-
Thu Sep 05 2024 Miroslav Rezanina <mrezanin@redhat.com> - 6.2.0-53.el8
- kvm-nbd-server-Favor-qemu_aio_context-over-iohandler-con.patch [RHEL-52611]
- kvm-iotests-test-NBD-TLS-iothread.patch [RHEL-52611]
- kvm-nbd-server-CVE-2024-7409-Avoid-use-after-free-when-c.patch [RHEL-52611]
- Resolves: RHEL-52611
(CVE-2024-7409 virt:rhel/qemu-kvm: Denial of Service via Improper Synchronization in QEMU NBD Server During Socket Closure [rhel-8.10.z])
-
Wed Aug 21 2024 Miroslav Rezanina <mrezanin@redhat.com> - 6.2.0-52.el8
- kvm-nbd-server-Plumb-in-new-args-to-nbd_client_add.patch [RHEL-52611]
- kvm-nbd-server-CVE-2024-7409-Cap-default-max-connections.patch [RHEL-52611]
- kvm-nbd-server-CVE-2024-7409-Drop-non-negotiating-client.patch [RHEL-52611]
- kvm-nbd-server-CVE-2024-7409-Close-stray-clients-at-serv.patch [RHEL-52611]
- kvm-vnc-increase-max-display-size.patch [RHEL-50854]
- Resolves: RHEL-52611
(CVE-2024-7409 virt:rhel/qemu-kvm: Denial of Service via Improper Synchronization in QEMU NBD Server During Socket Closure [rhel-8.10.z])
- Resolves: RHEL-50854
(vnc: increase max display size to 4K)
-
Mon Jul 29 2024 Miroslav Rezanina <mrezanin@redhat.com> - 6.2.0-51.el8
- kvm-virtio-gpu-free-BHs-by-implementing-unrealize.patch [RHEL-32276]
- kvm-virtio-gpu-reset-gfx-resources-in-main-thread.patch [RHEL-32276]
- kvm-hw-virtio-Introduce-virtio_bh_new_guarded-helper.patch [RHEL-32276]
- kvm-hw-display-virtio-gpu-Protect-from-DMA-re-entrancy-b.patch [RHEL-32276]
- kvm-hw-char-virtio-serial-bus-Protect-from-DMA-re-entran.patch [RHEL-32276]
- kvm-hw-virtio-virtio-crypto-Protect-from-DMA-re-entrancy.patch [RHEL-32276]
- Resolves: RHEL-32276
(CVE-2024-3446 virt:rhel/qemu-kvm: QEMU: virtio: DMA reentrancy issue leads to double free vulnerability [rhel-8])
-
Thu Jul 04 2024 Miroslav Rezanina <mrezanin@redhat.com> - 6.2.0-50
- kvm-qcow2-Don-t-open-data_file-with-BDRV_O_NO_IO.patch [RHEL-35616]
- kvm-iotests-244-Don-t-store-data-file-with-protocol-in-i.patch [RHEL-35616]
- kvm-iotests-270-Don-t-store-data-file-with-json-prefix-i.patch [RHEL-35616]
- kvm-block-introduce-bdrv_open_file_child-helper.patch [RHEL-35616]
- kvm-block-Parse-filenames-only-when-explicitly-requested.patch [RHEL-35616]
- Resolves: RHEL-35616
(CVE-2024-4467 virt:rhel/qemu-kvm: QEMU: 'qemu-img info' leads to host file read/write [rhel-8.10.z])
-
Thu Mar 14 2024 Jon Maloy <jmaloy@redhat.com> - 6.2.0-49
- kvm-glib-compat-Introduce-g_memdup2-wrapper.patch [RHEL-19628]
- kvm-ui-clipboard-mark-type-as-not-available-when-there-i.patch [RHEL-19628]
- kvm-virtio-net-correctly-copy-vnet-header-when-flushing-.patch [RHEL-19496]
- Resolves: RHEL-19628
(CVE-2023-6683 virt:rhel/qemu-kvm: QEMU: VNC: NULL pointer dereference in qemu_clipboard_request() [rhel-8])
- Resolves: RHEL-19496
(CVE-2023-6693 virt:rhel/qemu-kvm: QEMU: virtio-net: stack buffer overflow in virtio_net_flush_tx() [rhel-8])
-
Mon Feb 26 2024 Miroslav Rezanina <mrezanin@redhat.com> - 6.2.0-48
- kvm-iotests-add-filter_qmp_generated_node_ids.patch [RHEL-7353]
- kvm-iotests-port-141-to-Python-for-reliable-QMP-testing.patch [RHEL-7353]
- kvm-monitor-only-run-coroutine-commands-in-qemu_aio_cont.patch [RHEL-7353]
- kvm-iotests-Make-144-deterministic-again.patch [RHEL-7353]
- Resolves: RHEL-7353
([qemu-kvm] no response with QMP command device_add when repeatedly hotplug/unplug virtio disks [RHEL-8])
-
Sat Feb 03 2024 Jon Maloy <jmaloy@redhat.com> - 6.2.0-47
- kvm-s390x-pci-avoid-double-enable-disable-of-aif.patch [RHEL-22411]
- kvm-s390x-pci-refresh-fh-before-disabling-aif.patch [RHEL-22411]
- kvm-s390x-pci-drive-ISM-reset-from-subsystem-reset.patch [RHEL-22411]
- Resolves: RHEL-22411
([s390x] VM fails to start with ISM passed through)
-
Wed Jan 17 2024 Jon Maloy <jmaloy@redhat.com> - 6.2.0-46
- kvm-MAINTAINERS-split-out-s390x-sections.patch [RHEL-18214]
- kvm-s390x-pv-remove-semicolon-from-macro-definition.patch [RHEL-18214]
- kvm-hw-s390x-pv-Restrict-Protected-Virtualization-to-sys.patch [RHEL-18214]
- kvm-hw-s390x-Move-KVM-specific-PV-from-hw-to-target-s390.patch [RHEL-18214]
- kvm-target-s390x-kvm-pv-Provide-some-more-useful-informa.patch [RHEL-18214]
- Resolves: RHEL-18214
([RHEL8][Secure-execution][s390x] The error message is not clear when boot up a SE guest with wrong encryption)
-
Thu Jan 04 2024 Jon Maloy <jmaloy@redhat.com> - 6.2.0-45
- kvm-acpi-fix-acpi_index-migration.patch [RHEL-20189]
- kvm-RHEL-Enable-x-not-migrate-acpi-index-for-all-pre-RHE.patch [RHEL-20189]
- kvm-hw-arm-virt-Do-not-load-efi-virtio.rom-for-all-virti.patch [RHEL-14870]
- Resolves: RHEL-20189
([RHEL.8.10.0]Failed to migrate guest with pc (i440x) between RHELAV 8.4.0 and RHEL 8.10.0)
- Resolves: RHEL-14870
([rhel8]ipxe-roms-qemu does not provide efi-virtio.rom)
-
Wed Dec 13 2023 Jon Maloy <jmaloy@redhat.com> - 6.2.0-44
- kvm-hw-ide-reset-cancel-async-DMA-operation-before-reset.patch [RHEL-15437]
- kvm-tests-qtest-ahci-test-add-test-exposing-reset-issue-.patch [RHEL-15437]
- Resolves: RHEL-15437
(CVE-2023-5088 virt:rhel/qemu-kvm: QEMU: improper IDE controller reset can lead to MBR overwrite [rhel-8])