Oracle7: ELSA-2021-9638: qemu Important Security Update
Summary
[15:4.2.1-13.el7] - pcie: Do not set power state for some hot-plugged devices (Annie Li) [Orabug: 33642532] [15:4.2.1-12.1.el7] - Update slirp to address various CVEs (Mark Kanda) [Orabug: 32208456] [Orabug: 33014409] [Orabug: 33014414] [Orabug: 33014417] [Orabug: 33014420] {CVE-2020-29129} {CVE-2020-29130} {CVE-2021-3592} {CVE-2021-3593} {CVE-2021-3594} {CVE-2021-3595} - Revert "Update libslirp to v4.6.1" (Mark Kanda) [Orabug: 33607100] [15:4.2.1-12.el7] - hw/pflash_cfi01: Allow backing devices to be smaller than memory region (David Edmondson) - pcie: expire pending delete (Gerd Hoffmann) [Orabug: 33450706] - pcie: fast unplug when slot power is off (Gerd Hoffmann) [Orabug: 33450706] - pcie: factor out pcie_cap_slot_unplug() (Gerd Hoffmann) [Orabug: 33450706] - pcie: add power indicator blink check (Gerd Hoffmann) [Orabug: 33450706] - pcie: implement slot power control for pcie root ports (Gerd Hoffmann) [Orabug: 33450706] - pci: implement power state (Gerd Hoffmann) [Orabug: 33450706] - hw/pci/pcie: Move hot plug capability check to pre_plug callback (Julia Suvorova) [Orabug: 33450706] - hw/pci/pcie: Replace PCI_DEVICE() casts with existing variable (Julia Suvorova) [Orabug: 33450706] - hw/pci/pcie: Forbid hot-plug if it's disabled on the slot (Julia Suvorova) [Orabug: 33450706] - pcie_root_port: Add hotplug disabling option (Julia Suvorova) [Orabug: 33450706] - qdev-monitor: Forbid repeated device_del (Julia Suvorova) [Orabug: 33450706]
SRPMs
https://oss.oracle.com:443/ol7/SRPMS-updates/qemu-4.2.1-13.el7.src.rpm
x86_64
qemu-common-4.2.1-13.el7.x86_64.rpm qemu-system-x86-core-4.2.1-13.el7.x86_64.rpm qemu-block-gluster-4.2.1-13.el7.x86_64.rpm qemu-block-iscsi-4.2.1-13.el7.x86_64.rpm qemu-block-rbd-4.2.1-13.el7.x86_64.rpm qemu-img-4.2.1-13.el7.x86_64.rpm qemu-4.2.1-13.el7.x86_64.rpm qemu-kvm-4.2.1-13.el7.x86_64.rpm qemu-kvm-core-4.2.1-13.el7.x86_64.rpm qemu-system-x86-4.2.1-13.el7.x86_64.rpm
aarch64
i386
- uas: add stream number sanity checks. (Gerd Hoffmann) [Orabug: 33280793] {CVE-2021-3713} - usbredir: fix free call (Gerd Hoffmann) [Orabug: 33198441] {CVE-2021-3682} - hw/scsi/scsi-disk: MODE_PAGE_ALLS not allowed in MODE SELECT commands (Mauro Matteo Cascella) [Orabug: 33548490] {CVE-2021-3930} - e1000: fix tx re-entrancy problem (Jon Maloy) [Orabug: 32560552] {CVE-2021-20257} - Update libslirp to v4.6.1 (Marc-Andr=E9 Lureau) [Orabug: 33014409] [Orabug: 33014414] [Orabug: 33014417] [Orabug: 33014420] {CVE-2020-10756} {CVE-2020-1983} {CVE-2020-29129} {CVE-2021-3592} {CVE-2021-3593} {CVE-2021-3594} {CVE-2021-3595} - virtio-net-pci: Don't use "efi-virtio.rom" on AArch64 (Mark Kanda) - MAINTAINERS: Add ACPI/HEST/GHES entries (Dongjiu Geng) - target-arm: kvm64: handle SIGBUS signal from kernel or KVM (Dongjiu Geng) - ACPI: Record Generic Error Status Block(GESB) table (Dongjiu Geng) - KVM: Move hwpoison page related functions into kvm-all.c (Dongjiu Geng) - ACPI: Record the Generic Error Status Block address (Dongjiu Geng) - ACPI: Build Hardware Error Source Table (Dongjiu Geng) - ACPI: Build related register address fields via hardware error fw_cfg blob (Dongjiu Geng) - docs: APEI GHES generation and CPER record description (Dongjiu Geng) - hw/arm/virt: Introduce a RAS machine option (Dongjiu Geng) - acpi: nvdimm: change NVDIMM_UUID_LE to a common macro (Dongjiu Geng) - block/curl: HTTP header field names are case insensitive (David Edmondson) [Orabug: 33287589] - block/curl: HTTP header fields allow whitespace around values (David Edmondson) [Orabug: 33287589]