[El-errata] ELSA-2015-1507 Important: Oracle Linux 7 qemu-kvm security and bug fix update

Errata Announcements for Oracle Linux el-errata at oss.oracle.com
Mon Jul 27 11:16:47 PDT 2015


Oracle Linux Security Advisory ELSA-2015-1507

http://linux.oracle.com/errata/ELSA-2015-1507.html

The following updated rpms for Oracle Linux 7 have been uploaded to the 
Unbreakable Linux Network:

x86_64:
libcacard-1.5.3-86.el7_1.5.i686.rpm
libcacard-1.5.3-86.el7_1.5.x86_64.rpm
libcacard-devel-1.5.3-86.el7_1.5.i686.rpm
libcacard-devel-1.5.3-86.el7_1.5.x86_64.rpm
libcacard-tools-1.5.3-86.el7_1.5.x86_64.rpm
qemu-img-1.5.3-86.el7_1.5.x86_64.rpm
qemu-kvm-1.5.3-86.el7_1.5.x86_64.rpm
qemu-kvm-common-1.5.3-86.el7_1.5.x86_64.rpm
qemu-kvm-tools-1.5.3-86.el7_1.5.x86_64.rpm


SRPMS:
http://oss.oracle.com/ol7/SRPMS-updates/qemu-kvm-1.5.3-86.el7_1.5.src.rpm



Description of changes:

[1.5.3-86.el7_1.5]
- kvm-i8254-fix-out-of-bounds-memory-access-in-pit_ioport_.patch 
[bz#1243726]
- Resolves: bz#1243726
   (CVE-2015-3214 qemu-kvm: qemu: i8254: out-of-bounds memory access in 
pit_ioport_read function [rhel-7.1.z])

[1.5.3-86.el7_1.4]
- kvm-ide-Check-array-bounds-before-writing-to-io_buffer-C.patch 
[bz#1243689]
- kvm-ide-atapi-Fix-START-STOP-UNIT-command-completion.patch [bz#1243689]
- kvm-ide-Clear-DRQ-after-handling-all-expected-accesses.patch [bz#1243689]
- Resolves: bz#1243689
   (EMBARGOED CVE-2015-5154 qemu-kvm: qemu: ide: atapi: heap overflow 
during I/O buffer memory access [rhel-7.1.z])

[1.5.3-86.el7_1.3]
- kvm-atomics-add-explicit-compiler-fence-in-__atomic-memo.patch 
[bz#1233643]
- Resolves: bz#1233643
   ([abrt] qemu-kvm: bdrv_error_action(): qemu-kvm killed by SIGABRT)





More information about the El-errata mailing list