| qemu-kvm-0.12.1.2-2.506.el6_10.8.x86_64
[1.6 MiB] |
Changelog
by Danilo Cesar Lemes de Paula (2020-09-10):
- kvm-qemu-kvm-QEMU-usb-check-RNDIS-message-length.patch [bz#1869684]
- kvm-qemu-kvm-QEMU-usb-fix-setup_len-init-CVE-2020-14364.patch [bz#1869684]
- Resolves: bz#1869684
(CVE-2020-14364 qemu-kvm: QEMU: usb: out-of-bounds r/w access issue while processing usb packets [rhel-6.10.z])
|
| qemu-kvm-0.12.1.2-2.506.el6_10.7.x86_64
[1.6 MiB] |
Changelog
by Wainer dos Santos Moschetta (2020-03-25):
- kvm-slirp-disable-tcp_emu.patch [bz#1791680]
- kvm-slirp-add-slirp_fmt-helpers.patch [bz#1798966]
- kvm-tcp_emu-fix-unsafe-snprintf-usages.patch [bz#1798966]
- Resolves: bz#1791680
(QEMU: Slirp: disable emulation of tcp programs like ftp IRC etc. [rhel-6])
- Resolves: bz#1798966
(CVE-2020-8608 qemu-kvm: QEMU: Slirp: potential OOB access due to unsafe snprintf() usages [rhel-6.10.z])
|
| qemu-kvm-0.12.1.2-2.506.el6_10.6.x86_64
[1.6 MiB] |
Changelog
by Wainer dos Santos Moschetta (2020-02-10):
- kvm-Fix-heap-overflow-in-ip_reass-on-big-packet-input.patch [bz#1734747]
- kvm-Using-ip_deq-after-m_free-might-read-pointers-from-a.patch [bz#1749731]
- kvm-tcp_emu-Fix-oob-access.patch [bz#1791558]
- kvm-slirp-use-correct-size-while-emulating-IRC-commands.patch [bz#1791558]
- kvm-slirp-use-correct-size-while-emulating-commands.patch [bz#1791558]
- Resolves: bz#1734747
(CVE-2019-14378 qemu-kvm: QEMU: slirp: heap buffer overflow during packet reassembly [rhel-6.10.z])
- Resolves: bz#1749731
(CVE-2019-15890 qemu-kvm: QEMU: Slirp: use-after-free during packet reassembly [rhel-6])
- Resolves: bz#1791558
(CVE-2020-7039 qemu-kvm: QEMU: slirp: OOB buffer access while emulating tcp protocols in tcp_emu() [rhel-6.10.z])
|
| qemu-kvm-0.12.1.2-2.506.el6_10.5.x86_64
[1.6 MiB] |
Changelog
by Wainer dos Santos Moschetta (2019-09-09):
- kvm-slirp-fix-big-little-endian-conversion-in-ident-prot.patch [bz#1669066]
- kvm-slirp-ensure-there-is-enough-space-in-mbuf-to-null-t.patch [bz#1669066]
- kvm-slirp-don-t-manipulate-so_rcv-in-tcp_emu.patch [bz#1669066]
- kvm-qxl-check-release-info-object.patch [bz#1712728]
- kvm-net-Use-iov-helper-functions.patch [bz#1636415]
- kvm-net-increase-buffer-size-to-accommodate-Jumbo-frame-.patch [bz#1636415]
- kvm-net-ignore-packet-size-greater-than-INT_MAX.patch [bz#1636415]
- kvm-net-drop-too-large-packet-early.patch [bz#1636415]
- kvm-PATCH-slirp-fix-buffer-overrun.patch [bz#1586251]
- kvm-Fix-build-from-previous-commit.patch [bz#1586251]
- kvm-slirp-remove-mbuf-m_hdr-m_dat-indirection.patch [bz#1586251]
- kvm-slirp-Convert-mbufs-to-use-g_malloc-and-g_free.patch [bz#1586251]
- kvm-slirp-correct-size-computation-while-concatenating-m.patch [bz#1586251]
- kvm-pcnet-fix-possible-buffer-overflow.patch [bz#1636774]
- Resolves: bz#1586251
(CVE-2018-11806 qemu-kvm: QEMU: slirp: heap buffer overflow while reassembling fragmented datagrams [rhel-6.10.z])
- Resolves: bz#1636415
(CVE-2018-10839 qemu-kvm: Qemu: ne2000: integer overflow leads to buffer overflow issue [rhel-6])
- Resolves: bz#1636774
(CVE-2018-17962 qemu-kvm: Qemu: pcnet: integer overflow leads to buffer overflow [rhel-6])
- Resolves: bz#1669066
(CVE-2019-6778 qemu-kvm: QEMU: slirp: heap buffer overflow in tcp_emu() [rhel-6.10.z])
- Resolves: bz#1712728
(CVE-2019-12155 qemu-kvm: QEMU: qxl: null pointer dereference while releasing spice resources [rhel-6])
|
| qemu-kvm-0.12.1.2-2.506.el6_10.4.x86_64
[1.6 MiB] |
Changelog
by Wainer dos Santos Moschetta (2019-06-18):
- kvm-target-i386-Sanitize-the-XSAVE-related-feature-bits.patch [bz#1673779]
- kvm-slirp-check-sscanf-result-when-emulating-ident.patch [bz#1689790]
- Resolves: bz#1673779
(RHEL8 VM's do not install on RHEL6 KVM hypervisor)
- Resolves: bz#1689790
(CVE-2019-9824 qemu-kvm: QEMU: Slirp: information leakage in tcp_emu() due to uninitialized stack variables [rhel-6])
|
| qemu-kvm-0.12.1.2-2.506.el6_10.3.x86_64
[1.6 MiB] |
Changelog
by Danilo Cesar Lemes de Paula (2019-05-10):
- kvm-target-i386-define-md-clear-bit.patch [bz#1698996]
- Resolves: bz#1698996
(CVE-2018-12130 qemu-kvm: hardware: MFBDS)
|
| qemu-kvm-0.12.1.2-2.506.el6_10.1.x86_64
[1.6 MiB] |
Changelog
by Wainer dos Santos Moschetta (2018-06-21):
- qemu-kvm-i386-define-the-ssbd-CPUID-feature-bit-CVE-2018-3639.patch [bz#1574074]
