ELSA-2019-4713

ELSA-2019-4713 - qemu security update

Type:SECURITY
Severity:IMPORTANT
Release Date:2019-07-10

Description


[15:3.1.0-5.el7]
- Only enable the halt poll control MSR if it is supported by the host (Mark
Kanda) [Orabug: 29946722]

[15:3.1.0-4.el7]
- kvm: i386: halt poll control MSR support (Marcelo Tosatti) [Orabug: 29933278]
- Document CVEs as fixed: CVE-2017-9524, CVE-2017-6058, CVE-2017-5931 (Mark Kanda) [Orabug: 29886908] {CVE-2017-5931} {CVE-2017-6058} {CVE-2017-9524}
- pvrdma: release device resources in case of an error (Prasad J Pandit) [Orabug: 29056678] {CVE-2018-20123}
- qxl: check release info object (Prasad J Pandit) [Orabug: 29886906] {CVE-2019-12155}
- target/i386: add MDS-NO feature (Paolo Bonzini) [Orabug: 29820428] {CVE-2018-12126} {CVE-2018-12127} {CVE-2018-12130} {CVE-2019-11091}
- docs: recommend use of md-clear feature on all Intel CPUs (Daniel P. Berrange) [Orabug: 29820428] {CVE-2018-12126} {CVE-2018-12127} {CVE-2018-12130} {CVE-2019-11091}
- target/i386: define md-clear bit (Paolo Bonzini) [Orabug: 29820428] {CVE-2018-12126} {CVE-2018-12127} {CVE-2018-12130} {CVE-2019-11091}
- pvh: block migration if booting using PVH (Liam Merwick) [Orabug: 29796676]
- hw/i386/pc: run the multiboot loader before the PVH loader (Stefano Garzarella) [Orabug: 29796676]
- optionrom/pvh: load initrd from fw_cfg (Stefano Garzarella) [Orabug: 29796676]
- hw/i386/pc: use PVH option rom (Stefano Garzarella) [Orabug: 29796676]
- qemu.spec: add pvh.bin to %files (Liam Merwick) [Orabug: 29796676]
- optionrom: add new PVH option rom (Stefano Garzarella) [Orabug: 29796676]
- linuxboot_dma: move common functions in a new header (Stefano Garzarella) [Orabug: 29796676]
- linuxboot_dma: remove duplicate definitions of FW_CFG (Stefano Garzarella) [Orabug: 29796676]
- pvh: load initrd and expose it through fw_cfg (Stefano Garzarella) [Orabug: 29796676]
- pvh: Boot uncompressed kernel using direct boot ABI (Liam Merwick) [Orabug: 29796676]
- pvh: Add x86/HVM direct boot ABI header file (Liam Merwick) [Orabug: 29796676]
- elf-ops.h: Add get_elf_note_type() (Liam Merwick) [Orabug: 29796676]
- elf: Add optional function ptr to load_elf() to parse ELF notes (Liam Merwick) [Orabug: 29796676]


Related CVEs


CVE-2017-9524
CVE-2017-6058
CVE-2019-12155
CVE-2017-5931
CVE-2018-20123

Updated Packages


Release/ArchitectureFilenameMD5sumSuperseded By Advisory
Oracle Linux 7 (aarch64) qemu-3.1.0-5.el7.src.rpm154885c9ab3b72a0b850c0b5c123f8ef-
ivshmem-tools-3.1.0-5.el7.aarch64.rpmb1efbfcbd1ad56f00e776840aff14120-
qemu-3.1.0-5.el7.aarch64.rpm3bf870d532f4782af88c4a562b5958ff-
qemu-block-gluster-3.1.0-5.el7.aarch64.rpm6b23c62a17b3eced4059832cba1a0a02-
qemu-block-iscsi-3.1.0-5.el7.aarch64.rpme1e09d7db255da82c1f52a98b655ec10-
qemu-block-rbd-3.1.0-5.el7.aarch64.rpm71a6bc672de1fa7b50a9cdcebab3284a-
qemu-common-3.1.0-5.el7.aarch64.rpmfb1203897812e14dc69fbffed1aaff27-
qemu-img-3.1.0-5.el7.aarch64.rpm30e1b479ec7f0d2686ee4f6bdf601108-
qemu-kvm-3.1.0-5.el7.aarch64.rpm49b8866f433673960104007c98e003bf-
qemu-kvm-core-3.1.0-5.el7.aarch64.rpm620ac08936624c4bdc8cc47c6c203585-
qemu-system-aarch64-3.1.0-5.el7.aarch64.rpm901a573806e882dc8556e19d3dba7633-
qemu-system-aarch64-core-3.1.0-5.el7.aarch64.rpma808d3d63323558a87b59509af8241ae-
Oracle Linux 7 (x86_64) qemu-3.1.0-5.el7.src.rpm154885c9ab3b72a0b850c0b5c123f8ef-
qemu-3.1.0-5.el7.x86_64.rpm2846382d92f333a1bed2d8c47346f28a-
qemu-block-gluster-3.1.0-5.el7.x86_64.rpm3e5d7a6054df15351ad9274c22e1f38e-
qemu-block-iscsi-3.1.0-5.el7.x86_64.rpm9d0308709f8e68b5d3874791483a3730-
qemu-block-rbd-3.1.0-5.el7.x86_64.rpme1a281bbd567d50b6a956684077bfb01-
qemu-common-3.1.0-5.el7.x86_64.rpm3a052ee1e7a5ed1528c960e79d20e233-
qemu-img-3.1.0-5.el7.x86_64.rpm8e2b07cde7fa1cc1c9e69af1debae05b-
qemu-kvm-3.1.0-5.el7.x86_64.rpm4e46a538743445a97a4efa309002fb27-
qemu-kvm-core-3.1.0-5.el7.x86_64.rpm9c332461a59f40f37be52359013ea04a-
qemu-system-x86-3.1.0-5.el7.x86_64.rpmb5c16594e097eb596c8c1a301dd76310-
qemu-system-x86-core-3.1.0-5.el7.x86_64.rpm1b866e276d3629daffa6c1220d6f2599-



This page is generated automatically and has not been checked for errors or omissions. For clarification or corrections please contact the Oracle Linux ULN team

software.hardware.complete