stable

qemu-2.4.1-9.fc23

FEDORA-2016-f2b1f07256 created by crobinso 8 years ago for Fedora 23
  • CVE-2016-3710: incorrect bounds checking in vga (bz #1334345)
  • CVE-2016-3712: out of bounds read in vga (bz #1334342)
  • Fix USB redirection (bz #1330221)
  • CVE-2016-4037: infinite loop in usb ehci (bz #1328080)
  • CVE-2016-4001: buffer overflow in stellaris net (bz #1325885)
  • CVE-2016-2858: rng stack corruption (bz #1314677)
  • CVE-2016-2391: ohci: crash via multiple timers (bz #1308881)
  • CVE-2016-2198: ehci: null pointer dereference (bz #1303134)
  • Fix tpm passthrough (bz #1281413)
  • Fix ./configure with ccache
  • Ship sysctl file to fix s390x kvm (bz #1290589)

How to install

Updates may require up to 24 hours to propagate to mirrors. If the following command doesn't work, please retry later:

sudo dnf upgrade --refresh --advisory=FEDORA-2016-f2b1f07256

This update has been submitted for testing by crobinso.

8 years ago

This update has been pushed to testing.

8 years ago
User Icon cserpentis commented & provided feedback 8 years ago
karma

works for me

User Icon filiperosset commented & provided feedback 8 years ago
karma

no regressions noted

This update has been submitted for stable by bodhi.

8 years ago
User Icon mhayden commented & provided feedback 8 years ago
karma

Works for me.

This update has been pushed to stable.

8 years ago

Please login to add feedback.

Metadata
Type
security
Karma
3
Signed
Content Type
RPM
Test Gating
Autopush Settings
Unstable by Karma
-3
Stable by Karma
3
Stable by Time
disabled
Dates
submitted
8 years ago
in testing
8 years ago
in stable
8 years ago
Builds
1
qemu-2.4.1-9.fc23
BZ#1281413 Passthrough of tpm devices is broken in qemu-kvm in fedora 23
0
0
BZ#1290589 ship sysctl file enabling vm.allocate_pgste for s390x kvm
0
0
BZ#1301643 CVE-2016-2198 Qemu: usb: ehci null pointer dereference in ehci_caps_write
0
0
BZ#1303134 CVE-2016-2198 Qemu: usb: ehci null pointer dereference in ehci_caps_write [fedora-all]
0
0
BZ#1304794 CVE-2016-2391 Qemu: usb: multiple eof_timers in ohci module leads to null pointer dereference
0
0
BZ#1308881 CVE-2016-2391 qemu: Holding multiple eof_timers at the same time in ohci usb mode leads to SIGSEGV [fedora-all]
0
0
BZ#1314676 CVE-2016-2858 Qemu: rng-random: arbitrary stack based allocation leading to corruption
0
0
BZ#1314677 Qemu: rng-random: arbitrary stack based allocation leading to corruption [fedora-all]
0
0
BZ#1318712 CVE-2016-3712 qemu-kvm: Out-of-bounds read when creating weird vga screen surface
0
0
BZ#1325129 CVE-2016-4037 Qemu: usb: Infinite loop vulnerability in usb_ehci using siTD process
0
0
BZ#1325884 CVE-2016-4001 Qemu: net: buffer overflow in stellaris_enet emulator
0
0
BZ#1325885 CVE-2016-4001 Qemu: net: buffer overflow in stellaris_enet emulator [fedora-all]
0
0
BZ#1328080 CVE-2016-4037 qemu: Infinite loop vulnerability in usb_ehci using siTD process [fedora-all]
0
0
BZ#1330221 USB redirection broken
0
0
BZ#1331401 CVE-2016-3710 qemu: incorrect banked access bounds checking in vga module
0
0
BZ#1334342 CVE-2016-3712 qemu: qemu-kvm: Out-of-bounds read when creating weird vga screen surface [fedora-all]
0
0
BZ#1334345 CVE-2016-3710 qemu: incorrect banked access bounds checking in vga module [fedora-all]
0
0
qemu-2.4.1-9.fc23

Automated Test Results

Copyright © 2007-2025 Red Hat, Inc. and others.

Running bodhi-server 8.3.0 on bodhi-web-177-rvwvq.

bodhi is Free Software. Please file issues if you have any problems. Read the documentation.

Composes Legal Privacy policy