[ol7_developer_kvm_utils] qemu-block-rbd-15:4.2.1-1.el7.x86_64

This package provides the additional Ceph/RBD block driver for QEMU.

Install this package if you want to access remote Ceph volumes
using the rbd protocol.

Changelog (Show File list) (Show related packages)

• Wed Jul 22 2020 Karl Heubaum <karl.heubaum@oracle.com> - 15:4.2.1-1.el7

  - hw/sd/sdcard: Do not switch to ReceivingData if address is invalid (Philippe Mathieu-Daudé)  [Orabug: 31414336]  {CVE-2020-13253}
  - hw/sd/sdcard: Update coding style to make checkpatch.pl happy (Philippe Mathieu-Daudé)  [Orabug: 31414336] 
  - hw/sd/sdcard: Do not allow invalid SD card sizes (Philippe Mathieu-Daudé)  [Orabug: 31414336]  {CVE-2020-13253}
  - hw/sd/sdcard: Simplify realize() a bit (Philippe Mathieu-Daudé)  [Orabug: 31414336] 
  - hw/sd/sdcard: Restrict Class 6 commands to SCSD cards (Philippe Mathieu-Daudé)  [Orabug: 31414336] 
  - libslirp: Update to v4.3.1 to fix CVE-2020-10756 (Karl Heubaum)  [Orabug: 31604999]  {CVE-2020-10756}
  - Document CVEs as fixed 2/2 (Karl Heubaum)  [Orabug: 30618035]  {CVE-2017-18043} {CVE-2018-10839} {CVE-2018-11806} {CVE-2018-12617} {CVE-2018-15746} {CVE-2018-16847} {CVE-2018-16867} {CVE-2018-17958} {CVE-2018-17962} {CVE-2018-17963} {CVE-2018-18849} {CVE-2018-19364} {CVE-2018-19489} {CVE-2018-3639} {CVE-2018-5683} {CVE-2018-7550} {CVE-2018-7858} {CVE-2019-12068} {CVE-2019-15034} {CVE-2019-15890} {CVE-2019-20382} {CVE-2020-10702} {CVE-2020-10761} {CVE-2020-11102} {CVE-2020-11869} {CVE-2020-13361} {CVE-2020-13765} {CVE-2020-13800} {CVE-2020-1711} {CVE-2020-1983} {CVE-2020-8608}
  - Document CVEs as fixed 1/2 (Karl Heubaum)  [Orabug: 30618035]  {CVE-2017-10806} {CVE-2017-11334} {CVE-2017-12809} {CVE-2017-13672} {CVE-2017-13673} {CVE-2017-13711} {CVE-2017-14167} {CVE-2017-15038} {CVE-2017-15119} {CVE-2017-15124} {CVE-2017-15268} {CVE-2017-15289} {CVE-2017-16845} {CVE-2017-17381} {CVE-2017-18030} {CVE-2017-2630} {CVE-2017-2633} {CVE-2017-5715} {CVE-2017-5753} {CVE-2017-5754} {CVE-2017-5931} {CVE-2017-6058} {CVE-2017-7471} {CVE-2017-7493} {CVE-2017-8112} {CVE-2017-8309} {CVE-2017-8379} {CVE-2017-8380} {CVE-2017-9503} {CVE-2017-9524} {CVE-2018-12126} {CVE-2018-12127} {CVE-2018-12130} {CVE-2018-16872} {CVE-2018-20123} {CVE-2018-20124} {CVE-2018-20125} {CVE-2018-20126} {CVE-2018-20191} {CVE-2018-20216} {CVE-2018-20815} {CVE-2019-11091} {CVE-2019-12155} {CVE-2019-14378} {CVE-2019-3812} {CVE-2019-5008} {CVE-2019-6501} {CVE-2019-6778} {CVE-2019-8934} {CVE-2019-9824}
  - qemu-kvm.spec: Add .spec file for OL8 (Karl Heubaum)  [Orabug: 30618035] 
  - qemu.spec: Add .spec file for OL7 (Karl Heubaum)  [Orabug: 30618035] 
  - qemu-submodule-init: Add Git submodule init script (Karl Heubaum)  [Orabug: 30618035] 
  - vhost.conf: Initial vhost.conf (Karl Heubaum)  [Orabug: 30618035] 
  - parfait: Add buildrpm/parfait-qemu.conf (Karl Heubaum)  [Orabug: 30618035] 
  - virtio: Set PCI subsystem vendor ID to Oracle (Karl Heubaum)  [Orabug: 30618035] 
  - qemu_regdump.py: Initial qemu_regdump.py (Karl Heubaum)  [Orabug: 30618035] 
  - qmp-regdump: Initial qmp-regdump (Karl Heubaum)  [Orabug: 30618035] 
  - bridge.conf: Initial bridge.conf (Karl Heubaum)  [Orabug: 30618035] 
  - kvm.conf: Initial kvm.conf (Karl Heubaum)  [Orabug: 30618035] 
  - 80-kvm.rules: Initial 80-kvm.rules (Karl Heubaum)  [Orabug: 30618035] 
  - exec: set map length to zero when returning NULL (Prasad J Pandit)  [Orabug: 31439733]  {CVE-2020-13659}
  - megasas: use unsigned type for reply_queue_head and check index (Prasad J Pandit)  [Orabug: 31414338]  {CVE-2020-13362}
  - memory: Revert "memory: accept mismatching sizes in memory_region_access_valid" (Michael S. Tsirkin)  [Orabug: 31439736] [Orabug: 31452202]  {CVE-2020-13754} {CVE-2020-13791}

