Changelog
qemu (1:2.8+dfsg-6+deb9u3) stretch-security; urgency=high
* xhci-dont-kick-in-xhci_submit-and-xhci_fire_ctl_transfer.patch
This is a pre-required patch for the next patch to work right.
Closes: #869945
* xhci-guard-xhci_kick_epctx-against-recursive-calls-CVE-2017-9375.patch
After applying previous patch, this one can be applied again
Closes: #864219, CVE-2017-9375
* ide-do-not-flush-empty-CDROM-drives-CVE-2017-12809.patch
Closes: #873849, CVE-2017-12809
* vga-stop-passing-pointers-to-vga_draw_line-functions-CVE-2017-13672.patch
Closes: #873851, CVE-2017-13672
* multiboot-validate-multiboot-header-address-values-CVE-2017-14167.patch
Closes: #874606, CVE-2017-14167
* slirp-fix-clearing-ifq_so-from-pending-packets-CVE-2017-13711.patch
Closes: #873875, CVE-2017-13711
* exec-add-lock-parameter-to-qemu_ram_ptr_length.patch
upstream patch fixing memory leak after
exec-use-qemu_ram_ptr_length-to-access-guest-ram-CVE-2017-11334.patch
Closes: #871648, #871702, #872257
-- Michael Tokarev <email address hidden> Mon, 02 Oct 2017 16:11:47 +0300