ELSA-2014-1075 - qemu-kvm security and bug fix update
| Type: | SECURITY |
| Severity: | MODERATE |
| Release Date: | 2014-08-19 |
Description
[0.12.1.2-2.415.el6_5.14]
- The commit for zrelease .13 was incomplete; the changes to qemu-kvm.spec
did not include the '%patchNNNN -p1' lines for patches 4647 through 4655;
so although the patch files themselves were committed, the srpm build
did not pick them up. In addition, the commit log did not describe the
patches.
This commit corrects these problems and bumps the zrelease to .14.
[0.12.1.2-2.415.el6_5.13]
- kvm-block-Create-proper-size-file-for-disk-mirror.patch [bz#1109715]
- kvm-block-Fix-bdrv_is_allocated-return-value.patch [bz#1109715]
- kvm-scsi-bus-prepare-scsi_req_new-for-introduction-of-pars.patch [bz#1125131]
- kvm-scsi-bus-introduce-parse_cdb-in-SCSIDeviceClass-and-SC.patch [bz#1125131]
- kvm-scsi-block-extract-scsi_block_is_passthrough.patch [bz#1125131]
- kvm-scsi-block-scsi-generic-implement-parse_cdb.patch [bz#1125131]
- kvm-virtio-scsi-implement-parse_cdb.patch [bz#1125131]
- kvm-virtio-scsi-Fix-reset-callback-for-virtio-scsi.patch [bz#1123271]
- kvm-virtio-scsi-add-ioeventfd-support.patch [bz#1123271]
- Resolves: bz#1109715
(live incremental migration of vm with common shared base, size(disk) > size(base) transfers unallocated sectors, explodes disk on dest)
- Resolves: bz#1123271
(Enable ioenventfd for virtio-scsi-pci)
- Resolves: bz#1125131
([FJ6.5 Bug] SCSI command issued from KVM guest doesn't reach target device)
[0.12.1.2-2.415.el6_5.12]
- kvm-qcow-Return-real-error-code-in-qcow_open.txt [bz#1097225]
- kvm-qcow1-Make-padding-in-the-header-explicit.txt [bz#1097225]
- kvm-qcow1-Check-maximum-cluster-size.txt [bz#1097225]
- kvm-qcow1-Validate-L2-table-size-CVE-2014-0222.txt [bz#1097225]
- kvm-qcow1-Validate-image-size-CVE-2014-0223.txt [bz#1097234]
- kvm-qcow1-Stricter-backing-file-length-check.txt [bz#1097234]
- Resolves: bz#1097225
(CVE-2014-0222 qemu-kvm: Qemu: qcow1: validate L2 table size to avoid integer overflows [rhel-6.5.z])
- Resolves: bz#1097234
(CVE-2014-0223 qemu-kvm: Qemu: qcow1: validate image size to avoid out-of-bounds memory access [rhel-6.5.z])
[0.12.1.2-2.415.el6_5.11]
- kvm-block-Fix-bdrv_is_allocated-for-short-backing-files.patch [bz#1109715]
- Resolves: bz#1109715
(live incremental migration of vm with common shared base, size(disk) > size(base) transfers unallocated sectors, explodes disk on dest)
Related CVEs
Updated Packages
| Release/Architecture | Filename | MD5sum | Superseded By Advisory |
|
| Oracle Linux 6 (i386) | qemu-kvm-0.12.1.2-2.415.el6_5.14.src.rpm | 61b5c6a5fe75371e891e0a5a58e19228 | ELSA-2020-4056 |
| qemu-guest-agent-0.12.1.2-2.415.el6_5.14.i686.rpm | 46184ad3c3338d2418d864229316b49f | ELSA-2020-4056 |
|
| Oracle Linux 6 (x86_64) | qemu-kvm-0.12.1.2-2.415.el6_5.14.src.rpm | 61b5c6a5fe75371e891e0a5a58e19228 | ELSA-2020-4056 |
| qemu-guest-agent-0.12.1.2-2.415.el6_5.14.x86_64.rpm | 53d1578b3817d7cab5b318f4a3755afe | ELSA-2020-4056 |
| qemu-img-0.12.1.2-2.415.el6_5.14.x86_64.rpm | fcbc58e9bfa77e654e93f79a2677ba6f | ELSA-2020-4056 |
| qemu-kvm-0.12.1.2-2.415.el6_5.14.x86_64.rpm | 731e17a529370da3b61f02ecb2fa057e | ELSA-2020-4056 |
| qemu-kvm-tools-0.12.1.2-2.415.el6_5.14.x86_64.rpm | 254b8ffca7d0dedfa4c21fe04fb289af | ELSA-2020-4056 |
This page is generated automatically and has not been checked for errors or omissions. For clarification
or corrections please contact the Oracle Linux ULN team
