-
Fri Feb 25 2022 Jon Maloy <jmaloy@redhat.com> - 1.5.3-175.el7_9.6
- kvm-rbd-avoid-qemu_rbd_snap_list-memory-leaks.patch [bz#2056725]
- Resolves: bz#2056725
(qemu-kvm leaks on qemu_rbd_snap_list)
-
Fri Nov 12 2021 Jon Maloy <jmaloy@redhat.com> - 1.5.3-175.el7_9.5
- kvm-dma-helpers-Initialize-DMAAIOCB-in_cancel-flag.patch [bz#2007036]
- Resolves: bz#2007036
(Memory leak when using dma_read/write with virtio-scsi)
-
Fri May 07 2021 Jon Maloy <jmaloy@redhat.com> - 1.5.3-175.el7_9.4
- kvm-ide-atapi-check-logical-block-address-and-read-size-.patch [bz#1917449]
- Resolves: bz#1917449
(CVE-2020-29443 qemu-kvm: QEMU: ide: atapi: OOB access while processing read commands [rhel-7.9.z])
-
Tue Jan 05 2021 Jon Maloy <jmaloy@redhat.com> - 1.5.3-175.el7_9.3
- kvm-Suppress-prototype-warning-for-nss-headers.patch [bz#1884997]
- Resolves: bz#1884997
(qemu-kvm FTBFS on rhel7.9)
-
Tue Nov 17 2020 Jon Maloy <jmaloy@redhat.com> - 1.5.3-175.el7_9.2
- kvm-hw-net-vmxnet_tx_pkt-fix-assertion-failure-in-vmxnet.patch [bz#1860960]
- kvm-hw-core-loader-Fix-possible-crash-in-rom_copy.patch [bz#1842923]
- Resolves: bz#1842923
(CVE-2020-13765 qemu-kvm: QEMU: loader: OOB access while loading registered ROM may lead to code execution [rhel-7.9.z])
- Resolves: bz#1860960
(CVE-2020-16092 qemu-kvm: QEMU: reachable assertion failure in net_tx_pkt_add_raw_fragment() in hw/net/net_tx_pkt.c [rhel-7.9.z])
-
Tue Sep 08 2020 Jon Maloy <jmaloy@redhat.com> - 1.5.3-175.el7_9.1
- Fixing release number for z-stream
-
Tue Sep 08 2020 Jon Maloy <jmaloy@redhat.com> - 1.5.3-175.el7
- kvm-Fix-use-afte-free-in-ip_reass-CVE-2020-1983.patch [bz#1837565]
- kvm-usb-check-RNDIS-message-length.patch [bz#1869693]
- kvm-usb-fix-setup_len-init-CVE-2020-14364.patch [bz#1869693]
- Resolves: bz#1837565
(CVE-2020-1983 qemu-kvm: QEMU: slirp: use-after-free in ip_reass() function in ip_input.c [rhel-7])
- Resolves: bz#1869693
(CVE-2020-14364 qemu-kvm: QEMU: usb: out-of-bounds r/w access issue while processing usb packets [rhel-7.9.z])
-
Mon Jun 01 2020 Jon Maloy <jmaloy@redhat.com> - 1.5.3-175.el7
- kvm-vnc-fix-memory-leak-when-vnc-disconnect.patch [bz#1810408]
- Resolves: bz#1810408
(CVE-2019-20382 qemu-kvm: QEMU: vnc: memory leakage upon disconnect [rhel-7])
-
Thu Mar 19 2020 Miroslav Rezanina <mrezanin@redhat.com> - 1.5.3-174.el7
- kvm-util-add-slirp_fmt-helpers2.patch [bz#1800515]
- kvm-tcp_emu-fix-unsafe-snprintf-usages2.patch [bz#1800515]
- kvm-slirp-disable-tcp_emu.patch [bz#1791679]
- kvm-gluster-Handle-changed-glfs_ftruncate-signature.patch [bz#1802215]
- kvm-gluster-the-glfs_io_cbk-callback-function-pointer-ad.patch [bz#1802215]
- kvm-seccomp-set-the-seccomp-filter-to-all-threads.patch [bz#1618503]
- Resolves: bz#1618503
(qemu-kvm: Qemu: seccomp: blacklist is not applied to all threads [rhel-7])
- Resolves: bz#1791679
(QEMU: Slirp: disable emulation of tcp programs like ftp IRC etc. [rhel-7])
- Resolves: bz#1800515
(CVE-2020-8608 qemu-kvm: QEMU: Slirp: potential OOB access due to unsafe snprintf() usages [rhel-7.9])
- Resolves: bz#1802215
(Add support for newer glusterfs)
-
Thu Jan 23 2020 Miroslav Rezanina <mrezanin@redhat.com> - 1.5.3-173.el7
- kvm-tcp_emu-Fix-oob-access.patch [bz#1791560]
- kvm-slirp-use-correct-size-while-emulating-IRC-commands.patch [bz#1791560]
- kvm-slirp-use-correct-size-while-emulating-commands.patch [bz#1791560]
- Resolves: bz#1791560
(CVE-2020-7039 qemu-kvm: QEMU: slirp: OOB buffer access while emulating tcp protocols in tcp_emu() [rhel-7.8])