- qemu-kvm-i386-Define-the-Virt-SSBD-MSR-and-handling-of-it-CVE.patch [bz#1574074]
- qemu-kvm-i386-define-the-AMD-virt-ssbd-CPUID-feature-bit-CVE-.patch [bz#1574074]
- Resolves: bz#1574074
(CVE-2018-3639 qemu-kvm: hw: cpu: speculative store bypass [rhel-6.10.z])
|
| qemu-kvm-0.12.1.2-2.503.el6_9.6.x86_64
[1.6 MiB] |
Changelog
by Wainer dos Santos Moschetta (2018-05-11):
- qemu-kvm-i386-define-the-ssbd-CPUID-feature-bit-CVE-2018-3639.patch [bz#1574067]
- Resolves: bz#1574067
(EMBARGOED CVE-2018-3639 qemu-kvm: Kernel: omega-4 [rhel-6.9.z])
|
| qemu-kvm-0.12.1.2-2.503.el6_9.5.x86_64
[1.6 MiB] |
Changelog
by Wainer dos Santos Moschetta (2018-02-16):
- kvm-cirrus-fix-oob-access-in-mode4and5-write-functions.patch [bz#1501296]
- Resolves: bz#1501296
(CVE-2017-15289 qemu-kvm: Qemu: cirrus: OOB access issue in mode4and5 write functions [rhel-6.9.z])
|
| qemu-kvm-0.12.1.2-2.503.el6_9.4.x86_64
[1.6 MiB] |
Changelog
by Wainer dos Santos Moschetta (2017-12-14):
- Fix CVE-2017-5715
|
| qemu-kvm-0.12.1.2-2.503.el6_9.3.x86_64
[1.6 MiB] |
Changelog
by Danilo Cesar Lemes de Paula (2017-05-05):
- kvm-cirrus-avoid-write-only-variables.patch [bz#1444377 bz#1444379]
- kvm-cirrus-stop-passing-around-dst-pointers-in-the-blitt.patch [bz#1444377 bz#1444379]
- kvm-cirrus-stop-passing-around-src-pointers-in-the-blitt.patch [bz#1444377 bz#1444379]
- kvm-cirrus-fix-off-by-one-in-cirrus_bitblt_rop_bkwd_tran.patch [bz#1444377 bz#1444379]
- kvm-cirrus-fix-PUTPIXEL-macro.patch [bz#1444377 bz#1444379]
- Resolves: bz#1444377
(CVE-2017-7980 qemu-kvm: Qemu: display: cirrus: OOB r/w access issues in bitblt routines [rhel-6.9.z])
- Resolves: bz#1444379
(CVE-2017-7980 qemu-kvm-rhev: Qemu: display: cirrus: OOB r/w access issues in bitblt routines [rhel-6.9.z])
|
| qemu-kvm-0.12.1.2-2.503.el6.x86_64
[1.6 MiB] |
Changelog
by Danilo Cesar Lemes de Paula (2017-02-13):
- kvm-cirrus-fix-patterncopy-checks.patch [bz#1420487 bz#1420489]
- kvm-Revert-cirrus-allow-zero-source-pitch-in-pattern-fil.patch [bz#1420487 bz#1420489]
- kvm-cirrus-add-blit_is_unsafe-call-to-cirrus_bitblt_cput.patch [bz#1420487 bz#1420489]
- Resolves: bz#1420487
(EMBARGOED CVE-2017-2620 qemu-kvm: Qemu: display: cirrus: potential arbitrary code execution via cirrus_bitblt_cputovideo [rhel-6.9])
- Resolves: bz#1420489
(EMBARGOED CVE-2017-2620 qemu-kvm-rhev: Qemu: display: cirrus: potential arbitrary code execution via cirrus_bitblt_cputovideo [rhel-6.9])
|
| qemu-kvm-0.12.1.2-2.491.el6_8.7.x86_64
[1.6 MiB] |
Changelog
by Danilo Cesar Lemes de Paula (2017-02-13):
- kvm-cirrus-fix-patterncopy-checks.patch [bz#1420486 bz#1420488]
- kvm-Revert-cirrus-allow-zero-source-pitch-in-pattern-fil.patch [bz#1420486 bz#1420488]
- kvm-cirrus-add-blit_is_unsafe-call-to-cirrus_bitblt_cput.patch [bz#1420486 bz#1420488]
- Resolves: bz#1420486
(EMBARGOED CVE-2017-2620 qemu-kvm: Qemu: display: cirrus: potential arbitrary code execution via cirrus_bitblt_cputovideo [rhel-6.8.z])
- Resolves: bz#1420488
(EMBARGOED CVE-2017-2620 qemu-kvm-rhev: Qemu: display: cirrus: potential arbitrary code execution via cirrus_bitblt_cputovideo [rhel-6.8.z])
|
| qemu-kvm-0.12.1.2-2.491.el6_8.6.x86_64
[1.6 MiB] |
Changelog
by Danilo Cesar Lemes de Paula (2017-02-09):
- kvm-cirrus_vga-fix-division-by-0-for-color-expansion-rop.patch [bz#1418230 bz#1419416]
- kvm-cirrus_vga-fix-off-by-one-in-blit_region_is_unsafe.patch [bz#1418230 bz#1419416]
- kvm-display-cirrus-check-vga-bits-per-pixel-bpp-value.patch [bz#1418230 bz#1419416]
- kvm-display-cirrus-ignore-source-pitch-value-as-needed-i.patch [bz#1418230 bz#1419416]
- kvm-cirrus-handle-negative-pitch-in-cirrus_invalidate_re.patch [bz#1418230 bz#1419416]
- kvm-cirrus-allow-zero-source-pitch-in-pattern-fill-rops.patch [bz#1418230 bz#1419416]
- kvm-cirrus-fix-blit-address-mask-handling.patch [bz#1418230 bz#1419416]
- kvm-cirrus-fix-oob-access-issue-CVE-2017-2615.patch [bz#1418230 bz#1419416]
- Resolves: bz#1418230
(CVE-2017-2615 qemu-kvm: Qemu: display: cirrus: oob access while doing bitblt copy backward mode [rhel-6.8.z])
- Resolves: bz#1419416
(CVE-2017-2615 qemu-kvm-rhev: Qemu: display: cirrus: oob access while doing bitblt copy backward mode [rhel-6.8.z])
|
| qemu-kvm-0.12.1.2-2.491.el6_8.3.x86_64
