rpms/qemu
3
0
Fork 0
Code Issues Pull Requests Releases Wiki Activity
535 Commits 47 Branches 218 Tags 8.8 MiB
85f4aff1ee
Commit Graph

535 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
Cole Robinson
85f4aff1ee CVE-2016-4020: memory leak in kvmvapic.c (bz #1326904) 
CVE-2016-4439: scsi: esb: OOB write #1 (bz #1337503)
CVE-2016-4441: scsi: esb: OOB write #2 (bz #1337506)
Fix regression installing windows 7 with qxl/vga (bz #1339267)
 2016-05-26 11:35:54 -04:00
Cole Robinson
44ee7cd460 CVE-2016-3710: incorrect bounds checking in vga (bz #1334345) 
CVE-2016-3712: out of bounds read in vga (bz #1334342)
Fix USB redirection (bz #1330221)
CVE-2016-4037: infinite loop in usb ehci (bz #1328080)
CVE-2016-4001: buffer overflow in stellaris net (bz #1325885)
CVE-2016-2858: rng stack corruption (bz #1314677)
CVE-2016-2391: ohci: crash via multiple timers (bz #1308881)
CVE-2016-2198: ehci: null pointer dereference (bz #1303134)
Fix ./configure with ccache
 2016-05-09 20:08:58 -04:00
Cole Robinson
d62b5c0e5f CVE-2016-2538: Integer overflow in usb module (bz #1305815) 
CVE-2016-2841: ne2000: infinite loop (bz #1304047)
CVE-2016-2857: net: out of bounds read (bz #1309564)
CVE-2016-2392: usb: null pointer dereference (bz #1307115)
spice: fix spice_chr_add_watch() crash (bz #1315049)
 2016-03-17 13:47:41 -04:00
Cole Robinson
db34050364 CVE-2015-8619: Fix sendkey out of bounds (bz #1292757) 
CVE-2016-1981: infinite loop in e1000 (bz #1299995)
Fix Out-of-bounds read in usb-ehci (bz #1300234, bz #1299455)
CVE-2016-2197: ahci: null pointer dereference (bz #1302952)
Fix gdbstub for VSX registers for ppc64 (bz #1304377)
Fix qemu-img vmdk images to work with VMware (bz #1299185)
 2016-02-15 17:07:21 -05:00
Cole Robinson
6dcc36319f CVE-2015-8567: net: vmxnet3: host memory leakage (bz #1289818) 
CVE-2016-1922: i386: avoid null pointer dereference (bz #1292766)
CVE-2015-8613: buffer overflow in megasas_ctrl_get_info (bz #1284008)
CVE-2015-8743: ne2000: OOB memory access in ioport r/w functions (bz #1294787)
 2016-01-20 19:40:35 -05:00
Cole Robinson
14860a24cf CVE-2015-7549: pci: null pointer dereference issue (bz #1291138) 
CVE-2015-8558: DoS by infinite loop in ehci_advance_state (bz #1291309)
CVE-2015-8666: Heap-based buffer overrun during VM migration (bz #1294027)
CVE-2015-8744: vmxnet3: fix crash with short packets (bz #1295440)
CVE-2015-8745: vmxnet3: don't assert reading registers in bar0 (bz #1295442)
 2016-01-09 13:11:22 -05:00
Cole Robinson
125cf24347 vnc: avoid floating point exceptions (bz #1289541, bz #1289542) 2015-12-08 10:53:39 -05:00
Cole Robinson
bf445db9ab Fix abort in abort in bdrv_error_action (bz #1277482) 
Fix SSE4 emulation with accel=tcg (bz #1270703)
CVE-2015-8345: Fix infinite loop in eepro100 (bz #1285214)
CVE-2015-7504: Fix heap overflow in pcnet (bz #1286543)
CVE-2015-7512: Fix buffer overflow in pcnet (bz #1286549)
 2015-12-07 14:23:27 -05:00
