-rx-buffer-overflow-CVE-2015-7512.patch (Closes: #806741, CVE-2015-7512) * eepro100-prevent-two-endless-loops-CVE-2015-8345.patch (Closes: #806373, CVE-2015-8345) * vnc-avoid-floating-point-exception-CVE-2015-8504.patch (Closes: #808130, CVE-2015-8504) * ehci-make-idt-processing-more-robust-CVE-2015-8558.patch (Closes: #808144, CVE-2015-8558) * net-ne2000-fix-bounds-check-in-ioport-operations-CVE-2015-8743.patch (Closes: #810519, CVE-2015-8743) * ide-ahci-reset-ncq-object-to-unused-on-error-CVE-2016-1568.patch (Closes: #810527, CVE-2016-1568) * fw_cfg-add-check-to-validate-current-entry-value-CVE-2016-1714.patch (Closes: CVE-2016-1714) * i386-avoid-null-pointer-dereference-CVE-2016-1922.patch (Closes: #811201, CVE-2016-1922) Checksums-Sha1: 8049b20d54a826ef824e18960b998c7557472b3f 2621 qemu_1.1.2+dfsg-6a+deb7u12.dsc ca5c1f97e6613394e18a96d79a2bfccdb6755104 128897 qemu_1.1.2+dfsg-6a+deb7u12.debian.tar.gz badd7b02e3010f7cf7f65f058ab1daa28f954dd0 50882 qemu-keymaps_1.1.2+dfsg-6a+deb7u12_all.deb ecb7a59bce9585e695c94850c7d1fdc54ea86a70 116268 qemu_1.1.2+dfsg-6a+deb7u12_amd64.deb 366ea277a6675ee9c9884b190eb7dc136bc1c6bb 27900478 qemu-system_1.1.2+dfsg-6a+deb7u12_amd64.deb c673b5e8aa3859846ebfebea3f23ba87d563ba08 7725480 qemu-user_1.1.2+dfsg-6a+deb7u12_amd64.deb 0fba70fb45d9378bb2dc99cf624b03f5f689d8b7 16572050 qemu-user-static_1.1.2+dfsg-6a+deb7u12_amd64.deb 7799b60222d8d4281baba8c15fa902a0170f7ede 665080 qemu-utils_1.1.2+dfsg-6a+deb7u12_amd64.deb Checksums-Sha256: 11de5b757f0daa8c0076e145f126b0468359d1273544c8b9cfeddb47273d4ad1 2621 qemu_1.1.2+dfsg-6a+deb7u12.dsc d023bfd26e9daada179627de8a25167e5534cb993261d3c5950036d7a6298cf1 128897 qemu_1.1.2+dfsg-6a+deb7u12.debian.tar.gz 5894b3037f5676b4058bb84b7a00166f56a3a596278aa2e457ded016ab22e1f9 50882 qemu-keymaps_1.1.2+dfsg-6a+deb7u12_all.deb f10a04468db9370f5121544bd4fc7b252956004eabe797c2a4dfec8f946eb344 116268 qemu_1.1.2+dfsg-6a+deb7u12_amd64.deb a7a6b8ad63fd2cc74198196ed2aac6c73083cc0c017395a9b6513ecc683e14d7 27900478 qemu-system_1.1.2+dfsg-6a+deb7u12_amd64.deb 14cb7234e0222403ca93d419c63e3195d89eac8c4fd5649e5a43eaf85565c6f6 7725480 qemu-user_1.1.2+dfsg-6a+deb7u12_amd64.deb 8ffeb21eba671458ed27b09a46d8872430c76ec4213caff4e498a2cdfaca0097 16572050 qemu-user-static_1.1.2+dfsg-6a+deb7u12_amd64.deb f3ee3a38739f62b2d3e6cf8daa19dd6e055a7d8c26f8b3afeefbbe8cd0f91046 665080 qemu-utils_1.1.2+dfsg-6a+deb7u12_amd64.deb Files: 5573dde7e7e417b8c8e0a169ffe1ae34 2621 misc optional qemu_1.1.2+dfsg-6a+deb7u12.dsc c40eb75e7070afc3ba085b11da235550 128897 misc optional qemu_1.1.2+dfsg-6a+deb7u12.debian.tar.gz 05657f12419d2284668c789ae1d03241 50882 misc optional qemu-keymaps_1.1.2+dfsg-6a+deb7u12_all.deb eee10df8a64c7e1a26dea186a6e97b81 116268 misc optional qemu_1.1.2+dfsg-6a+deb7u12_amd64.deb f7cb8e1521d5cc0509c366584607ecb9 27900478 misc optional qemu-system_1.1.2+dfsg-6a+deb7u12_amd64.deb fc1e6e19ecf87d653109ec0b428c5c51 7725480 misc optional qemu-user_1.1.2+dfsg-6a+deb7u12_amd64.deb 6888dbf0cba12930a94d7692a4ac57df 16572050 misc optional qemu-user-static_1.1.2+dfsg-6a+deb7u12_amd64.deb 6005db4212db4b1cb3aaf40a9baff08d 665080 misc optional qemu-utils_1.1.2+dfsg-6a+deb7u12_amd64.deb -----BEGIN PGP SIGNATURE----- Version: GnuPG v1 iQEcBAEBAgAGBQJWr8h4AAoJEL7lnXSkw9fbz7cH/0JQgJtjbVhQSExe/LQF/geu Kad4NMhtC3biiA+kBuRcPwpocrCBFhzjkV98kLZbwXMfp1yONGpr1NmOZA+A4Bn7 Bmos6s1GiA6UTgwyo08b5UjYSdqMABdFKFeWkyeOhj68H72yAXQBbxV8PEa19YpR GOVvj6h5/WPtwktbAZfRj3TrJOakcigmnuUGbvOO3yX8zAlJqR04rF1szN7JZADa fPsaYxokXxeN4qIrA5/iBSa70/eKIL2i8Hd7tW4jM2Q/vX94HMQHcrchXFEIgJ7v wVjT8urHMu3DzkTys70uP9bxHbigen2L4rFImFdI/pWZlBls9eFQaQ+1E/aTEmI= =V5vA -----END PGP SIGNATURE-----
--- End Message ---