[1.6 MiB] |
Changelog
by Miroslav Rezanina (2016-07-27):
- kvm-virtio-error-out-if-guest-exceeds-virtqueue-size.patch [bz#1359724]
- Resolves: bz#1359724
(EMBARGOED CVE-2016-5403 qemu-kvm: Qemu: virtio: unbounded memory allocation on host via guest leading to DoS [rhel-6.8.z])
|
| qemu-kvm-0.12.1.2-2.491.el6_8.1.x86_64
[1.6 MiB] |
Changelog
by Miroslav Rezanina (2016-05-03):
- kvm-Add-vga.h-unmodified-from-Linux.patch [bz#1331407]
- kvm-vga.h-remove-unused-stuff-and-reformat.patch [bz#1331407]
- kvm-vga-use-constants-from-vga.h.patch [bz#1331407]
- kvm-vga-Remove-some-should-be-done-in-BIOS-comments.patch [bz#1331407]
- kvm-vga-fix-banked-access-bounds-checking-CVE-2016-3710.patch [bz#1331407]
- kvm-vga-add-vbe_enabled-helper.patch [bz#1331407]
- kvm-vga-factor-out-vga-register-setup.patch [bz#1331407]
- kvm-vga-update-vga-register-setup-on-vbe-changes.patch [bz#1331407]
- kvm-vga-make-sure-vga-register-setup-for-vbe-stays-intac.patch [bz#1331407]
- Resolves: bz#1331407
(EMBARGOED CVE-2016-3710 qemu-kvm: qemu: incorrect banked access bounds checking in vga module [rhel-6.8.z])
|
| qemu-kvm-0.12.1.2-2.491.el6.x86_64
[1.6 MiB] |
Changelog
by Miroslav Rezanina (2016-03-30):
- Revert "warning when CPU threads>1 for non-Intel CPUs" fix
|
| qemu-kvm-0.12.1.2-2.479.el6_7.4.x86_64
[1.6 MiB] |
Changelog
by Jeff E. Nelson (2016-01-25):
- kvm-fw_cfg-add-check-to-validate-current-entry-value-CVE.patch [bz#1298045]
- Resolves: bz#1298045
(CVE-2016-1714 qemu-kvm: Qemu: nvram: OOB r/w access in processing firmware configurations [rhel-6.7.z])
|
| qemu-kvm-0.12.1.2-2.479.el6_7.3.x86_64
[1.6 MiB] |
Changelog
by Jeff E. Nelson (2015-12-16):
- kvm-net-pcnet-add-check-to-validate-receive-data-size-CV.patch [bz#1287950]
- kvm-pcnet-fix-rx-buffer-overflow-CVE-2015-7512.patch [bz#1287950]
- Resolves: bz#1287950
(CVE-2015-7504 CVE-2015-7512 qemu-kvm: various flaws [rhel-6.7.z])
|
| qemu-kvm-0.12.1.2-2.479.el6_7.2.x86_64
[1.6 MiB] |
Changelog
by Jeff E. Nelson (2015-09-28):
- kvm-net-add-checks-to-validate-ring-buffer-pointers-CVE-.patch [bz#1263274]
- Resolves: bz#1263274
(CVE-2015-5279 qemu-kvm: qemu: Heap overflow vulnerability in ne2000_receive() function [rhel-6.7.z])
|
| qemu-kvm-0.12.1.2-2.479.el6_7.1.x86_64
[1.6 MiB] |
Changelog
by Jeff E. Nelson (2015-08-06):
- kvm-rtl8139-avoid-nested-ifs-in-IP-header-parsing-CVE-20.patch [bz#1248761]
- kvm-rtl8139-drop-tautologous-if-ip-.-statement-CVE-2015-.patch [bz#1248761]
- kvm-rtl8139-skip-offload-on-short-Ethernet-IP-header-CVE.patch [bz#1248761]
- kvm-rtl8139-check-IP-Header-Length-field-CVE-2015-5165.patch [bz#1248761]
- kvm-rtl8139-check-IP-Total-Length-field-CVE-2015-5165.patch [bz#1248761]
- kvm-rtl8139-skip-offload-on-short-TCP-header-CVE-2015-51.patch [bz#1248761]
- kvm-rtl8139-check-TCP-Data-Offset-field-CVE-2015-5165.patch [bz#1248761]
- Resolves: bz#1248761
(CVE-2015-5165 qemu-kvm: Qemu: rtl8139 uninitialized heap memory information leakage to guest [rhel-6.7.z])
|
| qemu-kvm-0.12.1.2-2.479.el6.x86_64
[1.6 MiB] |
Changelog
by Jeff E. Nelson (2015-06-22):
- kvm-posix-aio-compat-fix-acb-ev_signo-race-condition.patch [bz#1233292]
- Resolves: bz#1233292
()
|
| qemu-kvm-0.12.1.2-2.448.el6_6.4.x86_64
[1.6 MiB] |
Changelog
by Jeff E. Nelson (2015-06-01):
- kvm-pcnet-fix-Negative-array-index-read.patch [bz#1225886]
- kvm-pcnet-force-the-buffer-access-to-be-in-bounds-during.patch [bz#1225886]
- Resolves: bz#1225886
(EMBARGOED CVE-2015-3209 qemu-kvm: qemu: pcnet: multi-tmd buffer overflow in the tx path [rhel-6.6.z])
|
| qemu-kvm-0.12.1.2-2.448.el6_6.3.x86_64
[1.6 MiB] |
Changelog
by Miroslav Rezanina (2015-05-08):
- kvm-fdc-force-the-fifo-access-to-be-in-bounds-of-the-all.patch [bz#1219267]
- Resolves: bz#1219267
(EMBARGOED CVE-2015-3456 qemu-kvm: qemu: floppy disk controller flaw [rhel-6.6.z])
|
| qemu-kvm-0.12.1.2-2.448.el6_6.2.x86_64
[1.6 MiB] |
Changelog
by Jeff E. Nelson (2015-04-07):
- kvm-cirrus-fix-blit-region-check.patch [bz#1170571]
- kvm-cirrus-don-t-overflow-CirrusVGAState-cirrus_bltbuf.patch [bz#1170571]
- Resolves: bz#1170571
(CVE-2014-8106 qemu-kvm: qemu: cirrus: insufficient blit region checks [rhel-6.6.z])
|
| qemu-kvm-0.12.1.2-2.448.el6_6.x86_64
[1.6 MiB] |
Changelog
by Jeff E. Nelson (2014-09-26):