Cole Robinson
aeebdca142 CVE-2015-7295: virtio-net possible remote DoS (bz #1264393) 
drive-mirror: Fix coroutine reentrance (bz #1266936)
Fix udp socket 'localaddr' (bz #1268708)
 2015-10-08 13:39:40 -04:00
Cole Robinson
94d6f121d6 Fix emulation of various instructions, required by libm in F22 ppc64 guests 
Re-add patches accidentally dropped in last build
 2015-09-22 09:16:29 -04:00
Cole Robinson
a3fa63d2ce Fix typo causing qemu-img to link against entire world (bz #1260996) 
CVE-2015-6815: net: e1000: infinite loop issue (bz #1260225)
CVE-2015-6855: ide: divide by zero issue (bz #1261793)
CVE-2015-5278: Infinite loop in ne2000_receive() (bz #1263284)
CVE-2015-5279: Heap overflow vulnerability in ne2000_receive() (bz #1263287)
Make block copy more stable (bz #1264416)
Fix hang at start of live merge for large images (bz #1262901)
 2015-09-21 18:19:06 -04:00
Richard W.M. Jones
2273d40a00 Fix emulation of various instructions, required by libm in F22 ppc64 guests. 2015-09-20 10:24:27 +01:00
Daniel P. Berrange
ba1746053e Fix typo causing qemu-img to link against entire world (bz #1260996) 2015-09-08 12:43:15 +01:00
Cole Robinson
ab42d9f7d6 CVE-2015-5255: heap memory corruption in vnc_refresh_server_surface (bz #1255899) 2015-08-31 19:59:32 -04:00
Cole Robinson
7fbffc1697 Rebased to version 2.3.1 2015-08-11 18:42:10 -04:00
Cole Robinson
cce96bf59a Fix crash in qemu_spice_create_display (bz #1163047) 
Fix qemu-img map crash for unaligned image (bz #1229394)
CVE-2015-3209: pcnet: multi-tmd buffer overflow in the tx path (bz #1230536)
CVE-2015-3214: i8254: out-of-bounds memory access (bz #1243728)
CVE-2015-5158: scsi stack buffer overflow (bz #1246025)
CVE-2015-5154: ide: atapi: heap overflow during I/O buffer memory access (bz #1247141)
CVE-2015-5166: BlockBackend object use after free issue (bz #1249758)
CVE-2015-5745: buffer overflow in virtio-serial (bz #1251160)
CVE-2015-5165: rtl8139 uninitialized heap memory information leakage to guest (bz #1249755)
 2015-08-11 15:24:18 -04:00
Richard W.M. Jones
8f61459adc Fix: qemu-img: error while compressing sector <NNN>: Input/output error (bz #1214855) 2015-07-20 12:10:44 +01:00
Cole Robinson
d902376d84 CVE-2015-4037: insecure temporary file use in /net/slirp.c (bz #1222894) 2015-06-05 19:37:46 -04:00
Cole Robinson
15d91eb086 CVE-2015-3456: (VENOM) fdc: out-of-bounds fifo buffer memory access (bz #1221152) 2015-05-13 18:34:08 -04:00
poma
343c57952d Fix ksm.service (bz 1218814) 2015-05-06 12:52:09 -04:00
Dan Horák
5059f25c8e - Require libseccomp only when built with it 2015-05-05 17:03:52 +02:00
Cole Robinson
41aca9586f Rebased to version 2.3.0 GA 
Another attempt at fixing default /dev/kvm permissions (bz 950436)
 2015-04-27 13:33:41 -04:00
Cole Robinson
b26fb5a551 qemu: Drop kvm.modules 
Looked into this because recent packaging changes broke kvm.modules
installation, see https://bugzilla.redhat.com/show_bug.cgi?id=1212328

