FEDORA-2019-0664c7724d created by crobinso a year ago for Fedora 30
stable
  • fix crash with virgl enabled (bz #1692323)
  • linux-user: make pwrite64/pread64(fd, NULL, 0, offset) return 0 (bz #1174267)
  • Fix build with latest gluster (bz #1684298)
  • CVE-2018-20123: pvrdma: memory leakage in device hotplug (bz #1658964)
  • CVE-2018-16872: usb-mtp: path traversal issue (bz #1659150)
  • CVE-2018-20191: pvrdma: uar_read leads to NULL deref (bz #1660315)
  • CVE-2019-6501: scsi-generic: possible OOB access (bz #1669005)
  • CVE-2019-6778: slirp: heap buffer overflow (bz #1669072)
  • CVE-2019-3812: Out-of-bounds read in hw/i2c/i2c-ddc.c allows for memory disclosure (bz #1678081)

How to install

sudo dnf upgrade --advisory=FEDORA-2019-0664c7724d

This update has been submitted for testing by crobinso.

a year ago

This update has been pushed to testing.

a year ago
User Icon mattf commented & provided feedback a year ago

I don't see the qemu-block-rbd error while running dnf system-upgrade in #1688117 now that 3.1.0-5.fc30 is in updates-testing. Thanks.

User Icon danniel commented & provided feedback a year ago
karma

works

User Icon cserpentis commented & provided feedback a year ago
karma

works for me in a VM

User Icon frantisekz commented & provided feedback a year ago
karma

Works just fine

adamwill edited this update.

New build(s):

  • qemu-3.1.0-6.fc30

Removed build(s):

  • qemu-3.1.0-5.fc30

Karma has been reset.

a year ago

This update has been submitted for testing by adamwill.

a year ago
User Icon adamwill commented & provided feedback a year ago
karma

Tested with Beta-1.8. After installing direct from the Workstation live image and not installing any updates, I can successfully run a Boxes VM booting from the same image just fine. Looks good to me.

This update has been pushed to testing.

a year ago
User Icon frantisekz commented & provided feedback a year ago
karma

Works fine, I didn't spot any issues.

BZ#1692323 qemu crashes with virgl enabled on some GPUs
User Icon atim commented & provided feedback a year ago
karma

virgl now works even on Nvidia in virt-manager, but crashing virt-manager itself when running some Linux machines in VM. :)

This update has been submitted for batched by adamwill.

a year ago

This update has been submitted for stable by adamwill.

a year ago

This update has been pushed to stable.

a year ago

Please login to add feedback.

Metadata
Type
security
Severity
high
Karma
3
Signed
Content Type
RPM
Test Gating
Settings
Unstable by Karma
-3
Dates
submitted
a year ago
in testing
a year ago
in stable
a year ago
modified
a year ago
BZ#1174267 qemu linux-user syscall pwrite64 does not handle the case when the length of buffer is = 0
0
0
BZ#1656114 CVE-2018-16872 QEMU: usb-mtp: path traversal by host filesystem manipulation in Media Transfer Protocol (MTP)
0
0
BZ#1658963 CVE-2018-20123 QEMU: pvrdma: memory leakage in device hotplug
0
0
BZ#1658964 CVE-2018-20123 qemu: pvrdma: memory leakage in device hotplug [fedora-all]
0
0
BZ#1659150 CVE-2018-16872 qemu: path traversal by host filesystem manipulation in Media Transfer Protocol (MTP) [fedora-all]
0
0
BZ#1660314 CVE-2018-20191 QEMU: pvrdma: uar_read leads to NULL dereference
0
0
BZ#1660315 CVE-2018-20191 qemu: pvrdma: uar_read leads to NULL dereference [fedora-all]
0
0
BZ#1664205 CVE-2019-6778 QEMU: slirp: heap buffer overflow in tcp_emu()
0
0
BZ#1665792 CVE-2019-3812 qemu: Out-of-bounds read in hw/i2c/i2c-ddc.c allows for memory disclosure
0
0
BZ#1668160 CVE-2019-6501 QEMU: scsi-generic: possible OOB access while handling inquiry request
0
0
BZ#1669005 CVE-2019-6501 qemu: scsi-generic: possible OOB access while handling inquiry request [fedora-all]
0
0
BZ#1669072 CVE-2019-6778 qemu: slirp: heap buffer overflow in tcp_emu() [fedora-all]
0
0
BZ#1678081 CVE-2019-3812 qemu: Out-of-bounds read in hw/i2c/i2c-ddc.c allows for memory disclosure [fedora-all]
0
0
BZ#1692323 qemu crashes with virgl enabled on some GPUs
0
1

Automated Test Results