-
Mon Jun 01 2020 Jon Maloy <jmaloy@redhat.com> - 1.5.3-175.el7
- kvm-vnc-fix-memory-leak-when-vnc-disconnect.patch [bz#1810408]
- Resolves: bz#1810408
(CVE-2019-20382 qemu-kvm: QEMU: vnc: memory leakage upon disconnect [rhel-7])
-
Thu Mar 19 2020 Miroslav Rezanina <mrezanin@redhat.com> - 1.5.3-174.el7
- kvm-util-add-slirp_fmt-helpers2.patch [bz#1800515]
- kvm-tcp_emu-fix-unsafe-snprintf-usages2.patch [bz#1800515]
- kvm-slirp-disable-tcp_emu.patch [bz#1791679]
- kvm-gluster-Handle-changed-glfs_ftruncate-signature.patch [bz#1802215]
- kvm-gluster-the-glfs_io_cbk-callback-function-pointer-ad.patch [bz#1802215]
- kvm-seccomp-set-the-seccomp-filter-to-all-threads.patch [bz#1618503]
- Resolves: bz#1618503
(qemu-kvm: Qemu: seccomp: blacklist is not applied to all threads [rhel-7])
- Resolves: bz#1791679
(QEMU: Slirp: disable emulation of tcp programs like ftp IRC etc. [rhel-7])
- Resolves: bz#1800515
(CVE-2020-8608 qemu-kvm: QEMU: Slirp: potential OOB access due to unsafe snprintf() usages [rhel-7.9])
- Resolves: bz#1802215
(Add support for newer glusterfs)
-
Thu Jan 23 2020 Miroslav Rezanina <mrezanin@redhat.com> - 1.5.3-173.el7
- kvm-tcp_emu-Fix-oob-access.patch [bz#1791560]
- kvm-slirp-use-correct-size-while-emulating-IRC-commands.patch [bz#1791560]
- kvm-slirp-use-correct-size-while-emulating-commands.patch [bz#1791560]
- Resolves: bz#1791560
(CVE-2020-7039 qemu-kvm: QEMU: slirp: OOB buffer access while emulating tcp protocols in tcp_emu() [rhel-7.8])
-
Thu Dec 05 2019 Miroslav Rezanina <mrezanin@redhat.com> - 1.5.3-172.el7
- kvm-target-i386-Export-TAA_NO-bit-to-guests.patch [bz#1771961]
- kvm-target-i386-add-support-for-MSR_IA32_TSX_CTRL.patch [bz#1771961]
- Resolves: bz#1771961
(CVE-2019-11135 qemu-kvm: hw: TSX Transaction Asynchronous Abort (TAA) [rhel-7.8])
-
Tue Oct 15 2019 Miroslav Rezanina <mrezanin@redhat.com> - 1.5.3-171.el7
- kvm-i386-Add-new-model-of-Cascadelake-Server.patch [bz#1638471]
- kvm-i386-Disable-OSPKE-on-Cascadelake-Server.patch [bz#1638471]
- kvm-i386-remove-the-INTEL_PT-CPUID-bit-from-Cascadelake-.patch [bz#1638471]
- kvm-Add-missing-brackets-to-CPUID-0x80000008-code.patch [bz#1760607]
- Resolves: bz#1638471
([Intel 7.8 Feat] qemu-kvm Introduce Cascade Lake (CLX) cpu model)
- Resolves: bz#1760607
(Corrupted EAX values due to missing brackets at CPUID[0x800000008] code)
-
Wed Oct 02 2019 Miroslav Rezanina <mrezanin@redhat.com> - 1.5.3-170.el7
- kvm-Using-ip_deq-after-m_free-might-read-pointers-from-a.patch [bz#1749735]
- kvm-target-i386-Merge-feature-filtering-checking-functio.patch [bz#1709971]
- kvm-target-i386-Isolate-KVM-specific-code-on-CPU-feature.patch [bz#1709971]
