[El-errata] ELSA-2019-4713 Important: Oracle Linux 7 qemu security update
Errata Announcements for Oracle Linux
el-errata at oss.oracle.com
Thu Jul 11 07:23:29 PDT 2019
Oracle Linux Security Advisory ELSA-2019-4713
http://linux.oracle.com/errata/ELSA-2019-4713.html
The following updated rpms for Oracle Linux 7 have been uploaded to the
Unbreakable Linux Network:
i386:
x86_64:
qemu-common-3.1.0-5.el7.x86_64.rpm
qemu-system-x86-core-3.1.0-5.el7.x86_64.rpm
qemu-block-gluster-3.1.0-5.el7.x86_64.rpm
qemu-block-iscsi-3.1.0-5.el7.x86_64.rpm
qemu-block-rbd-3.1.0-5.el7.x86_64.rpm
qemu-img-3.1.0-5.el7.x86_64.rpm
qemu-3.1.0-5.el7.x86_64.rpm
qemu-kvm-3.1.0-5.el7.x86_64.rpm
qemu-kvm-core-3.1.0-5.el7.x86_64.rpm
qemu-system-x86-3.1.0-5.el7.x86_64.rpm
SRPMS:
http://oss.oracle.com/ol7/SRPMS-updates/qemu-3.1.0-5.el7.src.rpm
Description of changes:
[15:3.1.0-5.el7]
- Only enable the halt poll control MSR if it is supported by the host (Mark
Kanda) [Orabug: 29946722]
[15:3.1.0-4.el7]
- kvm: i386: halt poll control MSR support (Marcelo Tosatti) [Orabug:
29933278]
- Document CVEs as fixed: CVE-2017-9524, CVE-2017-6058, CVE-2017-5931
(Mark Kanda) [Orabug: 29886908] {CVE-2017-5931} {CVE-2017-6058}
{CVE-2017-9524}
- pvrdma: release device resources in case of an error (Prasad J Pandit)
[Orabug: 29056678] {CVE-2018-20123}
- qxl: check release info object (Prasad J Pandit) [Orabug: 29886906]
{CVE-2019-12155}
- target/i386: add MDS-NO feature (Paolo Bonzini) [Orabug: 29820428]
{CVE-2018-12126} {CVE-2018-12127} {CVE-2018-12130} {CVE-2019-11091}
- docs: recommend use of md-clear feature on all Intel CPUs (Daniel P.
Berrangé) [Orabug: 29820428] {CVE-2018-12126} {CVE-2018-12127}
{CVE-2018-12130} {CVE-2019-11091}
- target/i386: define md-clear bit (Paolo Bonzini) [Orabug: 29820428]
{CVE-2018-12126} {CVE-2018-12127} {CVE-2018-12130} {CVE-2019-11091}
- pvh: block migration if booting using PVH (Liam Merwick) [Orabug:
29796676]
- hw/i386/pc: run the multiboot loader before the PVH loader (Stefano
Garzarella) [Orabug: 29796676]
- optionrom/pvh: load initrd from fw_cfg (Stefano Garzarella) [Orabug:
29796676]
- hw/i386/pc: use PVH option rom (Stefano Garzarella) [Orabug: 29796676]
- qemu.spec: add pvh.bin to %files (Liam Merwick) [Orabug: 29796676]
- optionrom: add new PVH option rom (Stefano Garzarella) [Orabug: 29796676]
- linuxboot_dma: move common functions in a new header (Stefano
Garzarella) [Orabug: 29796676]
- linuxboot_dma: remove duplicate definitions of FW_CFG (Stefano
Garzarella) [Orabug: 29796676]
- pvh: load initrd and expose it through fw_cfg (Stefano Garzarella)
[Orabug: 29796676]
- pvh: Boot uncompressed kernel using direct boot ABI (Liam Merwick)
[Orabug: 29796676]
- pvh: Add x86/HVM direct boot ABI header file (Liam Merwick) [Orabug:
29796676]
- elf-ops.h: Add get_elf_note_type() (Liam Merwick) [Orabug: 29796676]
- elf: Add optional function ptr to load_elf() to parse ELF notes (Liam
Merwick) [Orabug: 29796676]
More information about the El-errata
mailing list