FEDORA-2015-13402 created by crobinso 4 years ago for Fedora 22
stable
  • Rebased to version 2.3.1
  • Fix crash in qemu_spice_create_display (bz #1163047)
  • Fix qemu-img map crash for unaligned image (bz #1229394)
  • CVE-2015-3209: pcnet: multi-tmd buffer overflow in the tx path (bz #1230536)
  • CVE-2015-3214: i8254: out-of-bounds memory access (bz #1243728)
  • CVE-2015-5158: scsi stack buffer overflow (bz #1246025)
  • CVE-2015-5154: ide: atapi: heap overflow during I/O buffer memory access (bz #1247141)
  • CVE-2015-5166: BlockBackend object use after free issue (bz #1249758)
  • CVE-2015-5745: buffer overflow in virtio-serial (bz #1251160)
  • CVE-2015-5165: rtl8139 uninitialized heap memory information leakage to guest (bz #1249755)

How to install

sudo dnf upgrade --advisory=FEDORA-2015-13402

This update has been submitted for testing by crobinso.

4 years ago

Taskotron: depcheck test PASSED on i386. Result log: https://taskotron.fedoraproject.org/taskmaster//builders/x86_64/builds/115993/steps/runtask/logs/stdio (results are informative only)

Taskotron: depcheck test PASSED on x86_64. Result log: https://taskotron.fedoraproject.org/taskmaster//builders/x86_64/builds/115993/steps/runtask/logs/stdio (results are informative only)

This update is currently being pushed to the Fedora 22 testing updates repository.

4 years ago

This update has been pushed to testing

4 years ago
User Icon cserpentis commented & provided feedback 4 years ago
karma

dosn't see any regressions

User Icon dandim commented & provided feedback 4 years ago
karma

Works

User Icon filiperosset commented & provided feedback 4 years ago
karma

no regressions noted

This update has reached the stable karma threshold and will be pushed to the stable updates repository

4 years ago

Taskotron: upgradepath test PASSED on noarch. Result log: https://taskotron.fedoraproject.org/taskmaster//builders/x86_64/builds/116902/steps/runtask/logs/stdio (results are informative only)

This update is currently being pushed to the Fedora 22 stable updates repository.

4 years ago

This update has been pushed to stable

4 years ago

Please login to add feedback.

Metadata
Type
security
Karma
3
Signed
Content Type
RPM
Test Gating
Settings
Unstable by Karma
-3
Dates
submitted
4 years ago
in testing
4 years ago
in stable
4 years ago
BZ#1225882 CVE-2015-3209 qemu: pcnet: multi-tmd buffer overflow in the tx path
0
0
BZ#1229394 [abrt] qemu-img: get_block_status(): qemu-img killed by SIGABRT
0
0
BZ#1229640 CVE-2015-3214 qemu/kvm: i8254: out-of-bounds memory access in pit_ioport_read function
0
0
BZ#1230536 CVE-2015-3209 qemu: pcnet: multi-tmd buffer overflow in the tx path [fedora-all]
0
0
BZ#1243563 CVE-2015-5154 qemu: ide: atapi: heap overflow during I/O buffer memory access
0
0
BZ#1243728 CVE-2015-3214 qemu: qemu/kvm: i8254: out-of-bounds memory access in pit_ioport_read function [fedora-all]
0
0
BZ#1244332 CVE-2015-5158 Qemu: scsi stack buffer overflow
0
0
BZ#1246025 CVE-2015-5158 Qemu: scsi stack buffer overflow [fedora-all]
0
0
BZ#1247141 CVE-2015-5154 qemu: ide: atapi: heap overflow during I/O buffer memory access [fedora-all]
0
0
BZ#1248760 CVE-2015-5165 Qemu: rtl8139 uninitialized heap memory information leakage to guest (XSA-140)
0
0
BZ#1248997 CVE-2015-5166 Qemu: BlockBackend object use after free issue (XSA-139)
0
0
BZ#1249755 CVE-2015-5165 Qemu: rtl8139 uninitialized heap memory information leakage to guest [fedora-all]
0
0
BZ#1249758 CVE-2015-5166 Qemu: BlockBackend object use after free issue [fedora-all]
0
0
BZ#1251157 CVE-2015-5745 kernel: qemu buffer overflow in virtio-serial
0
0
BZ#1251160 CVE-2015-5745 qemu: kernel: qemu buffer overflow in virtio-serial [fedora-all]
0
0

Automated Test Results