Accepting request 718651 from home:lyan:branches:Virtualization

security fixes OBS-URL: https://build.opensuse.org/request/show/718651 OBS-URL: https://build.opensuse.org/package/show/Virtualization/qemu?expand=0&rev=482
2019-07-25 21:18:09 +00:00
parent c631d28615
commit ea444bfb8a
9 changed files with 140 additions and 33 deletions
--- a/qemu.changes
+++ b/qemu.changes
@@ -1,3 +1,16 @@
+-------------------------------------------------------------------
+Thu Jul 25 20:51:23 UTC 2019 - Liang Yan <lyan@suse.com>
+
+- Security fix for null pointer dereference while releasing spice resources
+  (CVE-2019-12155, bsc#1135902)
+  0049-qxl-check-release-info-object.patch
+- Security fix for qemu-bridge-helper ACL can be bypassed when names are too long
+  (CVE-2019-13164, bsc#1140402)
+  0050-qemu-bridge-helper-restrict-interfa.patch
+- Replace patch 0043 with an upstream version
+  0043-target-i386-define-md-clear-bit.patch
+- Patch queue updated from git://github.com/openSUSE/qemu.git opensuse-4.0
+
 -------------------------------------------------------------------
 Tue Jun 11 09:47:44 UTC 2019 - Christian Goll <cgoll@suse.com>