Commit Graph

621 Commits

Author SHA1 Message Date
Cole Robinson 6a2f9fd5cf Fix xen pv graphical display failure (bz #1350264)
CVE-2016-8667: dma: divide by zero error in set_next_tick (bz #1384876)
CVE-2017-5579: serial: fix memory leak in serial exit (bz #1416161)
2017-04-13 20:39:51 -04:00
Cole Robinson dfb84783bc CVE-2017-5525: audio: memory leakage in ac97 (bz #1414110)
CVE-2017-5526: audio: memory leakage in es1370 (bz #1414210)
CVE-2016-10155 watchdog: memory leakage in i6300esb (bz #1415200)
CVE-2017-5552: virtio-gpu-3d: memory leakage (bz #1415283)
CVE-2017-5667: sd: sdhci OOB access during multi block transfer (bz #1417560)
CVE-2017-5857: virtio-gpu-3d: host memory leakage in virgl_cmd_resource_unref (bz #1418383)
CVE-2017-5856: scsi: megasas: memory leakage (bz #1418344)
CVE-2017-5898: usb: integer overflow in emulated_apdu_from_guest (bz #1419700)
CVE-2017-5987: sd: infinite loop issue in multi block transfers (bz #1422001)
CVE-2017-6505: usb: an infinite loop issue in ohci_service_ed_list (bz #1429434)
CVE-2017-2615: cirrus: oob access while doing bitblt copy backward (bz #1418206)
CVE-2017-2620: cirrus: potential arbitrary code execution (bz #1425419)
2017-03-15 08:06:09 -04:00
Cole Robinson 4d7edd7e33 CVE-2016-6836: vmxnet: Information leakage in vmxnet3_complete_packet (bz #1366370)
CVE-2016-7909: pcnet: Infinite loop in pcnet_rdra_addr (bz #1381196)
CVE-2016-7994: virtio-gpu: memory leak in resource_create_2d (bz #1382667)
CVE-2016-8577: 9pfs: host memory leakage in v9fs_read (bz #1383286)
CVE-2016-8578: 9pfs: potential NULL dereferencein 9pfs routines (bz #1383292)
CVE-2016-8668: OOB buffer access in rocker switch emulation (bz #1384898)
CVE-2016-8669: divide by zero error in serial_update_parameters (bz #1384911)
CVE-2016-8910: rtl8139: infinite loop while transmit in C+ mode (bz #1388047)
CVE-2016-8909: intel-hda: infinite loop in dma buffer stream (bz #1388053)
Infinite loop vulnerability in a9_gtimer_update (bz #1388300)
CVE-2016-9101: eepro100: memory leakage at device unplug (bz #1389539)
CVE-2016-9103: 9pfs: information leakage via xattr (bz #1389643)
CVE-2016-9102: 9pfs: memory leakage when creating extended attribute (bz #1389551)
CVE-2016-9104: 9pfs: integer overflow leading to OOB access (bz #1389687)
CVE-2016-9105: 9pfs: memory leakage in v9fs_link (bz #1389704)
CVE-2016-9106: 9pfs: memory leakage in v9fs_write (bz #1389713)
CVE-2016-9381: xen: incautious about shared ring processing (bz #1397385)
CVE-2016-9921: Divide by zero vulnerability in cirrus_do_copy (bz #1399054)
CVE-2016-9776: infinite loop while receiving data in mcf_fec_receive (bz #1400830)
CVE-2016-9845: information leakage in virgl_cmd_get_capset_info (bz #1402247)
CVE-2016-9846: virtio-gpu: memory leakage while updating cursor data (bz #1402258)
CVE-2016-9907: usbredir: memory leakage when destroying redirector (bz #1402266)
CVE-2016-9911: usb: ehci: memory leakage in ehci_init_transfer (bz #1402273)
CVE-2016-9913: 9pfs: memory leakage via proxy/handle callbacks (bz #1402277)
CVE-2016-10028: virtio-gpu-3d: OOB access while reading virgl capabilities (bz #1406368)
CVE-2016-9908: virtio-gpu: information leakage in virgl_cmd_get_capset (bz #1402263)
CVE-2016-9912: virtio-gpu: memory leakage when destroying gpu resource (bz #1402285)
2017-01-16 15:58:15 -05:00
Cole Robinson 5a6b758586 Fix qemu-user-static binfmt on f24 (bz 1388250) 2016-11-06 12:36:18 -05:00
Cole Robinson ea06621f9b Fix PPC64 build with memlock file (bz #1387601)
Fix qemu-user-static binfmt paths (bz #1388250)
Use F flag in binfmt for qemu-user-static (bz #1384615)
2016-10-25 10:43:15 -04:00
Cole Robinson 8963de0583 Fix flickering display with boxes + wayland VM (bz #1266484)
Add ppc64 kvm memlock file (bz #1293024)
2016-10-19 13:19:27 -04:00
Cole Robinson fa4cd5da64 Add ppc64 kvm memlock file (bz 1293024) 2016-10-19 12:34:26 -04:00
Cole Robinson 98de78b65f spec: Use power64 macro consistently 2016-10-19 12:32:04 -04:00
Cole Robinson 808a2e2dfa CVE-2016-6351: scsi: esp: OOB write access in esp_do_dma (bz #1360600)
CVE-2016-6833: vmxnet3: use-after-free (bz #1368982)
CVE-2016-6490: virtio: infinite loop in virtqueue_pop (bz #1361428)
CVE-2016-7156: pvscsi: infinite loop when building SG list (bz #1373480)
CVE-2016-7170: vmware_vga: OOB stack memory access (bz #1374709)
CVE-2016-7161: net: Heap overflow in xlnx.xps-ethernetlite (bz #1379298)
CVE-2016-7466: usb: xhci memory leakage during device unplug (bz #1377838)
CVE-2016-7422: virtio: null pointer dereference (bz #1376756)
CVE-2016-7908: net: Infinite loop in mcf_fec_do_tx (bz #1381193)
CVE-2016-8576: usb: xHCI: infinite loop vulnerability (bz #1382322)
CVE-2016-7995: usb: hcd-ehci: memory leak (bz #1382669)
Don't depend on edk2 roms where they aren't available (bz #1373576)
2016-10-15 22:04:15 -04:00
Cole Robinson f3d2a0c0ad Don't depend on edk2 roms where they aren't available (bz 1373576)
(cherry picked from commit 57dbb7a5be)
2016-10-15 21:30:40 -04:00
Cole Robinson bedc3458f2 Rebased to version 2.6.2 2016-09-30 10:12:21 -04:00
Cole Robinson 73cbb80400 Rebase to 2.6.1 stable 2016-08-19 10:11:01 -04:00
Daniel P. Berrange 892ad72e62 Merge branch 'master' into f24 2016-07-15 14:40:05 +01:00
Daniel P. Berrange 51223f941f Ignore build logs, src RPMs and x84_64 RPM output dir too
Signed-off-by: Daniel P. Berrange <berrange@redhat.com>
2016-07-15 14:39:08 +01:00
Daniel P. Berrange d0bc223280 Add skip for s390x as well as s390 2016-07-15 14:28:04 +01:00
Daniel P. Berrange 9868109a5e Disable qemu-user-static on s390 too 2016-07-14 11:20:48 +01:00
Daniel P. Berrange ecee1eccfe Add explicit BR on alsa-lib-devel
Previously we'd get alsa-lib-devel pulled in by accident due to
dep from another package. Latest rawhide doesn't get this so we
must add the dep explicitly in QEMU.
2016-07-13 15:08:58 +01:00
Daniel P. Berrange a8a5dc38f8 Cat config.log when configure fails during build
Signed-off-by: Daniel P. Berrange <berrange@redhat.com>
2016-07-13 15:08:17 +01:00
Daniel P. Berrange 9e71574671 Use precise version in obsoletes line
Signed-off-by: Daniel P. Berrange <berrange@redhat.com>
2016-07-13 13:49:06 +01:00
Daniel P. Berrange 0835325a86 Introduce qemu-user-static sub-RPM
The i686 build of this is temp disabled due to fubar
glibc-static on i686