- kvm-i386-Add-new-MSR-indices-for-IA32_PRED_CMD-and-IA32_.patch [bz#1709971]
- kvm-i386-Add-CPUID-bit-and-feature-words-for-IA32_ARCH_C.patch [bz#1709971]
- kvm-Add-support-to-KVM_GET_MSR_FEATURE_INDEX_LIST-an.patch [bz#1709971]
- kvm-x86-Data-structure-changes-to-support-MSR-based-feat.patch [bz#1709971]
- kvm-x86-define-a-new-MSR-based-feature-word-FEATURE_WORD.patch [bz#1709971]
- kvm-Use-KVM_GET_MSR_INDEX_LIST-for-MSR_IA32_ARCH_CAP.patch [bz#1709971]
- kvm-i386-kvm-Disable-arch_capabilities-if-MSR-can-t-be-s.patch [bz#1709971]
- kvm-Remove-arch-capabilities-deprecation.patch [bz#1709971]
- kvm-target-i386-add-MDS-NO-feature.patch [bz#1714791]
- Resolves: bz#1709971
([Intel 7.8 Bug] [KVM][CLX] CPUID_7_0_EDX_ARCH_CAPABILITIES is not enabled in VM qemu-kvm)
- Resolves: bz#1714791
([Intel 7.8 FEAT] MDS_NO exposure to guest - qemu-kvm)
- Resolves: bz#1749735
(CVE-2019-15890 qemu-kvm: QEMU: Slirp: use-after-free during packet reassembly [rhel-7])
-
Wed Sep 04 2019 Miroslav Rezanina <mrezanin@redhat.com> - 1.5.3-169.el7
- kvm-target-i386-Support-invariant-tsc-flag.patch [bz#1626871]
- kvm-target-i386-block-migration-and-savevm-if-invariant-.patch [bz#1626871]
- kvm-i386-Don-t-copy-host-virtual-address-limit.patch [bz#1706658]
- Resolves: bz#1626871
([RFE] request for using TscInvariant feature with qemu-kvm.)
- Resolves: bz#1706658
([Intel 7.8 Bug] qemu-kvm fail with "err:kvm_init_vcpu() invalidate argumant" on ICX platform)
-
Tue Aug 20 2019 Miroslav Rezanina <mrezanin@redhat.com> - 1.5.3-168.el7
- kvm-qxl-check-release-info-object.patch [bz#1712703]
- kvm-bswap.h-Remove-cpu_to_be16wu.patch [bz#1270166]
- kvm-net-Transmit-zero-UDP-checksum-as-0xFFFF.patch [bz#1270166]
- kvm-Fix-heap-overflow-in-ip_reass-on-big-packet-input.patch [bz#1734749]
- Resolves: bz#1270166
(UDP packet checksum is not converted from 0x0000 to 0xffff with Qemu e1000 emulation.)
- Resolves: bz#1712703
(CVE-2019-12155 qemu-kvm: QEMU: qxl: null pointer dereference while releasing spice resources [rhel-7])
- Resolves: bz#1734749
(CVE-2019-14378 qemu-kvm: QEMU: slirp: heap buffer overflow during packet reassembly [rhel-7.8])
-
Wed Jun 12 2019 Miroslav Rezanina <mrezanin@redhat.com> - 1.5.3-167.el7
- Reverting kvm-seccomp-set-the-seccomp-filter-to-all-threads.patch [bz#1618503]
- Resolves: bz#1618503
(qemu-kvm: Qemu: seccomp: blacklist is not applied to all threads [rhel-7])
-
Wed Jun 05 2019 Miroslav Rezanina <mrezanin@redhat.com> - 1.5.3-166.el7
- kvm-seccomp-set-the-seccomp-filter-to-all-threads.patch [bz#1618503]
- Resolves: bz#1618503
(qemu-kvm: Qemu: seccomp: blacklist is not applied to all threads [rhel-7])