[El-errata] ELSA-2012-0050 Important: Oracle Linux 6 qemu-kvm security, bug fix, and enhancement update
Errata Announcements for Oracle Linux
el-errata at oss.oracle.com
Mon Jan 23 16:32:18 PST 2012
Oracle Linux Security Advisory ELSA-2012-0050
https://rhn.redhat.com/errata/RHSA-2012-0050.html
The following updated rpms for Oracle Linux 6 have been uploaded to the
Unbreakable Linux Network:
x86_64:
qemu-img-0.12.1.2-2.209.el6_2.4.x86_64.rpm
qemu-kvm-0.12.1.2-2.209.el6_2.4.x86_64.rpm
qemu-kvm-tools-0.12.1.2-2.209.el6_2.4.x86_64.rpm
SRPMS:
http://oss.oracle.com/ol6/SRPMS-updates/qemu-kvm-0.12.1.2-2.209.el6_2.4.src.rpm
Description of changes:
[qemu-kvm-0.12.1.2-2.209.el6_2.4]
- kvm-e1000-prevent-buffer-overflow-when-processing-legacy.patch [bz#772081]
- Resolves: bz#772081
(EMBARGOED CVE-2012-0029 qemu-kvm: e1000: process_tx_desc legacy mode
packets heap overflow [rhel-6.2.z])
[qemu-kvm-0.12.1.2-2.209.el6_2.3]
- kvm-Revert-virtio-blk-refuse-SG_IO-requests-with-scsi-of.patch [for
bz#767721]
- kvm-virtio-blk-refuse-SG_IO-requests-with-scsi-off-v2.patch [bz#767721]
- CVE: CVE-2011-4127
- Resolves: bz#767721
(qemu-kvm: virtio-blk: refuse SG_IO requests with scsi=off
(CVE-2011-4127 mitigation) [rhel-6.2.z])
[qemu-kvm-0.12.1.2-2.209.el6_2.2]
- kvm-virtio-blk-refuse-SG_IO-requests-with-scsi-off.patch [bz#752375]
- CVE: CVE-2011-4127
- Resolves: bz#767721
(EMBARGOED qemu-kvm: virtio-blk: refuse SG_IO requests with scsi=off
(CVE-2011-4127 mitigation) [rhel-6.3])
- Resolves: bz#767906
(qemu-kvm should be built with full relro and PIE support)
More information about the El-errata
mailing list