- kvm-Revert-migration-Don-t-calculate-bandwidth-when-last.patch [bz#970103]
- kvm-Revert-migration-move-bandwidth-calculation-to-insid.patch [bz#970103]
- kvm-Revert-migration-remove-not-needed-ram_save_remainin.patch [bz#970103]
- kvm-Revert-migration-avoid-no-op-memmove-of-potential-la.patch [bz#970103]
- kvm-Revert-migration-only-call-append-when-there-is-some.patch [bz#970103]
- kvm-Revert-migration-set-speed-to-maximum-during-last-st.patch [bz#970103]
- kvm-Revert-net-Forbid-dealing-with-packets-when-VM-is-no.patch [bz#970103]
- Reverts attempt to solve: bz#970103
(Downtime during live migration of busy VM is much higher than migration_downtime in vdsm.conf)
|
| qemu-kvm-0.12.1.2-2.445.el6.x86_64
[1.6 MiB] |
Changelog
by Jeff E. Nelson (2014-09-09):
- kvm-trace-add-systemtap-initscript-README-file-to-RPM.patch [bz#1139438]
- Resolves: bz#1139438
(README for qemu-kvm systemtap flight recorder)
|
| qemu-kvm-0.12.1.2-2.415.el6_5.14.x86_64
[1.5 MiB] |
Changelog
by Jeff E. Nelson (2014-08-06):
- The commit for zrelease .13 was incomplete; the changes to qemu-kvm.spec
did not include the "%patchNNNN -p1" lines for patches 4647 through 4655;
so although the patch files themselves were committed, the srpm build
did not pick them up. In addition, the commit log did not describe the
patches.
This commit corrects these problems and bumps the zrelease to .14.
|
| qemu-kvm-0.12.1.2-2.415.el6_5.10.x86_64
[1.5 MiB] |
Changelog
by Jeff E. Nelson (2014-05-28):
- kvm-virtio-out-of-bounds-buffer-write-on-invalid-state-l.patch [bz#1095692]
- kvm-usb-sanity-check-setup_index-setup_len-in-post_load.patch [bz#1095743]
- kvm-usb-sanity-check-setup_index-setup_len-in-post_load-2.patch [bz#1095743]
- kvm-virtio-scsi-fix-buffer-overrun-on-invalid-state-load.patch [bz#1095739]
- kvm-virtio-avoid-buffer-overrun-on-incoming-migration.patch [bz#1095735]
- kvm-virtio-validate-num_sg-when-mapping.patch [bz#1095763 bz#1096124]
- kvm-virtio-allow-mapping-up-to-max-queue-size.patch [bz#1095763 bz#1096124]
- kvm-enable-PCI-multiple-segments-for-pass-through-device.patch [bz#1099941]
- kvm-virtio-net-fix-buffer-overflow-on-invalid-state-load.patch [bz#1095675]
- kvm-virtio-validate-config_len-on-load.patch [bz#1095779]
- kvm-usb-fix-up-post-load-checks.patch [bz#1096825]
- kvm-CPU-hotplug-use-apic_id_for_cpu-round-2-RHEL-6-only.patch [bz#1100575]
- Resolves: bz#1095675
()
- Resolves: bz#1095692
()
- Resolves: bz#1095735
()
- Resolves: bz#1095739
()
- Resolves: bz#1095743
()
- Resolves: bz#1095763
()
- Resolves: bz#1095779
()
- Resolves: bz#1096124
()
- Resolves: bz#1096825
()
- Resolves: bz#1099941
()
- Resolves: bz#1100575
(Some vCPU topologies not accepted by libvirt)
|
| qemu-kvm-0.12.1.2-2.415.el6_5.8.x86_64
[1.5 MiB] |
Changelog
by Miroslav Rezanina (2014-04-11):
- kvm-virtio-net-fix-guest-triggerable-buffer-overrun.patch [bz#1078605 bz#1078849]
- kvm-qcow2-Check-backing_file_offset-CVE-2014-0144.patch [bz#1079452 bz#1079453]
- kvm-qcow2-Check-refcount-table-size-CVE-2014-0144.patch [bz#1079452 bz#1079453]
- kvm-qcow2-Validate-refcount-table-offset.patch [bz#1079518 bz#1086678]
- kvm-qcow2-Validate-snapshot-table-offset-size-CVE-2014-0.patch [bz#1079452 bz#1079453]
- kvm-qcow2-Validate-active-L1-table-offset-and-size-CVE-2.patch [bz#1079452 bz#1079453]
- kvm-qcow2-Fix-backing-file-name-length-check.patch [bz#1079518 bz#1086678]
- kvm-qcow2-Don-t-rely-on-free_cluster_index-in-alloc_refc.patch [bz#1079337 bz#1079338]
- kvm-qcow2-Avoid-integer-overflow-in-get_refcount-CVE-201.patch [bz#1079318 bz#1079319]
- kvm-qcow2-Check-new-refcount-table-size-on-growth.patch [bz#1079518 bz#1086678]
- kvm-qcow2-Fix-types-in-qcow2_alloc_clusters-and-alloc_cl.patch [bz#1079518 bz#1086678]
- kvm-qcow2-Protect-against-some-integer-overflows-in-bdrv.patch [bz#1079518 bz#1086678]
- kvm-qcow2-Catch-some-L1-table-index-overflows.patch [bz#1079518 bz#1086678]
- kvm-qcow2-Fix-new-L1-table-size-check-CVE-2014-0143.patch [bz#1079318 bz#1079319]
- kvm-qcow2-Fix-NULL-dereference-in-qcow2_open-error-path-.patch [bz#1079330 bz#1079331]
- kvm-qcow2-Limit-snapshot-table-size.patch [bz#1079518 bz#1086678]
- kvm-block-cloop-validate-block_size-header-field-CVE-201.patch [bz#1079452 bz#1079453]
