Oval Definition:oval:org.opensuse.security:def:80862
Revision Date:2019-02-26Version:1
Title:Security update for qemu (Important)
Description:

This update for qemu fixes the following issues:

Security issues fixed:

- CVE-2019-6778: Fixed a heap buffer overflow issue in the SLiRP networking implementation (bsc#1123156). - CVE-2018-16872: Fixed a host security vulnerability related to handling symlinks in usb-mtp (bsc#1119493). - CVE-2018-19489: Fixed a denial of service vulnerability in virtfs (bsc#1117275). - CVE-2018-19364: Fixed a use-after-free if the virtfs interface resulting in a denial of service (bsc#1116717). - CVE-2018-7858: Fixed a denial of service which could occur while updating the VGA display, after guest has adjusted the display dimensions (bsc#1084604). - CVE-2017-13673: Fixed a denial of service in the cpu_physical_memory_snapshot_get_dirty function. - CVE-2017-13672: Fixed a denial of service via vectors involving display update.

Non-security issues fixed:

- Fixed bad guest time after migration (bsc#1113231).
Family:unixClass:patch
Status:Reference(s):1084604
1113231
1116717
1117275
1119493
1123156
CVE-2017-13672
CVE-2017-13673
CVE-2018-16872
CVE-2018-19364
CVE-2018-19489
CVE-2018-7858
CVE-2019-6778
SUSE-SU-2019:0489-1
Platform(s):SUSE OpenStack Cloud 7
Product(s):
Definition Synopsis
  • SUSE OpenStack Cloud 7 is installed
  • AND Package Information
  • qemu-2.6.2-41.49.1 is installed
  • OR qemu-block-curl-2.6.2-41.49.1 is installed
  • OR qemu-block-rbd-2.6.2-41.49.1 is installed
  • OR qemu-block-ssh-2.6.2-41.49.1 is installed
  • OR qemu-guest-agent-2.6.2-41.49.1 is installed
  • OR qemu-ipxe-1.0.0-41.49.1 is installed
  • OR qemu-kvm-2.6.2-41.49.1 is installed
  • OR qemu-lang-2.6.2-41.49.1 is installed
  • OR qemu-s390-2.6.2-41.49.1 is installed
  • OR qemu-seabios-1.9.1-41.49.1 is installed
  • OR qemu-sgabios-8-41.49.1 is installed
  • OR qemu-tools-2.6.2-41.49.1 is installed
  • OR qemu-vgabios-1.9.1-41.49.1 is installed
  • OR qemu-x86-2.6.2-41.49.1 is installed
    • BACK