Accepting request 398983 from home:bfrogers:branches:Virtualization

Update to v2.6.0, including enabling a few more recent features. Also include a number of recent security fixes. OBS-URL: https://build.opensuse.org/request/show/398983 OBS-URL: https://build.opensuse.org/package/show/Virtualization/qemu?expand=0&rev=294
2016-05-31 21:05:30 +00:00
parent 758e7e2f1f
commit 1b4a71c4b8
61 changed files with 879 additions and 79 deletions
--- a/qemu-linux-user.changes
+++ b/qemu-linux-user.changes
@@ -1,3 +1,29 @@
+-------------------------------------------------------------------
+Thu May 26 16:23:33 UTC 2016 - brogers@suse.com
+
+- Address various security/stability issues
+* Patch queue updated from git://github.com/openSUSE/qemu.git opensuse-2.6
+* Fix OOB access in MIPSnet emulated controller CVE-2016-4002 (bsc#975136)
+  0042-net-mipsnet-check-packet-length-aga.patch
+* Fix possible host data leakage to guest from TPR access
+  CVE-2016-4020 (bsc#975700)
+  0043-i386-kvmvapic-initialise-imm32-vari.patch
+* Avoid OOB access in 53C9X emulation CVE-2016-4439 (bsc#980711)
+  0044-esp-check-command-buffer-length-bef.patch
+* Avoid OOB access in 53C9X emulation CVE-2016-4441 (bsc#980723)
+  0045-esp-check-dma-length-before-reading.patch
+* Avoid OOB access in Vmware PV SCSI emulation CVE-2016-4952 (bsc#981266)
+  0046-scsi-pvscsi-check-command-descripto.patch
+* Avoid potential DoS in LSI SAS1068 emulation CVE-2016-4964 (bsc#981399)
+  0047-scsi-mptsas-infinite-loop-while-fet.patch
+* Fix regression in vga behavior - introduced in v2.6.0 CVE-2016-3712 (bsc#978160)
+  0048-vga-add-sr_vbe-register-set.patch
+
+-------------------------------------------------------------------
+Wed May 25 21:42:12 UTC 2016 - brogers@suse.com
+
+- Update to v2.6.0: See http://wiki.qemu-project.org/ChangeLog/2.6
+
 -------------------------------------------------------------------
 Thu Apr 28 15:21:54 UTC 2016 - afaerber@suse.de