But nowadays this isn't even required I don't think. According to
comments here:

https://bugzilla.redhat.com/show_bug.cgi?id=963198

The reason for shipping it is missing devname:kvm for ppc and s390 kvm
modules. But those have been in upstream kernel.git since late 2013,
so it should be safe to drop entirely.
 2015-04-16 09:11:00 -04:00
Cole Robinson
9b9ad7bb74 Rebased to version 2.3.0-rc3 2015-04-14 14:51:42 -04:00
Cole Robinson
c61e67e86b Rebased to version 2.3.0-rc2 
Don't install ksm services as executable (bz #1192720)
Skip hanging tests on s390 (bz #1206057)
CVE-2015-1779 vnc: insufficient resource limiting in VNC websockets decoder
(bz #1205051, bz #1199572)
 2015-04-03 10:21:46 -04:00
Cole Robinson
c2770435bf Big specfile cleanup 
- Drop all the crazy kvmonly and separate_kvm bits
- Drop outdates conditionals
- Drop old style things like defattr and RPM_BUILD_ROOT
- Readability improvements
 2015-03-27 17:08:26 -04:00
Cole Robinson
355b03ef5c Rebased to version 2.3.0-rc1 2015-03-25 08:48:20 -04:00
Cole Robinson
6a451ba509 Remove unused patches 2015-03-22 12:17:06 -04:00
Cole Robinson
8055ee2da9 Rebase to qemu-2.3.0-rc0 2015-03-22 11:06:24 -04:00
Richard W.M. Jones
5a454effcf Revert "- Enable seccomp on ARM (thanks: Peter Robinson)." 
This reverts commit 76a74e853f.

The upstream (qemu) configure script hard-codes x86 & x86-64,
so you cannot enable seccomp on arm yet.
 2015-02-17 15:07:06 +00:00
Richard W.M. Jones
76a74e853f - Enable seccomp on ARM (thanks: Peter Robinson). 2015-02-17 13:37:05 +00:00
Richard W.M. Jones
6c3741c276 - Add -fPIC flag to build to avoid 
'relocation R_X86_64_PC32 against undefined symbol' errors.
- Add a hopefully temporary hack so that -fPIC is used to build
  NSS files in libcacard.
 2015-02-17 13:35:59 +00:00
Richard W.M. Jones
391fb81c16 Add UEFI support for aarch64. 2015-02-04 15:54:41 +00:00
Daniel P. Berrange
f287dc5662 Re-enable SPICE after previous build fixes circular dep 2015-02-03 14:05:24 +00:00
Daniel P. Berrange
fc57f44566 Stop libcacard linking against the entire world 2015-02-03 11:36:06 +00:00
Daniel P. Berrange
cad2bcb6a1 Temporarily disable SPICE to break circular build-dep on libcacard 2015-02-03 10:57:50 +00:00
Daniel P. Berrange
0716c2e68a Rebuild for changed xen soname 2015-02-03 09:25:11 +00:00
Daniel P. Berrange
10fa62ffc3 Set pkgversion when running configure 2015-01-28 13:25:27 +00:00
Cole Robinson
c88cc7e403 Rebased to version 2.2.0 2014-12-09 16:25:38 -05:00
Cole Robinson
bd7b20725b Add sources 2014-11-30 17:45:14 -05:00
Cole Robinson
1be48f0df6 Update to qemu-2.2.0-rc3 2014-11-30 17:19:56 -05:00
Cole Robinson
259393612c Update to qemu-2.2.0-rc1 2014-11-15 20:39:24 -05:00
Cole Robinson
725f84b743 CVE-2014-7815 vnc: insufficient bits_per_pixel from the client sanitization (bz #1157647, bz #1157641) 
CVE-2014-3689 vmware_vga: insufficient parameter validation in rectangle functions (bz #1153038, bz #1153035)
 2014-10-29 15:58:32 -04:00
Daniel P. Berrange
145f8dccfa Fix dep on numactl-devel to be build time not install time 
Signed-off-by: Daniel P. Berrange <berrange@redhat.com>
 2014-10-24 16:38:01 +01:00
Cole Robinson
fbbbab2c57 Fix PPC virtio regression (bz #1144490) 2014-10-06 12:32:22 -04:00
Dan Horák
215b584050 fix typo 2014-09-30 16:48:14 +02:00
Dan Horák
3a39bf78f1 add ppc64le to KVM arches 2014-09-30 16:46:25 +02:00
Cole Robinson
6c2b2d8a11 Fix date in changelog 2014-09-26 12:51:48 -04:00
Richard W.M. Jones
6ce0be8333 Add Requires seabios >= 1.7.5, otherwise Windows virtio booting does not work. 2014-09-26 16:56:20 +01:00
Cole Robinson
46f3a5c276 Rebased to version 2.1.2 
CVE-2014-3640 qemu: slirp: NULL pointer (bz #1144821, bz #1144818)
 2014-09-26 10:26:35 -04:00