• Wed Jul 22 2020 Karl Heubaum <karl.heubaum@oracle.com> - 15:4.1.1-3.el7

  - buildrpm/spec files: Don't package elf2dmp (Karl Heubaum)  [Orabug: 31657424] 
  - qemu-kvm.spec: Enable the block-curl package (Karl Heubaum)  [Orabug: 31657424] 
  - qemu.spec: enable have_curl in spec (Dongli Zhang)  [Orabug: 31657424]

• Wed Jun 10 2020 Karl Heubaum <karl.heubaum@oracle.com> - 15:4.1.1-2.el7

  - Document CVE-2020-13765 as fixed (Karl Heubaum)  [Orabug: 31463250]  {CVE-2020-13765}
  - kvm: Reallocate dirty_bmap when we change a slot (Dr. David Alan Gilbert)  [Orabug: 31076399] 
  - kvm: split too big memory section on several memslots (Igor Mammedov)  [Orabug: 31076399] 
  - target/i386: do not set unsupported VMX secondary execution controls (Vitaly Kuznetsov)  [Orabug: 31463710] 
  - target/i386: add VMX definitions (Paolo Bonzini)  [Orabug: 31463710] 
  - ati-vga: check mm_index before recursive call (CVE-2020-13800) (Prasad J Pandit)  [Orabug: 31452206]  {CVE-2020-13800}
  - es1370: check total frame count against current frame (Prasad J Pandit)  [Orabug: 31463235]  {CVE-2020-13361}
  - ati-vga: Fix checks in ati_2d_blt() to avoid crash (BALATON Zoltan)  [Orabug: 31238432]  {CVE-2020-11869}
  - libslirp: Update to stable-4.2 to fix CVE-2020-1983 (Karl Heubaum)  [Orabug: 31241227]  {CVE-2020-1983}
  - Document CVEs as fixed (Karl Heubaum)   {CVE-2019-12068} {CVE-2019-15034}
  - libslirp: Update to version 4.2.0 to fix CVEs (Karl Heubaum)  [Orabug: 30274592] [Orabug: 30869830]  {CVE-2019-15890} {CVE-2020-8608}
  - target/i386: add support for MSR_IA32_TSX_CTRL (Paolo Bonzini)  [Orabug: 31124041] 
  - qemu-img: Add --target-is-zero to convert (David Edmondson)  
  - vnc: fix memory leak when vnc disconnect (Li Qiang)  [Orabug: 30996427]  {CVE-2019-20382}
  - iscsi: Cap block count from GET LBA STATUS (CVE-2020-1711) (Felipe Franciosi)  [Orabug: 31124035]  {CVE-2020-1711}
  - qemu.spec: Remove "BuildRequires: kernel" (Karl Heubaum)  [Orabug: 31124047]

• Thu Jan 16 2020 Karl Heubaum <karl.heubaum@oracle.com> - 15:4.1.1-1.el7

  - qemu-submodule-init: Add Git submodule init script