[El-errata] ELSA-2016-0083 Important: Oracle Linux 7 qemu-kvm security and bug fix update

Thu Jan 28 12:37:01 PST 2016

Oracle Linux Security Advisory ELSA-2016-0083

http://linux.oracle.com/errata/ELSA-2016-0083.html

The following updated rpms for Oracle Linux 7 have been uploaded to the 
Unbreakable Linux Network:

x86_64:
libcacard-1.5.3-105.el7_2.3.i686.rpm
libcacard-1.5.3-105.el7_2.3.x86_64.rpm
libcacard-devel-1.5.3-105.el7_2.3.i686.rpm
libcacard-devel-1.5.3-105.el7_2.3.x86_64.rpm
libcacard-tools-1.5.3-105.el7_2.3.x86_64.rpm
qemu-img-1.5.3-105.el7_2.3.x86_64.rpm
qemu-kvm-1.5.3-105.el7_2.3.x86_64.rpm
qemu-kvm-common-1.5.3-105.el7_2.3.x86_64.rpm
qemu-kvm-tools-1.5.3-105.el7_2.3.x86_64.rpm

SRPMS:
http://oss.oracle.com/ol7/SRPMS-updates/qemu-kvm-1.5.3-105.el7_2.3.src.rpm

Description of changes:

[1.5.3-105.el7_2.3]
- kvm-fw_cfg-add-check-to-validate-current-entry-value-CVE.patch 
[bz#1298047]
- Resolves: bz#1298047
   (CVE-2016-1714 qemu-kvm: Qemu: nvram: OOB r/w access in processing 
firmware configurations [rhel-7.2.z])

[1.5.3-105.el7_2.2]
- kvm-raw-posix-Fix-.bdrv_co_get_block_status-for-unaligne.patch 
[bz#1298828]
- Resolves: bz#1298828
   ([abrt] qemu-img: get_block_status(): qemu-img killed by SIGABRT)