- kvm-block-cloop-prevent-offsets_size-integer-overflow-CV.patch [bz#1079318 bz#1079319]
- kvm-block-cloop-refuse-images-with-huge-offsets-arrays-C.patch [bz#1079452 bz#1079453]
- kvm-block-cloop-Fix-coding-style.patch [bz#1079518 bz#1086678]
- kvm-cloop-Fix-bdrv_open-error-handling.patch [bz#1079518 bz#1086678]
- kvm-block-cloop-refuse-images-with-bogus-offsets-CVE-201.patch [bz#1079452 bz#1079453]
- kvm-block-cloop-Use-g_free-instead-of-free.patch [bz#1079518 bz#1086678]
- kvm-block-cloop-fix-offsets-size-off-by-one.patch [bz#1079518 bz#1086678]
- kvm-bochs-Fix-bdrv_open-error-handling.patch [bz#1079518 bz#1086678]
- kvm-bochs-Unify-header-structs-and-make-them-QEMU_PACKED.patch [bz#1079518 bz#1086678]
- kvm-bochs-Use-unsigned-variables-for-offsets-and-sizes-C.patch [bz#1079337 bz#1079338]
- kvm-bochs-Check-catalog_size-header-field-CVE-2014-0143.patch [bz#1079318 bz#1079319]
- kvm-bochs-Check-extent_size-header-field-CVE-2014-0142.patch [bz#1079313 bz#1079314]
- kvm-bochs-Fix-bitmap-offset-calculation.patch [bz#1079518 bz#1086678]
- kvm-vpc-vhd-add-bounds-check-for-max_table_entries-and-b.patch [bz#1079452 bz#1079453]
- kvm-vpc-Validate-block-size-CVE-2014-0142.patch [bz#1079313 bz#1079314]
- kvm-vdi-add-bounds-checks-for-blocks_in_image-and-disk_s.patch [bz#1079452 bz#1079453]
- kvm-vhdx-Bounds-checking-for-block_size-and-logical_sect.patch [bz#1079343 bz#1079344]
- kvm-curl-check-data-size-before-memcpy-to-local-buffer.-.patch [bz#1079452 bz#1079453]
- kvm-dmg-Fix-bdrv_open-error-handling.patch [bz#1079518 bz#1086678]
- kvm-dmg-coding-style-and-indentation-cleanup.patch [bz#1079518 bz#1086678]
- kvm-dmg-prevent-out-of-bounds-array-access-on-terminator.patch [bz#1079518 bz#1086678]
- kvm-dmg-drop-broken-bdrv_pread-loop.patch [bz#1079518 bz#1086678]
- kvm-dmg-use-appropriate-types-when-reading-chunks.patch [bz#1079518 bz#1086678]
- kvm-dmg-sanitize-chunk-length-and-sectorcount-CVE-2014-0.patch [bz#1079323 bz#1079324]
- kvm-dmg-use-uint64_t-consistently-for-sectors-and-length.patch [bz#1079518 bz#1086678]
- kvm-dmg-prevent-chunk-buffer-overflow-CVE-2014-0145.patch [bz#1079323 bz#1079324]
- kvm-block-Limit-request-size-CVE-2014-0143.patch [bz#1079318 bz#1079319]
- kvm-parallels-Fix-catalog-size-integer-overflow-CVE-2014.patch [bz#1079318 bz#1079319]
- kvm-parallels-Sanity-check-for-s-tracks-CVE-2014-0142.patch [bz#1079313 bz#1079314]
- kvm-bochs-Fix-memory-leak-in-bochs_open-error-path.patch [bz#1079518 bz#1086678]
- kvm-bochs-Fix-catalog-size-check.patch [bz#1079518 bz#1086678]
- Resolves: bz#1078849
(EMBARGOED CVE-2014-0150 qemu-kvm: qemu: virtio-net: buffer overflow in virtio_net_handle_mac() function [rhel-6.5.z])
- Resolves: bz#1079313
(CVE-2014-0142 qemu-kvm: qemu: crash by possible division by zero [rhel-6.5.z])
- Resolves: bz#1079318
(CVE-2014-0143 qemu-kvm: Qemu: block: multiple integer overflow flaws [rhel-6.5.z])
- Resolves: bz#1079323
(CVE-2014-0145 qemu-kvm: Qemu: prevent possible buffer overflows [rhel-6.5.z])
- Resolves: bz#1079330
(CVE-2014-0146 qemu-kvm: Qemu: qcow2: NULL dereference in qcow2_open() error path [rhel-6.5.z])
- Resolves: bz#1079337
(CVE-2014-0147 qemu-kvm: Qemu: block: possible crash due signed types or logic error [rhel-6.5.z])
- Resolves: bz#1079343
(CVE-2014-0148 qemu-kvm: Qemu: vhdx: bounds checking for block_size and logical_sector_size [rhel-6.5.z])
- Resolves: bz#1079452
(CVE-2014-0144 qemu-kvm: Qemu: block: missing input validation [rhel-6.5.z])
- Resolves: bz#1086678
(qemu-kvm: include leftover patches from block layer security audit)
|
| qemu-kvm-0.12.1.2-2.415.el6_5.7.x86_64
[1.5 MiB] |
Changelog
by Miroslav Rezanina (2014-03-27):
- kvm-ACPI-level-VCPU-enablement-info-for-libvirt-RHEL-6-o.patch [bz#1080436]
- Resolves: bz#1080436
([Intel 6.5.z Bug] virsh setvcpus can not setup correct vcpu number)
|
| qemu-kvm-0.12.1.2-2.415.el6_5.5.x86_64
[1.5 MiB] |
Changelog
by Miroslav Rezanina (2014-02-25):
- kvm-monitor-Cleanup-mon-outbuf-on-write-error.patch [bz#1069239]
- Resolves: bz#1069239
(QMP socket breaks on unexpected close)
|
| qemu-kvm-0.12.1.2-2.415.el6_5.4.x86_64
[1.5 MiB] |
Changelog
by Miroslav Rezanina (2014-02-10):
- kvm-vmdk-Allow-read-only-open-of-VMDK-version-3.patch [bz#1056642 bz#1063202]
- Resolves: bz#1063202
