-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Format: 1.8
Date: Sat, 21 May 2011 10:45:52 +0400
Source: qemu-kvm
Binary: qemu-kvm qemu-kvm-dbg kvm
Architecture: source i386
Version: 0.12.5+dfsg-5+squeeze2
Distribution: stable-security
Urgency: high
Maintainer: Jan Lübbe <jluebbe@debian.org>
Changed-By: Michael Tokarev <mjt@tls.msk.ru>
Description: 
 kvm        - dummy transitional package from kvm to qemu-kvm
 qemu-kvm   - Full virtualization on x86 hardware
 qemu-kvm-dbg - Debugging info for qemu-kvm
Closes: 627448
Changes: 
 qemu-kvm (0.12.5+dfsg-5+squeeze2) stable-security; urgency=high
 .
   * fix CVE-2011-1751 for 0.12.  The actual fix is in
     hotplug-4-ignore-pci-hotplug-requests-for-unpluggable-devices-CVE-2011-1751
     but that change, while trivial, required 6 more changes to be backported
     to 0.12:
    o pci-cleanly-backout-of-pci_qdev_init-925fe64ae7
       (moving common code to a separate function and using it from another
       place to fix a memory leak)
    o hotplug-0-acpi_piix4-qdevfy-e8ec0571e1
       this qdevifies acpi_piix4 device
    o hotplug-1-pci-allow-devices-being-tagged-as-not-hotpluggable-180c22e18b
       introduce a "no_hotplug" attribute and check it in common places
       to ensure such devices wont be hot-(un)plugged.  This needs
       the pci-cleanly-backout-of-pci_qdev_init patch mentioned above
    o hotplug-2-piix-tag-as-not-hotpluggable-0965f12da6
    o hotplug-3-vga-tag-as-not-hotplugable-be92bbf73d
       mark certain devices as non-hotpluggable
     And finally the actual fix for CVE-2011-1751, which verifies the
     no_hotplug attribute when handling hot-unplug request from guest.
     (closes: #627448)
Checksums-Sha1: 
 c3928fa7262371ef4a0b4061a62338a1b7ed9ad7 1688 qemu-kvm_0.12.5+dfsg-5+squeeze2.dsc
 2cc46474c3befb09320829b36868f1418569b57e 305179 qemu-kvm_0.12.5+dfsg-5+squeeze2.diff.gz
 2739d3ef81bf7fca6d56eef9e6d6b4ae164a4a23 1503126 qemu-kvm_0.12.5+dfsg-5+squeeze2_i386.deb
 4bff60472840f5fedf82baa8885d45527a750d3f 2787362 qemu-kvm-dbg_0.12.5+dfsg-5+squeeze2_i386.deb
 235b9fac4032b33b8728e15af8959078818181df 12938 kvm_0.12.5+dfsg-5+squeeze2_i386.deb
Checksums-Sha256: 
 c91738d633be356e4694072eea98a7c0b24257dc2b944083fe220d70baaf5d37 1688 qemu-kvm_0.12.5+dfsg-5+squeeze2.dsc
 4aeeb278ea738e2da51f3e0b01dd9804a3c4ec81b6cd21303caf83326ce5a755 305179 qemu-kvm_0.12.5+dfsg-5+squeeze2.diff.gz
 608ae97258cbb5bd5ae12ea0bdc4c82654318b9beb453c692e530eabdc3d43a8 1503126 qemu-kvm_0.12.5+dfsg-5+squeeze2_i386.deb
 bbfd73baa964342b54af2de0debd6965ec04097bcb7cf443f65483178cf3d1c0 2787362 qemu-kvm-dbg_0.12.5+dfsg-5+squeeze2_i386.deb
 09a281ef16543076fd79a9ac0c7f98b2f3049e746e7b0ca7914b559d306316b1 12938 kvm_0.12.5+dfsg-5+squeeze2_i386.deb
Files: 
 96cb2e91d0df3b8f32fcf626da1b6494 1688 misc optional qemu-kvm_0.12.5+dfsg-5+squeeze2.dsc
 f16806be78c550e9451e9a0729621841 305179 misc optional qemu-kvm_0.12.5+dfsg-5+squeeze2.diff.gz
 2fa9dc17741424d76edf0733fe4a563c 1503126 misc optional qemu-kvm_0.12.5+dfsg-5+squeeze2_i386.deb
 5f88bcfdb592926b0d2de52288ff4a8e 2787362 debug extra qemu-kvm-dbg_0.12.5+dfsg-5+squeeze2_i386.deb
 6a51a60d342b81ad529bc0c28f84a426 12938 oldlibs extra kvm_0.12.5+dfsg-5+squeeze2_i386.deb

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.11 (GNU/Linux)

iD8DBQFN2plzn88szT8+ZCYRAum7AJ48XGkrGmyuauB1cjez23gdpSS+XwCcCRzo
mgUiE3gZKRWeJdyOUV7SmDg=
=+bBH
-----END PGP SIGNATURE-----