Adding patchinfo patchinfo.20241016134533856494.269002615871826

patchinfo.20241016134533856494.269002615871826/_patchinfo

@@ -0,0 +1,55 @@
+<patchinfo>
+  <!-- generated from request(s) 348619 -->
+  <issue tracker="bnc" id="1224132">VUL-0: CVE-2024-4693: qemu: virtio-pci: improper release of configure vector leads to guest triggerable crash</issue>
+  <issue tracker="bnc" id="1229007">VUL-0: CVE-2024-7409: qemu: denial of service via improper synchronization in QEMU NBD Server during socket closure</issue>
+  <issue tracker="bnc" id="1229929">slem6.1, ppc64le only, zypper ref command gets return code 139 after registering the system</issue>
+  <issue tracker="bnc" id="1230140">QEMU is missing fix for ppc64 emulation, causing corruption in userspace</issue>
+  <issue tracker="bnc" id="1230834">VUL-0: CVE-2024-8354: kvm,qemu: usb: assertion failure in usb_ep_get()</issue>
+  <issue tracker="bnc" id="1230915">VUL-0: CVE-2024-8612: qemu: qemu-kvm: information leak in virtio devices</issue>
+  <issue tracker="bnc" id="1231519">[sles15sp7][27.1]KVM_SET_USER_MEMORY_REGION Failure During SLES VM Installation on AArch64 Using Virt-Install</issue>
+  <issue tracker="cve" id="2024-4693"/>
+  <issue tracker="cve" id="2024-7409"/>
+  <issue tracker="cve" id="2024-8354"/>
+  <issue tracker="cve" id="2024-8612"/>
+  <packager>dfaggioli</packager>
+  <rating>important</rating>
+  <category>security</category>
+  <summary>Security update for qemu</summary>
+  <description>This update for qemu fixes the following issues:
+
+- Bugfixes and CVEs:
+  * hw/usb/hcd-ohci: Fix #1510, #303: pid not IN or OUT (bsc#1230834, CVE-2024-8354)
+  * softmmu: Support concurrent bounce buffers (bsc#1230915, CVE-2024-8612)
+  * system/physmem: Per-AddressSpace bounce buffering (bsc#1230915, CVE-2024-8612)
+  * system/physmem: Propagate AddressSpace to MapClient helpers (bsc#1230915, CVE-2024-8612)
+  * system/physmem: Replace qemu_mutex_lock() calls with QEMU_LOCK_GUARD (bsc#1230915, CVE-2024-8612)
+
+- Update version to 8.2.7
+  * Full changelog here:
+     https://lore.kernel.org/qemu-devel/d9ff276f-f1ba-4e90-8343-a7a0dc2bf305@tls.msk.ru/
+  * Fixes:
+     bsc#1229007, CVE-2024-7409
+     bsc#1224132, CVE-2024-4693
+  * Some backports:
+     gitlab: fix logic for changing docker tag on stable branches
+     ui/sdl2: set swap interval explicitly when OpenGL is enabled
+     hw/intc/arm_gic: fix spurious level triggered interrupts
+     hw/audio/virtio-sound: fix heap buffer overflow
+     tests/docker: update debian i686 and mipsel images to bookworm
+     tests/docker: remove debian-armel-cross
+     hw/display/vhost-user-gpu.c: fix vhost_user_gpu_chr_read()
+     crypto: check gnutls &amp; gcrypt support the requested pbkdf hash
+     crypto: run qcrypto_pbkdf2_count_iters in a new thread
+     softmmu/physmem: fix memory leak in dirty_memory_extend()
+     target/ppc: Fix migration of CPUs with TLB_EMB TLB type
+     gitlab: migrate the s390x custom machine to 22.04
+     target/hppa: Fix PSW V-bit packaging in cpu_hppa_get for hppa64
+     hw/audio/virtio-snd: fix invalid param check
+     virtio-pci: Fix the use of an uninitialized irqfd
+- Fix bsc#1231519:
+  * accel/kvm: check for KVM_CAP_READONLY_MEM on VM (bsc#1231519)
+</description>
+  <package>qemu</package>
+  <package>qemu:qemu-linux-user</package>
+  <seperate_build_arch/>
+</patchinfo>