Accepting request 505145 from home:bfrogers:branches:Virtualization

Latest security fixes, a fix to a security fix, and a tweak to how we select the compiler where size is critical. Also found we need --no-renames for git format-patch as we do our git patch workflow. OBS-URL: https://build.opensuse.org/request/show/505145 OBS-URL: https://build.opensuse.org/package/show/Virtualization/qemu?expand=0&rev=345
2017-06-21 01:27:18 +00:00
parent d95d559950
commit 4849ea9f14
15 changed files with 622 additions and 1 deletions
--- a/qemu.changes
+++ b/qemu.changes
@@ -1,3 +1,26 @@
+-------------------------------------------------------------------
+Tue Jun 20 14:14:14 UTC 2017 - brogers@suse.com
+
+- Use most recent compiler to build size-critical firmware, instead
+  of hard-coding gcc6 for all target versions (bsc#1043390)
+* A few upstream ipxe patches were needed for gcc7 compatibility:
+  ipxe-ath-Add-missing-break-statements.patch
+  ipxe-mucurses-Fix-erroneous-__nonnull-attribute.patch
+- Add --no-renames to the git format-patch command in the git
+  workflow script for better patch compatibility
+- Address various security/stability issues
+* Fix potential privilege escalation in virtfs (CVE-2016-9602
+  bsc#1020427)
+  0060-9pfs-local-fix-unlink-of-alien-file.patch
+* Fix DOS in megasas device emulation (CVE-2017-9503 bsc#1043296)
+  0061-megasas-do-not-read-DCMD-opcode-mor.patch
+  0062-megasas-always-store-SCSIRequest-in.patch
+* Fix DOS in qemu-nbd server (CVE-2017-9524 bsc#1043808)
+  0063-nbd-Fully-initialize-client-in-case.patch
+* Fix regression introduced by recent virtfs security fixes (bsc#1045035)
+  0064-9pfs-local-remove-use-correct-path-.patch
+- Patch queue updated from git://github.com/openSUSE/qemu.git opensuse-2.9
+
 -------------------------------------------------------------------
 Tue Jun  6 21:21:53 UTC 2017 - lyan@suse.com