[El-errata] ELSA-2021-9104 Important: Oracle Linux 7 qemu security update

Errata Announcements for Oracle Linux el-errata at oss.oracle.com
Fri Mar 12 12:22:35 PST 2021



Oracle Linux Security Advisory ELSA-2021-9104

http://linux.oracle.com/errata/ELSA-2021-9104.html

The following updated rpms for Oracle Linux 7 have been uploaded to the Unbreakable Linux Network:

i386:

x86_64:
qemu-common-4.2.1-5.el7.x86_64.rpm
qemu-system-x86-core-4.2.1-5.el7.x86_64.rpm
qemu-block-gluster-4.2.1-5.el7.x86_64.rpm
qemu-block-iscsi-4.2.1-5.el7.x86_64.rpm
qemu-block-rbd-4.2.1-5.el7.x86_64.rpm
qemu-img-4.2.1-5.el7.x86_64.rpm
qemu-4.2.1-5.el7.x86_64.rpm
qemu-kvm-4.2.1-5.el7.x86_64.rpm
qemu-kvm-core-4.2.1-5.el7.x86_64.rpm
qemu-system-x86-4.2.1-5.el7.x86_64.rpm


SRPMS:
http://oss.oracle.com/el7v/SRPMS-updates/qemu-4.2.1-5.el7.src.rpm



Description of changes:

[15:4.2.1-5.el7]
- qemu.spec: use --tls-priority=NORMAL for OL7 (Elena Ufimtseva) 
- hostmem: fix default "prealloc-threads" count (Mark Kanda)  [Orabug: 32472127]
- hostmem: introduce "prealloc-threads" property (Igor Mammedov) 
- qom: introduce object_register_sugar_prop (Paolo Bonzini) 
- migration/multifd: Do error_free after migrate_set_error to avoid memleaks (Pan Nengyuan) 
- multifd/tls: fix memoryleak of the QIOChannelSocket object when cancelling migration (Chuan Zheng) 
- migration/multifd: fix hangup with TLS-Multifd due to blocking handshake (Chuan Zheng) 
- migration/tls: add trace points for multifd-tls (Chuan Zheng) 
- migration/tls: add support for multifd tls-handshake (Chuan Zheng) 
- migration/tls: extract cleanup function for common-use (Chuan Zheng) 
- migration/multifd: fix memleaks in multifd_new_send_channel_async (Pan Nengyuan) 
- migration/multifd: fix nullptr access in multifd_send_terminate_threads (Zhimin Feng) 
- migration/tls: add tls_hostname into MultiFDSendParams (Chuan Zheng) 
- migration/tls: extract migration_tls_client_create for common-use (Chuan Zheng) 
- migration/tls: save hostname into MigrationState (Chuan Zheng) 
- tests/qtest: add a test case for pvpanic-pci (Mihai Carabas) 
- pvpanic : update pvpanic spec document (Mihai Carabas) 
- hw/misc/pvpanic: add PCI interface support (Mihai Carabas) 
- hw/misc/pvpanic: split-out generic and bus dependent code (Mihai Carabas) 
- 9pfs: Fully restart unreclaim loop (CVE-2021-20181) (Greg Kurz)  [Orabug: 32441198]  {CVE-2021-20181}
- ide: atapi: check logical block address and read size (CVE-2020-29443) (Prasad J Pandit)  [Orabug: 32393835]  {CVE-2020-29443}
- Document CVE-2019-20808 as fixed (Mark Kanda)  [Orabug: 32339196]  {CVE-2019-20808}
- block/iscsi:fix heap-buffer-overflow in iscsi_aio_ioctl_cb (Chen Qun)  [Orabug: 32339207]  {CVE-2020-11947}
- net: remove an assert call in eth_get_gso_type (Prasad J Pandit)  [Orabug: 32102583]  {CVE-2020-27617}
- nvdimm: honor -object memory-backend-file, readonly=on option (Stefan Hajnoczi)  [Orabug: 32265408]
- hostmem-file: add readonly=on|off option (Stefan Hajnoczi)  [Orabug: 32265408]
- memory: add readonly support to memory_region_init_ram_from_file() (Stefan Hajnoczi)  [Orabug: 32265408]




More information about the El-errata mailing list