[El-errata] ELSA-2019-4518 Important: Oracle Linux 7 qemu security update (aarch64)

Errata Announcements for Oracle Linux el-errata at oss.oracle.com
Fri Jan 25 11:37:18 PST 2019 

Oracle Linux Security Advisory ELSA-2019-4518

http://linux.oracle.com/errata/ELSA-2019-4518.html

The following updated rpms for Oracle Linux 7 have been uploaded to the 
Unbreakable Linux Network:

aarch64:
ivshmem-tools-3.0.0-4.el7.aarch64.rpm
qemu-3.0.0-4.el7.aarch64.rpm
qemu-block-gluster-3.0.0-4.el7.aarch64.rpm
qemu-block-iscsi-3.0.0-4.el7.aarch64.rpm
qemu-block-rbd-3.0.0-4.el7.aarch64.rpm
qemu-common-3.0.0-4.el7.aarch64.rpm
qemu-img-3.0.0-4.el7.aarch64.rpm
qemu-kvm-3.0.0-4.el7.aarch64.rpm
qemu-kvm-core-3.0.0-4.el7.aarch64.rpm
qemu-system-aarch64-3.0.0-4.el7.aarch64.rpm
qemu-system-aarch64-core-3.0.0-4.el7.aarch64.rpm


SRPMS:
http://oss.oracle.com/ol7/SRPMS-updates/qemu-3.0.0-4.el7.src.rpm



Description of changes:

[15:3.0.0-4.el7]
- usb-mtp: use O_NOFOLLOW and O_CLOEXEC. (Gerd Hoffmann) [Orabug: 
29056673] {CVE-2018-16872}
- pvrdma: add uar_read routine (Prasad J Pandit) {CVE-2018-20191}
- pvrdma: release ring object in case of an error (Prasad J Pandit) 
[Orabug: 29171822] {CVE-2018-20126}
- pvrdma: check number of pages when creating rings (Prasad J Pandit) 
[Orabug: 29171821] {CVE-2018-20125}
- pvrdma: check return value from pvrdma_idx_ring_has_ routines (Prasad 
J Pandit) [Orabug: 29171820] {CVE-2018-20216}
- rdma: remove unused VENDOR_ERR_NO_SGE macro (Prasad J Pandit) [Orabug: 
29121181] {CVE-2018-20124}
- rdma: check num_sge does not exceed MAX_SGE (Prasad J Pandit) [Orabug: 
29121181] {CVE-2018-20124}
- i386: Add "stibp" flag name (Eduardo Habkost) [Orabug: 29114828]
- i386: Add some MSR based features on Cascadelake-Server CPU model (Tao 
Xu) [Orabug: 29029615]
- i386: Update stepping of Cascadelake-Server (Tao Xu) [Orabug: 29029615]
- kvm: Use KVM_GET_MSR_INDEX_LIST for MSR_IA32_ARCH_CAPABILITIES support 
(Bandan Das) [Orabug: 29029615]
- x86: define a new MSR based feature word -- 
FEATURE_WORDS_ARCH_CAPABILITIES (Robert Hoo) [Orabug: 29029615]
- x86: Data structure changes to support MSR based features (Robert Hoo) 
[Orabug: 29029615]
- kvm: Add support to KVM_GET_MSR_FEATURE_INDEX_LIST and KVM_GET_MSRS 
system ioctl (Robert Hoo) [Orabug: 29029615]
- i386: Add CPUID bit and feature words for IA32_ARCH_CAPABILITIES MSR 
(Robert Hoo) [Orabug: 29029615]
- i386: Add new MSR indices for IA32_PRED_CMD and IA32_ARCH_CAPABILITIES 
(Robert Hoo) [Orabug: 29029615]
- Fix compilation issue: 'qapi_event_send_failover_primary_changed' not 
declared (Mark Kanda) [Orabug: 29121163]
- lsi_scsi: add support for PPR Extended Message (George Kennedy) 
[Orabug: 28879117]

More information about the El-errata mailing list