stable

qemu-2.10.2-1.fc27

FEDORA-2018-6c1be5e1c8 created by crobinso 6 years ago for Fedora 27
  • Fix restoring from snapshot more than once in a single run (bz #1531048)
  • CVE-2017-16845: ps2: information leakage via post_load (bz #1514150)
  • CVE-2017-17381: virtio: divide by zero exception (bz #1520785)
  • CVE-2018-5683: Out-of-bounds read in vga_draw_text (bz #1534672)
  • CVE-2018-7550: multiboot OOB access while loading kernel image (bz #1549799)
  • CVE-2018-7858 cirrus: OOB access when updating vga display (bz #1553404)
  • CVE-2018-11806: slirp: heap buffer overflow while reassembling fragmented datagrams (bz #1586249)
  • CVE-2018-12617: qemu-guest-agent: Integer overflow causes segmentation fault in qmp_guest_file_read (bz #1594055)
  • CVE-2017-15119 nbd: DoS via large option request (bz #1518238)
  • CVE-2017-15118 nbd: buffer overflow in export name (bz #1518235)
  • Rebase to qemu 2.10.2

How to install

Updates may require up to 24 hours to propagate to mirrors. If the following command doesn't work, please retry later:

sudo dnf upgrade --refresh --advisory=FEDORA-2018-6c1be5e1c8

This update has been submitted for testing by crobinso.

6 years ago

This update has been pushed to testing.

6 years ago
User Icon cserpentis commented & provided feedback 6 years ago
karma

works for me in a VM

User Icon filiperosset commented & provided feedback 6 years ago
karma

no regressions noted

User Icon lobocode commented & provided feedback 6 years ago
karma

works

This update has reached the stable karma threshold and can be pushed to stable now if the maintainer wishes.

6 years ago

This update has been submitted for batched by crobinso.

6 years ago

This update has been submitted for stable by bodhi.

6 years ago

This update has been pushed to stable.

6 years ago

Please login to add feedback.

Metadata
Type
security
Karma
3
Signed
Content Type
RPM
Test Gating
Settings
Unstable by Karma
-3
Stable by Karma
disabled
Stable by Time
disabled
Dates
submitted
6 years ago
in testing
6 years ago
in stable
6 years ago
BZ#1514148 CVE-2017-16845 Qemu: ps2: information leakage via post_load routine
0
0
BZ#1514150 CVE-2017-16845 Qemu: ps2: information leakage via post_load routine [fedora-all]
0
0
BZ#1516922 CVE-2017-15118 Qemu: stack buffer overflow in NBD server triggered via long export name
0
0
BZ#1516925 CVE-2017-15119 qemu: DoS via large option request
0
0
BZ#1518235 CVE-2017-15118 qemu: Stack-based buffer overflow in NBD server triggered via long export name [fedora-all]
0
0
BZ#1518238 CVE-2017-15119 qemu: DoS via large option request [fedora-all]
0
0
BZ#1520782 CVE-2017-17381 Qemu: virtio: divide by zero exception while updating rings
0
0
BZ#1520785 CVE-2017-17381 Qemu: virtio: divide by zero exception while updating rings [fedora-all]
0
0
BZ#1530356 CVE-2018-5683 Qemu: Out-of-bounds read in vga_draw_text routine
0
0
BZ#1531048 Reverting to snapshots causes qemu to crash.
0
0
BZ#1534672 CVE-2018-5683 qemu: Out-of-bounds read in vga_draw_text function in hw/display/vga.c [fedora-all]
0
0
BZ#1549798 CVE-2018-7550 QEMU: i386: multiboot OOB access while loading kernel image
0
0
BZ#1549799 CVE-2018-7550 Qemu: i386: multiboot OOB access while loading kernel image [fedora-all]
0
0
BZ#1553402 CVE-2018-7858 QEMU: cirrus: OOB access when updating VGA display
0
0
BZ#1553404 CVE-2018-7858 Qemu: cirrus: OOB access when updating vga display [fedora-all]
0
0
BZ#1586245 CVE-2018-11806 QEMU: slirp: heap buffer overflow while reassembling fragmented datagrams
0
0
BZ#1586249 CVE-2018-11806 QEMU: slirp: heap buffer overflow while reassembling fragmented datagrams [fedora-all]
0
0
BZ#1594054 CVE-2018-12617 qemu: qemu-guest-agent: Integer overflow causes segmentation fault in qmp_guest_file_read() with g_malloc()
0
0
BZ#1594055 CVE-2018-12617 qemu: qemu-guest-agent: Integer overflow causes segmentation fault in qmp_guest_file_read() with g_malloc() [fedora-all]
0
0

Automated Test Results