(qemu-img fails to convert vmdk v3 image)
|
| qemu-kvm-0.12.1.2-2.415.el6_5.3.x86_64
[1.5 MiB] |
Changelog
by Miroslav Rezanina (2013-11-12):
- kvm-monitor-monitor_puts-bail-out-when-mon-NULL.patch [bz#1015979 bz#1029329]
- kvm-qcow2-Flush-image-after-creation.patch [bz#1029327]
- kvm-vmdk-Fix-vmdk_parse_extents.patch [bz#1029331]
- kvm-vmdk-fix-VMFS-extent-parsing.patch [bz#1029331]
- Resolves: bz#1015979
([FJ6.5 Bug]:[REG] live migration with "--copy-storage-{all,inc}" option fails)
- Resolves: bz#1029327
('qemu-img info' take too much time with 'cluster_size=512,preallocation=metadata' in the first time)
- Resolves: bz#1029329
([FJ6.5 Bug]:[REG] live migration with "--copy-storage-{all,inc}" option fails)
- Resolves: bz#1029331
(fix vmdk support to ESX images)
|
| qemu-kvm-0.12.1.2-2.415.el6.x86_64
[1.5 MiB] |
Changelog
by Michal Novotny (2013-10-25):
- kvm-target-i386-don-t-migrate-steal-time-MSR-on-older-ma.patch [bz#1022821]
- Resolves: bz#1022821
(live-migration from RHEL6.5 to RHEL6.4.z fails with "error while loading state for instance 0x0 of device 'cpu'")
|
| qemu-kvm-0.12.1.2-2.355.el6_4.9.x86_64
[1.3 MiB] |
Changelog
by Michal Novotny (2013-09-16):
- kvm-Fix-off-by-one-error-in-page_l1_map.patch [bz#996791]
- Resolves: bz#996791
(Off-by-one error in page_l1_map() can lead to out-of-bounds access)
|
| qemu-kvm-0.12.1.2-2.355.el6_4.7.x86_64
[1.3 MiB] |
Changelog
by Michal Novotny (2013-08-12):
- kvm-qcow2-Reinitialise-counter-when-restarting-alloc-r64.patch [bz#996151]
- Resolves: bz#996151
(qcow2 corruption bug in cluster allocation code)
|
| qemu-kvm-0.12.1.2-2.355.el6_4.6.x86_64
[1.3 MiB] |
Changelog
by Miroslav Rezanina (2013-07-10):
- kvm-qga-cast-to-int-for-DWORD-type.patch [bz#980758]
- kvm-qga-remove-undefined-behavior-in-ga_install_service.patch [bz#980758]
- kvm-qga-diagnostic-output-should-go-to-stderr.patch [bz#980758]
- kvm-qa_install_service-nest-error-paths-more-idiomatically.patch [bz#980758]
- kvm-qga-escape-cmdline-args-when-registering-win32-service.patch [bz#980758]
- Resolves: bz#980758
(qemu-kvm: CVE-2013-2231 qemu: qemu-ga win32 service unquoted search path [rhel-6.4.z])
|
| qemu-kvm-0.12.1.2-2.355.el6_4.5.x86_64
[1.3 MiB] |
Changelog
by Michal Novotny (2013-05-23):
- kvm-e1000-fix-link-down-handling-with-auto-negotiation.patch [bz#907716]
- kvm-e1000-unbreak-the-guest-network-when-migration-to-RH.patch [bz#907716]
- kvm-reimplement-error_setg-and-error_setg_errno-for-RHEL.patch [bz#957056]
- kvm-qga-set-umask-0077-when-daemonizing-CVE-2013-2007.patch [bz#957056]
- kvm-qga-distinguish-binary-modes-in-guest_file_open_mode.patch [bz#957056]
- kvm-qga-unlink-just-created-guest-file-if-fchmod-or-fdop.patch [bz#957056]
- Resolves: bz#907716
(use set_link to change rtl8139 and e1000 network card's status but fail to make effectively after reboot guest)
- Resolves: bz#957056
(CVE-2013-2007 qemu: guest agent creates files with insecure permissions in deamon mode [rhel-6.4.z])
|
| qemu-kvm-0.12.1.2-2.355.el6_4.3.x86_64
[1.3 MiB] |
Changelog
by Michal Novotny (2013-04-10):
- kvm-Fix-regression-introduced-by-machine-accel.patch [bz#929105]
- Resolves: bz#929105
([RHEL6.4] [regression] qemu-kvm does not enable ioeventfd)
|
| qemu-kvm-0.12.1.2-2.355.el6_4.2.x86_64
[1.3 MiB] |
Changelog
by Michal Novotny (2013-02-28):
- kvm-e1000-Discard-packets-that-are-too-long-if-SBP-and-L.patch [bz#910841]
- kvm-e1000-Discard-oversized-packets-based-on-SBP-LPE.patch [bz#910841]
- Resolves: bz#910841
(CVE-2012-6075 qemu (e1000 device driver): Buffer overflow when processing large packets when SBP and LPE flags are disabled [rhel-6.4.z])
|
| qemu-kvm-0.12.1.2-2.355.el6_4.1.x86_64
[1.3 MiB] |
Changelog
by Michal Novotny (2013-02-06):
- kvm-Revert-e1000-no-need-auto-negotiation-if-link-was-do.patch [bz#907397]
- Resolves: bz#907397
(Patch "e1000: no need auto-negotiation if link was down" may break e1000 guest)
|
| qemu-kvm-0.12.1.2-2.355.el6.x86_64
[1.3 MiB] |
Changelog
by Michal Novotny (2013-01-23):
- kvm-Revert-audio-spice-add-support-for-volume-control.patch [bz#884253]
- kvm-Revert-hw-ac97-add-support-for-volume-control.patch [bz#884253]
- kvm-Revert-hw-ac97-the-volume-mask-is-not-only-0x1f.patch [bz#884253]
- kvm-Revert-hw-ac97-remove-USE_MIXER-code.patch [bz#884253]
