[SECURITY] [DLA 2469-1] qemu security update

To: debian-lts-announce@lists.debian.org
Subject: [SECURITY] [DLA 2469-1] qemu security update
From: Thorsten Alteholz <debian@alteholz.de>
Date: Sun, 29 Nov 2020 15:59:29 +0000 (UTC)
Message-id: <[🔎] alpine.DEB.2.21.2011291555510.1883@postfach.intern.alteholz.me>
Mail-followup-to: debian-lts@lists.debian.org
Reply-to: debian-lts@lists.debian.org

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

- -------------------------------------------------------------------------
Debian LTS Advisory DLA-2469-1                debian-lts@lists.debian.org
https://www.debian.org/lts/security/                    Thorsten Alteholz
November 29, 2020                             https://wiki.debian.org/LTS
- -------------------------------------------------------------------------

Package        : qemu
Version        : 1:2.8+dfsg-6+deb9u12
CVE ID         : CVE-2020-25085 CVE-2020-25624 CVE-2020-25625
                 CVE-2020-25723 CVE-2020-27617


Some issues have been found in qemu, a fast processor emulator.

All issues are related to assertion failures, out-of-bounds accessfailures or bad handling of return codes.



For Debian 9 stretch, these problems have been fixed in version
1:2.8+dfsg-6+deb9u12.

We recommend that you upgrade your qemu packages.

For the detailed security status of qemu please refer to
its security tracker page at:
https://security-tracker.debian.org/tracker/qemu

Further information about Debian LTS security advisories, how to apply
these updates to your system and frequently asked questions can be
found at: https://wiki.debian.org/LTS

-----BEGIN PGP SIGNATURE-----

iQKTBAEBCgB9FiEEYgH7/9u94Hgi6ruWlvysDTh7WEcFAl/DxWFfFIAAAAAALgAo
aXNzdWVyLWZwckBub3RhdGlvbnMub3BlbnBncC5maWZ0aGhvcnNlbWFuLm5ldDYy
MDFGQkZGREJCREUwNzgyMkVBQkI5Njk2RkNBQzBEMzg3QjU4NDcACgkQlvysDTh7
WEenag/5AYMCS+36DZITDfveDSfzQc6Mh4tsk67Qc6MXRoM2hNUorYV+RjcuTFs3
CiZqLWqYDtR7YfXhmP8ucE7H22eJVOkv9H/UR0ynqkqr3wJlMm/y81mK5RlQGc8I
E/RK1O2bxJeD/q6DblJrqzIMlPlcteeF4cgJtskHUPEcEXf8Zt9O06g4qNsrD1aZ
bwCyDVCAl37faL5RlKQQ61wRSN4BSJ+tiiJFi4iUmcoaqxLKFV01H3Tl3tLzI2Na
nJONDP9dq/Vyeom5hb/e0u/cedq5yPrOxT6lBsf+eqVUiYUrK9CevtJFrf2I8c7A
oNJJiJ0I33EzTSbJOral+lWoVyOB85reAwIQ6RZ0XnFA3HU3HSd7EUIyMtuoLMY6
wPd2yZxSV8AbYAokNg/k6uHUPo+0TMDKtSaYzaHCKUj+5U0N0RzMbx1Z0j2rkCia
Wx1RN3uX0MDXAH1HwWL86HttblvbV44GAqJVDa/fZroqlL+sRbCkF4ylZ/TsH1OJ
P8mD/kL16VxFn6MaUYOUz2TO2PRGm9/r2QX7mD5aRm8UdpfZNGw8gtu0xVPzVVcj
UNphG0mRlPVqFimr3pde3vcNneXt9T2bf3tEvhxMLElOku2qo4NsnjszTkferZhj
i2O/le22uF5vlhWDqtnSxM8lDHkO0ZWsdg8q4XGKh6k8LwqconE=
=CqLu
-----END PGP SIGNATURE-----

Reply to:

Prev by Date: [SECURITY] [DLA 2468-1] tcpflow security update
Next by Date: [SECURITY] [DLA 2472-1] mutt security update
Previous by thread: [SECURITY] [DLA 2468-1] tcpflow security update
Next by thread: [SECURITY] [DLA 2472-1] mutt security update
Index(es):
- Date
- Thread