Accepting request 441247 from home:bfrogers:branches:Virtualization
Refine the reproducible build changes to no longer override linux commands, but rather fix via patches only. Also fix all the recent security issues reported. OBS-URL: https://build.opensuse.org/request/show/441247 OBS-URL: https://build.opensuse.org/package/show/Virtualization/qemu?expand=0&rev=320
This commit is contained in:
Andreas Färber
committed by
Git OBS Bridge
Git OBS Bridge
parent
2e9c4a4658
commit
f036a54ad6
78
qemu.changes
78
qemu.changes
@@ -1,3 +1,81 @@
|
||||
-------------------------------------------------------------------
|
||||
Sat Nov 19 15:24:03 UTC 2016 - brogers@suse.com
|
||||
|
||||
- Refine the approach to producing stable builds in our ROM based
|
||||
packages. All built roms which have hostname or date calls now
|
||||
produce consistent results build to build via patch changes, so
|
||||
remove the hostname and date call workarounds. (bsc#1011213)
|
||||
- Patch queue updated from git://github.com/openSUSE/qemu.git opensuse-2.7
|
||||
* Patches added:
|
||||
0069-roms-Makefile-pass-a-packaging-time.patch
|
||||
sgabios-stable-buildid.patch
|
||||
|
||||
-------------------------------------------------------------------
|
||||
Sat Nov 19 15:15:03 UTC 2016 - brogers@suse.com
|
||||
|
||||
- Re-enable ceph (rbd) functionality in OBS builds as we've been told
|
||||
the issues which prompted us to disable it are resolved
|
||||
|
||||
- Address various security/stability issues
|
||||
* Fix OOB access in VMware SVGA emulation (CVE-2016-7170 bsc#998516)
|
||||
0041-vmsvga-correct-bitmap-and-pixmap-si.patch
|
||||
* Fix DOS in LSI SAS1068 emulation (CVE-2016-7157 bsc#997860)
|
||||
0042-scsi-mptconfig-fix-an-assert-expres.patch
|
||||
0043-scsi-mptconfig-fix-misuse-of-MPTSAS.patch
|
||||
* Fix DOS in Vmware pv scsi interface (CVE-2016-7156 bsc#997859)
|
||||
0044-scsi-pvscsi-limit-loop-to-fetch-SG-.patch
|
||||
* Fix DOS in USB xHCI emulation (CVE-2016-7466 bsc#1000345)
|
||||
0045-usb-xhci-fix-memory-leak-in-usb_xhc.patch
|
||||
* Fix OOB access in LSI SAS1068 emulation (CVE-2016-7423 bsc#1000397)
|
||||
0046-scsi-mptsas-use-g_new0-to-allocate-.patch
|
||||
* Fix DOS in Vmware pv scsi interface (CVE-2016-7421 bsc#999661)
|
||||
0047-scsi-pvscsi-limit-process-IO-loop-t.patch
|
||||
* Fix NULL pointer dereference in virtio processing
|
||||
(CVE-2016-7422 bsc#1000346)
|
||||
0048-virtio-add-check-for-descriptor-s-m.patch
|
||||
* Fix DOS in ColdFire Fast Ethernet Controller emulation
|
||||
(CVE-2016-7908 bsc#1002550)
|
||||
0049-net-mcf-limit-buffer-descriptor-cou.patch
|
||||
* Fix DOS in USB EHCI emulation (CVE-2016-7995 bsc#1003612)
|
||||
0050-usb-ehci-fix-memory-leak-in-ehci_pr.patch
|
||||
* Fix DOS in USB xHCI emulation (CVE-2016-8576 bsc#1003878)
|
||||
0051-xhci-limit-the-number-of-link-trbs-.patch
|
||||
* Fix DOS in virtio-9pfs (CVE-2016-8578 bsc#1003894)
|
||||
0052-9pfs-allocate-space-for-guest-origi.patch
|
||||
* Fix DOS in virtio-9pfs (CVE-2016-9105 bsc#1007494)
|
||||
0053-9pfs-fix-memory-leak-in-v9fs_link.patch
|
||||
* Fix DOS in virtio-9pfs (CVE-2016-8577 bsc#1003893)
|
||||
0054-9pfs-fix-potential-host-memory-leak.patch
|
||||
* Plug data leak in virtio-9pfs interface (CVE-2016-9103 bsc#1007454)
|
||||
0055-9pfs-fix-information-leak-in-xattr-.patch
|
||||
* Fix DOS in virtio-9pfs interface (CVE-2016-9102 bsc#1007450)
|
||||
0056-9pfs-fix-memory-leak-in-v9fs_xattrc.patch
|
||||
* Fix DOS in virtio-9pfs (CVE-2016-9106 bsc#1007495)
|
||||
0057-9pfs-fix-memory-leak-in-v9fs_write.patch
|
||||
* Fix DOS in 16550A UART emulation (CVE-2016-8669 bsc#1004707)
|
||||
0058-char-serial-check-divider-value-aga.patch
|
||||
* Fix DOS in PC-Net II emulation (CVE-2016-7909 bsc#1002557)
|
||||
0059-net-pcnet-check-rx-tx-descriptor-ri.patch
|
||||
* Fix DOS in PRO100 emulation (CVE-2016-9101 bsc#1007391)
|
||||
0060-net-eepro100-fix-memory-leak-in-dev.patch
|
||||
* Fix OOB access in Rocker switch emulation (CVE-2016-8668 bsc#1004706)
|
||||
0061-net-rocker-set-limit-to-DMA-buffer-.patch
|
||||
* Plug data leak in vmxnet3 emulation (CVE-2016-6836 bsc#994760)
|
||||
0062-net-vmxnet-initialise-local-tx-desc.patch
|
||||
* Fix DOS in RTL8139 emulation (CVE-2016-8910 bsc#1006538)
|
||||
0063-net-rtl8139-limit-processing-of-rin.patch
|
||||
* Fix DOS in Intel HDA controller emulation (CVE-2016-8909 bsc#1006536)
|
||||
0064-audio-intel-hda-check-stream-entry-.patch
|
||||
* Fix DOS in virtio-gpu (CVE-2016-7994 bsc#1003613)
|
||||
0065-virtio-gpu-fix-memory-leak-in-virti.patch
|
||||
* Fix DOS in virtio-9pfs (CVE-2016-9104 bsc#1007493)
|
||||
0066-9pfs-fix-integer-overflow-issue-in-.patch
|
||||
* Fix DOS in JAZZ RC4030 emulation (CVE-2016-8667 bsc#1004702)
|
||||
0067-dma-rc4030-limit-interval-timer-rel.patch
|
||||
* Fix DOS in i.MX NIC emulation (CVE-2016-7907 bsc#1002549)
|
||||
0068-net-imx-limit-buffer-descriptor-cou.patch
|
||||
- Patch queue updated from git://github.com/openSUSE/qemu.git opensuse-2.7
|
||||
|
||||
-------------------------------------------------------------------
|
||||
Fri Nov 11 11:11:11 UTC 2016 - ohering@suse.de
|
||||
|
||||
|
||||
Reference in New Issue
Block a user