- kvm-Revert-audio-don-t-apply-volume-effect-if-backend-ha.patch [bz#884253]
- kvm-Revert-audio-add-VOICE_VOLUME-ctl.patch [bz#884253]
- kvm-Revert-audio-split-sample-conversion-and-volume-mixi.patch [bz#884253]
- Resolves: bz#884253
(Allow control of volume from within Windows Guests (Volume Mixture))
|
| qemu-kvm-0.12.1.2-2.295.el6_3.10.x86_64
[1.3 MiB] |
Changelog
by Michal Novotny (2012-12-12):
- kvm-Revert-Add-rate-limiting-of-RTC_CHANGE-BALLOON_CHANG.patch [bz#886101]
- kvm-Revert-Add-event-notification-for-guest-balloon-chan.patch [bz#886101]
- kvm-Revert-Add-query-events-command-to-QMP-to-query-asyn.patch [bz#886101]
- kvm-Revert-trace-trace-monitor-qmp-dispatch-completion.patch [bz#886101]
- kvm-trace-trace-monitor-qmp-dispatch-completion-take2.patch [bz#886101]
- kvm-monitor-allow-qapi-and-old-hmp-to-share-the-same-dis.patch [bz#886101]
- kvm-Add-query-events-command-to-QMP-to-query-async-event-take2.patch [bz#886101]
- kvm-Add-event-notification-for-guest-balloon-changes-take2.patch [bz#886101]
- kvm-Add-rate-limiting-of-RTC_CHANGE-BALLOON_CHANGE-WATCH-take2.patch [bz#886101]
- Resolves: bz#886101
(vdsm: vdsm is stuck in recovery for almost an hour on NFS storage with running vm's when blocking storage from host)
|
| qemu-kvm-0.12.1.2-2.295.el6_3.8.x86_64
[1.3 MiB] |
Changelog
by Michal Novotny (2012-11-15):
- kvm-e1000-switch-to-symbolic-names-for-pci-registers-v5.patch [bz#873270]
- kvm-pci-interrupt-pin-documentation-update-v5.patch [bz#873270]
- kvm-e1000-Don-t-set-the-Capabilities-List-bit-v5.patch [bz#873270]
- Resolves: bz#873270
([hck][svvp] PCI Hardware Compliance Test for Systems job failed when e1000 is in use)
|
| qemu-kvm-0.12.1.2-2.295.el6_3.5.x86_64
[1.3 MiB] |
Changelog
by Michal Novotny (2012-10-22):
- kvm-qxl-render-fix-broken-vnc-spice-since-commit-f934493-z.patch [bz#861906]
- Resolves: bz#861906
(qemu-kvm segfaulting when running a VM)
|
| qemu-kvm-0.12.1.2-2.295.el6_3.2.x86_64
[1.2 MiB] |
Changelog
by Michal Novotny (2012-09-03):
- kvm-console-bounds-check-whenever-changing-the-cursor-du.patch [bz#851257
- Resolves: bz#851257
(EMBARGOED CVE-2012-3515 qemu/kvm: VT100 emulation vulnerability [rhel-6.3.z])
|
| qemu-kvm-0.12.1.2-2.295.el6_3.1.x86_64
[1.2 MiB] |
Changelog
by Michal Novotny (2012-07-16):
- postinstall scriptlet no longer loads KVM modules [bz#839897]
- kvm-isa-bus-Remove-bogus-IRQ-sharing-check.patch [bz#840054]
- Resolves: bz#840054
(guest fails with error: isa irq 4 already assigned when starting guest with more than two serial devices)
- Resolves: bz#839897
(postinstall scriptlet no longer loads KVM modules)
|
| qemu-kvm-0.12.1.2-2.295.el6.x86_64
[1.2 MiB] |
Changelog
by Michal Novotny (2012-05-22):
- kvm-x86-Pass-KVMState-to-kvm_arch_get_supported_cpui.patch [bz#819562]
- kvm-Expose-CPUID-leaf-7-only-for-cpu-host-v2.patch [bz#819562]
- Resolves: bz#819562
(SMEP is enabled unconditionally)
|
| qemu-kvm-0.12.1.2-2.209.el6_2.5.x86_64
[1.1 MiB] |
Changelog
by Michal Novotny (2012-04-18):
- kvm-Fix-memory-leak-in-register-save-load-due-to-xsave-s.patch [bz#805550]
- kvm-x86-Avoid-runtime-allocation-of-xsave-buffer.patch [bz#805550]
- kvm-qxl-Add-support-for-2000x2000-resolution.patch [bz#799002]
- Resolves: bz#799002
([SPICE]Add 2000x2000 resolution to QXL driver)
- Resolves: bz#805550
(Fix memory leak in register save load due to xsave support)
|
| qemu-kvm-0.12.1.2-2.209.el6_2.4.x86_64
[1.1 MiB] |
Changelog
by Michal Novotny (2012-01-16):
- kvm-e1000-prevent-buffer-overflow-when-processing-legacy.patch [bz#772081]
- Resolves: bz#772081
(EMBARGOED CVE-2012-0029 qemu-kvm: e1000: process_tx_desc legacy mode packets heap overflow [rhel-6.2.z])
|
| qemu-kvm-0.12.1.2-2.209.el6_2.1.x86_64
[1.1 MiB] |
Changelog
by Michal Novotny (2011-11-16):
- kvm-ccid-Fix-buffer-overrun-in-handling-of-VSC_ATR-messa.patch [bz#751312]
- CVE: CVE-2011-4111
- Resolves: bz#751312
(CVE-2011-4111 qemu: ccid: buffer overflow in handling of VSC_ATR message [rhel-6.2.z])
|
| qemu-kvm-0.12.1.2-2.209.el6.x86_64
[1.1 MiB] |
Changelog
by Michal Novotny (2011-11-02):
- kvm-hda-do-not-mix-output-and-input-streams-RHBZ-740493-v2.patch [bz#740493]
- kvm-hda-do-not-mix-output-and-input-stream-states-RHBZ-740493-v2.patch [bz#740493]
