SUSE-SU-2019:1239-1 -- SLES qemu, qemu-guest-agentID: oval:org.secpod.oval:def:89050620 | Date: (C)2024-01-30 (M)2024-05-22 |
Class: PATCH | Family: unix |
This update for qemu fixes the following issues: Security issues fixed: - CVE-2019-9824: Fixed an information leak in slirp - CVE-2019-8934: Added method to specify whether or not to expose certain ppc64 host information, which can be considered a security issue - CVE-2019-3812: Fixed OOB memory access and information leak in virtual monitor interface - CVE-2018-20815: Fix DOS possibility in device tree processing - Adjust fix for CVE-2019-8934 to match the latest upstream adjustments for the same. Basically now the security fix is to provide a dummy host-model and host-serial value, which overrides getting that value from the host - CVE-2018-12126 CVE-2018-12127 CVE-2018-12130 CVE-2019-11091: Added x86 cpu feature "md-clear" Other bugs fixed: - Use a new approach to handling the file input to -smbios option, which accepts either legacy or per-spec formats regardless of the machine type.
Platform: |
SUSE Linux Enterprise Server 15 |
SUSE Linux Enterprise Desktop 15 |
Product: |
qemu |
qemu-guest-agent |