- bsc#964947 - VUL-0: CVE-2015-5278: xen: Infinite loop in

ne2000_receive() function CVE-2015-5278-qemut-Infinite-loop-in-ne2000_receive-function.patch - bsc#956832 - VUL-0: CVE-2015-8345: xen: qemu: net: eepro100: infinite loop in processing command block list CVE-2015-8345-qemuu-eepro100-infinite-loop-fix.patch CVE-2015-8345-qemut-eepro100-infinite-loop-fix.patch - bsc#964644 - VUL-0: CVE-2013-4533: xen pxa2xx: buffer overrun on incoming migration CVE-2013-4533-qemut-pxa2xx-buffer-overrun-on-incoming-migration.patch - bsc#964925 - VUL-0: CVE-2014-0222: xen: qcow1: validate L2 table size to avoid integer overflows CVE-2014-0222-blktap-qcow1-validate-l2-table-size.patch - Dropped CVE-2014-0222-qemuu-qcow1-validate-l2-table-size.patch - bsc#964415 - VUL-1: CVE-2016-2198: xen: usb: ehci null pointer dereference in ehci_caps_write CVE-2016-2198-qemuu-usb-ehci-null-pointer-dereference-in-ehci_caps_write.patch OBS-URL: https://build.opensuse.org/package/show/Virtualization/xen?expand=0&rev=397
2016-02-03 21:39:15 +00:00
parent fbfd58d3a2
commit 9b39a3d650
8 changed files with 265 additions and 66 deletions
--- a/xen.spec
+++ b/xen.spec
@@ -15,6 +15,7 @@
 # Please submit bugfixes or comments via http://bugs.opensuse.org/
 #

+
 # needssslcertforbuild

 Name:           xen
@@ -252,7 +253,6 @@ Patch257:       0007-e1000-verify-we-have-buffers-upfront.patch
 Patch258:       0008-e1000-check-buffer-availability.patch
 Patch259:       CVE-2015-4037-qemuu-smb-config-dir-name.patch
 Patch260:       CVE-2015-4037-qemut-smb-config-dir-name.patch
-Patch261:       CVE-2014-0222-qemuu-qcow1-validate-l2-table-size.patch
 Patch262:       CVE-2014-0222-qemut-qcow1-validate-l2-table-size.patch
 Patch263:       CVE-2015-8345-qemuu-eepro100-infinite-loop-fix.patch
 Patch264:       CVE-2015-8345-qemut-eepro100-infinite-loop-fix.patch
@@ -278,6 +278,9 @@ Patch283:       CVE-2015-1779-qemuu-limit-size-of-HTTP-headers-from-websockets-c
 Patch284:       CVE-2013-4539-qemut-tsc210x-fix-buffer-overrun-on-invalid-state-load.patch
 Patch285:       CVE-2016-1981-qemuu-e1000-eliminate-infinite-loops-on-out-of-bounds-transfer.patch
 Patch286:       CVE-2016-1981-qemut-e1000-eliminate-infinite-loops-on-out-of-bounds-transfer.patch
+Patch287:       CVE-2016-2198-qemuu-usb-ehci-null-pointer-dereference-in-ehci_caps_write.patch
+Patch288:       CVE-2013-4533-qemut-pxa2xx-buffer-overrun-on-incoming-migration.patch
+Patch289:       CVE-2015-5278-qemut-Infinite-loop-in-ne2000_receive-function.patch
 # Our platform specific patches
 Patch321:       xen-destdir.patch
 Patch322:       vif-bridge-no-iptables.patch
@@ -332,6 +335,7 @@ Patch470:       qemu-xen-upstream-qdisk-cache-unsafe.patch
 Patch471:       qemu-xen-enable-spice-support.patch
 Patch472:       tigervnc-long-press.patch
 Patch473:       xendomains-libvirtd-conflict.patch
+Patch474:       CVE-2014-0222-blktap-qcow1-validate-l2-table-size.patch
 # Hypervisor and PV driver Patches
 Patch501:       x86-ioapic-ack-default.patch
 Patch502:       x86-cpufreq-report.patch
@@ -597,7 +601,6 @@ Authors:
 %patch258 -p1
 %patch259 -p1
 %patch260 -p1
-%patch261 -p1
 %patch262 -p1
 %patch263 -p1
 %patch264 -p1
@@ -623,6 +626,9 @@ Authors:
 %patch284 -p1
 %patch285 -p1
 %patch286 -p1
+%patch287 -p1
+%patch288 -p1
+%patch289 -p1
 # Our platform specific patches
 %patch321 -p1
 %patch322 -p1
@@ -677,6 +683,7 @@ Authors:
 %patch471 -p1
 %patch472 -p1
 %patch473 -p1
+%patch474 -p1
 # Hypervisor and PV driver Patches
 %patch501 -p1
 %patch502 -p1