- kvm-intel-hda-fix-stream-search.patch [bz#740493]
- Resolves: bz#740493
(audio playing doesn't work when sound recorder is opened)
|
| qemu-kvm-0.12.1.2-2.160.slc6.8.x86_64
[1.0 MiB] |
Changelog
by Eduardo Habkost (2011-08-10):
- kvm-device-assignment-handle-device-with-incorrect-PCIe-.patch [bz#727468]
- Resolves: bz#727468
(Unable to attach PCI device on a booted virt guest)
|
| qemu-kvm-0.12.1.2-2.160.slc6.6.x86_64
[1.0 MiB] |
Changelog
by Eduardo Habkost (2011-07-26):
- kvm-clarify-support-statement-in-KVM-help.patch [bz#725543]
- Resolves: bz#725543
(RHEL6.2: Clarify support statement in KVM help)
|
| qemu-kvm-0.12.1.2-2.160.slc6.2.x86_64
[1.0 MiB] |
Changelog
by Eduardo Habkost (2011-06-29):
- kvm-virtio-guard-against-negative-vq-notifies.patch [bz#717403]
- Resolves: bz#717403
(qemu-kvm: OOB memory access caused by negative vq notifies [rhel-6.1.z])
|
| qemu-kvm-0.12.1.2-2.160.slc6.x86_64
[1.0 MiB] |
Changelog
by Eduardo Habkost (2011-04-27):
- kvm-virtio-blk-fail-unaligned-requests.patch [bz#698910]
- kvm-Ignore-pci-unplug-requests-for-unpluggable-devices.patch [bz#699789]
- Resolves: bz#698910
(CVE-2011-1750 virtio-blk: heap buffer overflow caused by unaligned requests [rhel-6.1])
- Resolves: bz#699789
(CVE-2011-1751 acpi_piix4: missing hotplug check during device removal [rhel-6.1])
|
| qemu-kvm-0.12.1.2-2.160.el6_1.9.x86_64
[1.0 MiB] |
Changelog
by Michal Novotny (2011-11-14):
- kvm-ccid-Fix-buffer-overrun-in-handling-of-VSC_ATR-messa.patch [bz#751311]
- CVE: CVE-2011-4111
- Resolves: bz#751311
(CVE-2011-4111 qemu: ccid: buffer overflow in handling of VSC_ATR message [rhel-6.1.z])
|
| qemu-kvm-0.12.1.2-2.160.el6_1.8.x86_64
[1.0 MiB] |
Changelog
by Eduardo Habkost (2011-08-10):
- kvm-device-assignment-handle-device-with-incorrect-PCIe-.patch [bz#727468]
- Resolves: bz#727468
(Unable to attach PCI device on a booted virt guest)
|
| qemu-kvm-0.12.1.2-2.160.el6_1.6.x86_64
[1.0 MiB] |
Changelog
by Eduardo Habkost (2011-07-26):
- kvm-clarify-support-statement-in-KVM-help.patch [bz#725543]
- Resolves: bz#725543
(RHEL6.2: Clarify support statement in KVM help)
|
| qemu-kvm-0.12.1.2-2.160.el6_1.3.x86_64
[1.0 MiB] |
Changelog
by Eduardo Habkost (2011-07-13):
- kvm-raw-posix-Linearize-direct-I-O-on-Linux-NFS.patch [bz#720999]
- Resolves: bz#720999
(QEMU should use pass preadv/pwritev a single vector when using cache=none and NFS)
|
| qemu-kvm-0.12.1.2-2.160.el6_1.2.x86_64
[1.0 MiB] |
Changelog
by Eduardo Habkost (2011-06-29):
- kvm-virtio-guard-against-negative-vq-notifies.patch [bz#717403]
- Resolves: bz#717403
(qemu-kvm: OOB memory access caused by negative vq notifies [rhel-6.1.z])
|
| qemu-kvm-0.12.1.2-2.113.el6_0.8.x86_64
[975 KiB] |
Changelog
by Luiz Capitulino (2011-03-03):
- kvm-Revert-blockdev-Fix-drive_del-not-to-crash-when-driv.patch [bz#677170]
- kvm-Revert-blockdev-check-dinfo-ptr-before-using-v2.patch [bz#677170]
- kvm-Revert-Implement-drive_del-to-decouple-block-removal.patch [bz#677170]
- kvm-Revert-block-Catch-attempt-to-attach-multiple-device.patch [bz#677170]
- kvm-Revert-qdev-Decouple-qdev_prop_drive-from-DriveInfo-.patch [bz#677170]
- kvm-Revert-blockdev-Clean-up-automatic-drive-deletion-v2.patch [bz#677170]
- kvm-Revert-blockdev-New-drive_get_by_blockdev-v2.patch [bz#677170]
- kvm-Revert-qdev-Don-t-leak-string-property-value-on-hot-.patch [bz#677170]
- kvm-Revert-ide-Split-non-qdev-code-off-ide_init2.patch [bz#677170]
- kvm-Revert-ide-Change-ide_init_drive-to-require-valid-di.patch [bz#677170]
- kvm-Revert-ide-Split-ide_init1-off-ide_init2-v2.patch [bz#677170]
- kvm-Revert-ide-Remove-redundant-IDEState-member-conf.patch [bz#677170]
- Related: bz#677170
(drive_del command to let libvirt safely remove block device from guest)
|
| qemu-kvm-0.12.1.2-2.113.el6_0.6.x86_64
[973 KiB] |
Changelog
by Eduardo Habkost (2011-01-04):
- kvm-Revert-spice-qxl-make-draw_area-and-vgafb-share-memo.patch [bz#653334]
- kvm-Revert-spice-qxl-update-modes-ptr-in-post_load.patch [bz#653334]
- Related: bz#653334
(spice: prepare qxl for 6.1 update.)
|
| qemu-kvm-0.12.1.2-2.113.el6_0.3.x86_64
[971 KiB] |
Changelog
by Eduardo Habkost (2010-10-14):
- ksmtuned: committed_memory of 0 qemus [bz#634249]
- Resolves: bz#634249
(incorrect committed memory on idle host)
|