ELSA-2018-4313

ELSA-2018-4313 - qemu security update

Type:SECURITY
Severity:IMPORTANT
Release Date:2018-12-21

Description


[15:3.0.0-3.el7]
- monitor: guard iothread access by mon->use_io_thread (Wolfgang Bumiller) [Orabug: 29046045]
- monitor: delay monitor iothread creation (Wolfgang Bumiller) [Orabug: 29010480]
- Revert 'qmp: isolate responses into io thread' (Marc-Andre Lureau) [Orabug: 29010480]
- usb-mtp: outlaw slashes in filenames (Gerd Hoffmann) [Orabug: 29037012] {CVE-2018-16867}

[15:3.0.0-2.el7]
- vfio-pci: emit FAILOVER_PRIMARY_CHANGED event on guest behalf when unrealized (Si-Wei Liu) [Orabug: 29011784]
- vfio-pci: add FAILOVER_PRIMARY_CHANGED event to shorten downtime during failover (Si-Wei Liu) [Orabug: 29011776]
- virtio_net: Add support for 'Data Path Switching' during Live Migration. (Venu Busireddy) [Orabug: 28732921]
- parfait: Run static analysis when --with parfait specified (Liam Merwick) [Orabug: 28625099]
- parfait: add buildrpm/parfait-qemu.conf (Liam Merwick) [Orabug: 28625099]
- configure: Provide option to explicitly disable AVX2 (Liam Merwick) [Orabug: 28625099]
- lsi53c895a: convert to trace-events (Mark Cave-Ayland) [Orabug: 29011792]
- lsi: Reselection needed to remove pending commands from queue (George Kennedy) [Orabug: 28626593]
- lsi53c895a: check message length value is valid (Prasad J Pandit) [Orabug: 28873239] {CVE-2018-18849}
- 9p: fix QEMU crash when renaming files (Greg Kurz) [Orabug: 28971710] {CVE-2018-19489}
- 9p: take write lock on fid path updates (CVE-2018-19364) (Greg Kurz) [Orabug: 28957033] {CVE-2018-19364}
- nvme: fix out-of-bounds access to the CMB (Paolo Bonzini) [Orabug: 28885521] {CVE-2018-16847}
- kvm: x86: Fix kvm_arch_fixup_msi_route for remap-less case (Jan Kiszka) [Orabug: 28891193]
- i386: Add new model of Cascadelake-Server (Tao Xu) [Orabug: 28886460]
- i386: Add PKU on Skylake-Server CPU model (Tao Xu) [Orabug: 28886461]


Related CVEs


CVE-2018-16867

Updated Packages


Release/ArchitectureFilenameMD5sumSuperseded By Advisory
Oracle Linux 7 (aarch64) qemu-3.0.0-3.el7.src.rpm01ee74228dc7a7d766306614311e12d3-
ivshmem-tools-3.0.0-3.el7.aarch64.rpm4e229758a69529c9e5eb7ae2350b877d-
qemu-3.0.0-3.el7.aarch64.rpm696e3c67830a95d681b922040af5ceec-
qemu-block-gluster-3.0.0-3.el7.aarch64.rpmcfa76715df77b420ecc6feb5efabed29-
qemu-block-iscsi-3.0.0-3.el7.aarch64.rpmb9a73955c653d0d34fc4a5099ca1fb85-
qemu-block-rbd-3.0.0-3.el7.aarch64.rpm6160bb6bb55acc05291fe91da196db8c-
qemu-common-3.0.0-3.el7.aarch64.rpmcab3e629e525e47152f3dda26191da8e-
qemu-img-3.0.0-3.el7.aarch64.rpm5d0c284bd5381ef19f22d419f6696465-
qemu-kvm-3.0.0-3.el7.aarch64.rpm27501e3e0ec9834cdaaeb183c555d829-
qemu-kvm-core-3.0.0-3.el7.aarch64.rpme08a2846508005cb26904f77758550f8-
qemu-system-aarch64-3.0.0-3.el7.aarch64.rpm76aed19e3cf2a45775680e940bec5e40-
qemu-system-aarch64-core-3.0.0-3.el7.aarch64.rpm2dcbd519ccda30a626f11f8e37418d21-
Oracle Linux 7 (x86_64) qemu-3.0.0-3.el7.src.rpm01ee74228dc7a7d766306614311e12d3-
qemu-3.0.0-3.el7.x86_64.rpm263fcf57e60e3f623222211334afb8f6-
qemu-block-gluster-3.0.0-3.el7.x86_64.rpm05b2843d894f0a5f256e6b34370391cf-
qemu-block-iscsi-3.0.0-3.el7.x86_64.rpmbf86a4182dbc09165f9c22680de4ec7f-
qemu-block-rbd-3.0.0-3.el7.x86_64.rpm03e3cf81bbdb8d0aaa04894199adf553-
qemu-common-3.0.0-3.el7.x86_64.rpm0cdab4d1b6da0a14caf417a45c63a0c1-
qemu-img-3.0.0-3.el7.x86_64.rpmf29fd5559c2cd79747082db29d8ecacd-
qemu-kvm-3.0.0-3.el7.x86_64.rpm8dd9744b945ab3fe1c44242f41d5a23d-
qemu-kvm-core-3.0.0-3.el7.x86_64.rpm6526ead59608505c021d63e751d241d3-



This page is generated automatically and has not been checked for errors or omissions. For clarification or corrections please contact the Oracle Linux ULN team

software.hardware.complete