Explore top 10 tips to secure your open-source projects now. Read More

×
Alerts This Week
Warning Icon 1 433
Alerts This Week
Warning Icon 1 433

openSUSE Leap 15.0: 2019:2059-1 Important: qemu Security Fix

opensuse
Calendar Grey September 3, 2019
Dist Opensuse Esm H88
The recent patch for openSUSE Leap 15.0 tackles vulnerabilities in qemu, providing essential updates that enhance both security and system performance.
An update that solves three vulnerabilities and has 7 fixes is now available.

Description

This update for qemu fixes the following issues:

Security issues fixed:

- CVE-2019-14378: Security fix for heap overflow in ip_reass on big packet

input (bsc#1143794).

- CVE-2019-12155: Security fix for null pointer dereference while

releasing spice resources (bsc#1135902).

- CVE-2019-13164: Security fix for qemu-bridge-helper ACL can be bypassed

when names are too long (bsc#1140402).

Bug fixes and enhancements:

- Add vcpu features needed for Cascadelake-Server, Icelake-Client and

Icelake-Server, especially the foundational arch-capabilities to help

with security and performance on Intel hosts (bsc#1134883) (fate#327764)

- Add support for one more security/performance related vcpu feature

(bsc#1136778) (fate#327796)

- Disable file locking in the Xen PV disk backend to avoid locking issues

with PV domUs during migration. The issues triggered by the locking can

not be properly handled in libxl. The locking...

Read the Full Advisory

Patch

Patch Instructions:

To install this openSUSE Security Update use the SUSE recommended installation methods

like YaST online_update or "zypper patch".

Alternatively you can run the command listed for your product:

- openSUSE Leap 15.0:

zypper in -t patch openSUSE-2019-2059=1

Package List

- openSUSE Leap 15.0 (x86_64):

qemu-2.11.2-lp150.7.25.1

qemu-arm-2.11.2-lp150.7.25.1

qemu-arm-debuginfo-2.11.2-lp150.7.25.1

qemu-block-curl-2.11.2-lp150.7.25.1

qemu-block-curl-debuginfo-2.11.2-lp150.7.25.1

qemu-block-dmg-2.11.2-lp150.7.25.1

qemu-block-dmg-debuginfo-2.11.2-lp150.7.25.1

qemu-block-gluster-2.11.2-lp150.7.25.1

qemu-block-gluster-debuginfo-2.11.2-lp150.7.25.1

qemu-block-iscsi-2.11.2-lp150.7.25.1

qemu-block-iscsi-debuginfo-2.11.2-lp150.7.25.1

qemu-block-rbd-2.11.2-lp150.7.25.1

qemu-block-rbd-debuginfo-2.11.2-lp150.7.25.1

qemu-block-ssh-2.11.2-lp150.7.25.1

qemu-block-ssh-debuginfo-2.11.2-lp150.7.25.1

qemu-debuginfo-2.11.2-lp150.7.25.1

qemu-debugsource-2.11.2-lp150.7.25.1

qemu-extra-2.11.2-lp150.7.25.1

qemu-extra-debuginfo-2.11.2-lp150.7.25.1

qemu-guest-agent-2.11.2-lp150.7.25.1

qemu-guest-agent-debuginfo-2.11.2-lp150.7.25.1

qemu-ksm-2.11.2-lp150.7.25.1

qemu-kvm-2.11.2-lp150.7.25.1

qemu-lang-2.11.2-lp150.7.25.1

qemu-ppc-2.11.2-lp150.7.25.1

qemu-ppc-debuginfo-2.11.2-lp150.7.25.1

qemu-s390-2.11.2-lp150.7....

Read the Full Advisory

References

https://www.suse.com/security/cve/CVE-2019-12155.html

https://www.suse.com/security/cve/CVE-2019-13164.html

https://www.suse.com/security/cve/CVE-2019-14378.html

https://bugzilla.suse.com/1079730

https://bugzilla.suse.com/1098403

https://bugzilla.suse.com/1111025

https://bugzilla.suse.com/1119115

https://bugzilla.suse.com/1134883

https://bugzilla.suse.com/1135902

https://bugzilla.suse.com/1136540

https://bugzilla.suse.com/1136778

https://bugzilla.suse.com/1140402

https://bugzilla.suse.com/1143794

--

Severity
important
Lowest
Low
Medium
High
Critical

Announcement ID: openSUSE-SU-2019:2059-1
Rating: important
Affected Products: openSUSE Leap 15.0 le.

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.