The hardended build macro is disabled due to fubar
rpm macros for static linking while hardened, but
the equivalent hardening is turned on manually.

Signed-off-by: Daniel P. Berrange <berrange@redhat.com>
2016-07-13 13:42:21 +01:00
Cole Robinson 9ddf6d447d Merge branch 'master' into f24 2016-06-22 10:33:54 -04:00
Cole Robinson cf91b1dfd9 CVE-2016-4002: net: buffer overflow in MIPSnet (bz #1326083)
CVE-2016-4952 scsi: pvscsi: out-of-bounds access issue
CVE-2016-4964: scsi: mptsas infinite loop (bz #1339157)
CVE-2016-5106: scsi: megasas: out-of-bounds write (bz #1339581)
CVE-2016-5105: scsi: megasas: stack information leakage (bz #1339585)
CVE-2016-5107: scsi: megasas: out-of-bounds read (bz #1339573)
CVE-2016-4454: display: vmsvga: out-of-bounds read (bz #1340740)
CVE-2016-4453: display: vmsvga: infinite loop (bz #1340744)
CVE-2016-5126: block: iscsi: buffer overflow (bz #1340925)
CVE-2016-5238: scsi: esp: OOB write (bz #1341932)
CVE-2016-5338: scsi: esp: OOB r/w access (bz #1343325)
CVE-2016-5337: scsi: megasas: information leakage (bz #1343910)
Fix crash with -nodefaults -sdl (bz #1340931)
Add deps on edk2-ovmf and edk2-aarch64
2016-06-22 09:40:57 -04:00
Cole Robinson f9730dab94 Add deps on fedora edk2-ovmf and edk2-aarch64 2016-06-22 08:22:36 -04:00
Cole Robinson 25a79b6b3b Merge branch 'master' into f24 2016-05-26 11:33:26 -04:00
Cole Robinson f0208c9e42 CVE-2016-4020: memory leak in kvmvapic.c (bz #1326904)
CVE-2016-4439: scsi: esb: OOB write #1 (bz #1337503)
CVE-2016-4441: scsi: esb: OOB write #2 (bz #1337506)
Fix regression installing windows 7 with qxl/vga (bz #1339267)
Fix crash with aarch64 gic-version=host and accel=tcg (bz #1339977)
2016-05-26 11:32:16 -04:00
Cole Robinson a05edfdf31 Merge branch 'master' into f24 2016-05-20 16:38:38 -04:00
Cole Robinson f8dc431e37 Explicitly error if spice GL setup fails
Fix monitor resizing with virgl (bz #1337564)
Fix libvirt noise when introspecting qemu-kvm without hw virt
2016-05-20 16:36:01 -04:00
Cole Robinson c3911a29b3 qemu-kvm: Don't try to init KVM during libvirt introspection
If it's disabled on the host, libvirt logs a ton of errors to
syslog.
2016-05-19 18:15:26 -04:00
Cole Robinson 837eb7efa2 qemu: Clean up BuildRequires
Drop outdated:
    nss-devel (old libcacard)
    rsync (no longer used)
    which (no longer used)
    pciutils-devel (no longer used)

Add libcap-ng-devel for extra qemu-bridge-helper restrictions
Document all BuildRequires
Separate buildsystem bits vs feature bits
2016-05-15 14:52:29 -04:00
Cole Robinson 95141b20c8 Merge branch 'master' into f24 2016-05-13 14:19:02 -04:00
Cole Robinson e200903264 Rebase to v2.6.0 GA 2016-05-13 14:18:07 -04:00
Cole Robinson c2ff7549fb Merge branch 'master' into f24 2016-05-09 13:39:31 -04:00
Cole Robinson 35faab4c45 Fix gtk UI crash when switching to monitor (bz #1333424)
Fix sdl2 UI lockup lockup when switching to monitor
Rebased to qemu-2.6.0-rc5
2016-05-09 13:36:06 -04:00
Cole Robinson dd1abadcd8 Merge branch 'master' into f24 2016-05-02 16:14:18 -04:00
Cole Robinson bc7ce050b0 Rebased to version 2.6.0-rc4
Fix test suite on big endian hosts (bz 1330174)
2016-05-02 16:08:20 -04:00
Cole Robinson 14f36a81e1 Merge branch 'master' into f24 2016-04-25 09:12:17 -04:00
Cole Robinson b455e4b103 Rebuild to pick up spice GL support 2016-04-25 09:01:59 -04:00
Cole Robinson a10f883040 Merge branch 'master' into f24 2016-04-22 09:14:45 -04:00
Cole Robinson b0b55fdca8 Rebased to version 2.6.0-rc3
Fix s390 sysctl file install (bz 1327870)
Adjust spice gl version check to expect F24 backported version
2016-04-22 08:03:02 -04:00
Cole Robinson bd8b34f6e4 Merge branch 'master' into f24 2016-04-14 19:48:35 -04:00
Cole Robinson 6138a983a3 - Rebased to version 2.6.0-rc2
- Fix GL deps (bz 1325966)
- Ship sysctl file to fix s390x kvm (bz 1290589)
- Fix FTBFS on s390 (bz 1326247)
2016-04-14 18:48:51 -04:00
Cole Robinson c752245c96 Ship sysctl file to fix s390x kvm (bz 1290589) 2016-04-14 18:46:31 -04:00
Cole Robinson fa6cd1dad5 Fix GL deps (bz 1325966) 2016-04-14 18:34:08 -04:00
Cole Robinson bf4470bf85 Merge branch 'master' into f24 2016-04-07 13:09:00 -04:00
Cole Robinson 4cf00646d5 Merge branch 'master' into f24 2016-04-07 13:08:50 -04:00
Cole Robinson a503b12a16 Add sources 2016-04-07 13:03:15 -04:00
Cole Robinson 4097206ab3 Rebased to version 2.6.0-rc1 2016-04-07 13:00:29 -04:00
Cole Robinson d76f65307f CVE-2016-2538: Integer overflow in usb module (bz #1305815)
CVE-2016-2841: ne2000: infinite loop (bz #1304047)
CVE-2016-2857: net: out of bounds read (bz #1309564)
CVE-2016-2392: usb: null pointer dereference (bz #1307115)
Fix external snapshot any more after active committing (bz #1300209)
2016-03-17 15:40:10 -04:00
Cole Robinson 54cb1301c6 CVE-2016-2857: net: out of bounds read (bz #1309564)
CVE-2016-2392: usb: null pointer dereference (bz #1307115)
2016-03-17 13:45:47 -04:00
Peter Robinson 3fa9b818a6 Rebuild for tcmalloc ifunc issues on non x86 arches (see rhbz 1312462) 2016-03-09 15:22:17 +00:00