SUSE: 2020:1526-1 moderate: qemu

    Date 03 Jun 2020
    96
    Posted By LinuxSecurity Advisories
    An update that fixes 7 vulnerabilities is now available.
    
       SUSE Security Update: Security update for qemu
    ______________________________________________________________________________
    
    Announcement ID:    SUSE-SU-2020:1526-1
    Rating:             moderate
    References:         #1123156 #1146873 #1149811 #1161066 #1163018 
                        #1166240 #1170940 
    Cross-References:   CVE-2019-12068 CVE-2019-15890 CVE-2019-6778
                        CVE-2020-1711 CVE-2020-1983 CVE-2020-7039
                        CVE-2020-8608
    Affected Products:
                        SUSE OpenStack Cloud 7
                        SUSE Linux Enterprise Server for SAP 12-SP2
                        SUSE Linux Enterprise Server 12-SP2-LTSS
                        SUSE Linux Enterprise Server 12-SP2-BCL
    ______________________________________________________________________________
    
       An update that fixes 7 vulnerabilities is now available.
    
    Description:
    
       This update for qemu fixes the following issues:
    
       Security issues fixed:
    
       - CVE-2020-1711: Fixed a potential OOB access in the iSCSI client code
         (bsc#1166240).
       - CVE-2019-12068: Fixed a potential DoS in the LSI SCSI controller
         emulation (bsc#1146873).
       - CVE-2020-1983: Fixed a use-after-free in the ip_reass function of slirp
         (bsc#1170940).
       - CVE-2020-8608: Fixed a potential OOB access in slirp (bsc#1163018).
       - CVE-2020-7039: Fixed a potential OOB access in slirp (bsc#1161066).
       - CVE-2019-15890: Fixed a use-after-free during packet reassembly in slirp
         (bsc#1149811).
       - Fixed multiple potential DoS issues in SLIRP, similar to CVE-2019-6778
         (bsc#1123156).
    
    
    Patch Instructions:
    
       To install this SUSE Security Update use the SUSE recommended installation methods
       like YaST online_update or "zypper patch".
    
       Alternatively you can run the command listed for your product:
    
       - SUSE OpenStack Cloud 7:
    
          zypper in -t patch SUSE-OpenStack-Cloud-7-2020-1526=1
    
       - SUSE Linux Enterprise Server for SAP 12-SP2:
    
          zypper in -t patch SUSE-SLE-SAP-12-SP2-2020-1526=1
    
       - SUSE Linux Enterprise Server 12-SP2-LTSS:
    
          zypper in -t patch SUSE-SLE-SERVER-12-SP2-2020-1526=1
    
       - SUSE Linux Enterprise Server 12-SP2-BCL:
    
          zypper in -t patch SUSE-SLE-SERVER-12-SP2-BCL-2020-1526=1
    
    
    
    Package List:
    
       - SUSE OpenStack Cloud 7 (s390x x86_64):
    
          qemu-2.6.2-41.59.1
          qemu-block-curl-2.6.2-41.59.1
          qemu-block-curl-debuginfo-2.6.2-41.59.1
          qemu-block-ssh-2.6.2-41.59.1
          qemu-block-ssh-debuginfo-2.6.2-41.59.1
          qemu-debugsource-2.6.2-41.59.1
          qemu-guest-agent-2.6.2-41.59.1
          qemu-guest-agent-debuginfo-2.6.2-41.59.1
          qemu-kvm-2.6.2-41.59.1
          qemu-lang-2.6.2-41.59.1
          qemu-tools-2.6.2-41.59.1
          qemu-tools-debuginfo-2.6.2-41.59.1
    
       - SUSE OpenStack Cloud 7 (noarch):
    
          qemu-ipxe-1.0.0-41.59.1
          qemu-seabios-1.9.1-41.59.1
          qemu-sgabios-8-41.59.1
          qemu-vgabios-1.9.1-41.59.1
    
       - SUSE OpenStack Cloud 7 (x86_64):
    
          qemu-block-rbd-2.6.2-41.59.1
          qemu-block-rbd-debuginfo-2.6.2-41.59.1
          qemu-x86-2.6.2-41.59.1
          qemu-x86-debuginfo-2.6.2-41.59.1
    
       - SUSE OpenStack Cloud 7 (s390x):
    
          qemu-s390-2.6.2-41.59.1
          qemu-s390-debuginfo-2.6.2-41.59.1
    
       - SUSE Linux Enterprise Server for SAP 12-SP2 (ppc64le x86_64):
    
          qemu-2.6.2-41.59.1
          qemu-block-curl-2.6.2-41.59.1
          qemu-block-curl-debuginfo-2.6.2-41.59.1
          qemu-block-ssh-2.6.2-41.59.1
          qemu-block-ssh-debuginfo-2.6.2-41.59.1
          qemu-debugsource-2.6.2-41.59.1
          qemu-guest-agent-2.6.2-41.59.1
          qemu-guest-agent-debuginfo-2.6.2-41.59.1
          qemu-lang-2.6.2-41.59.1
          qemu-tools-2.6.2-41.59.1
          qemu-tools-debuginfo-2.6.2-41.59.1
    
       - SUSE Linux Enterprise Server for SAP 12-SP2 (ppc64le):
    
          qemu-ppc-2.6.2-41.59.1
          qemu-ppc-debuginfo-2.6.2-41.59.1
    
       - SUSE Linux Enterprise Server for SAP 12-SP2 (x86_64):
    
          qemu-block-rbd-2.6.2-41.59.1
          qemu-block-rbd-debuginfo-2.6.2-41.59.1
          qemu-kvm-2.6.2-41.59.1
          qemu-x86-2.6.2-41.59.1
          qemu-x86-debuginfo-2.6.2-41.59.1
    
       - SUSE Linux Enterprise Server for SAP 12-SP2 (noarch):
    
          qemu-ipxe-1.0.0-41.59.1
          qemu-seabios-1.9.1-41.59.1
          qemu-sgabios-8-41.59.1
          qemu-vgabios-1.9.1-41.59.1
    
       - SUSE Linux Enterprise Server 12-SP2-LTSS (ppc64le s390x x86_64):
    
          qemu-2.6.2-41.59.1
          qemu-block-curl-2.6.2-41.59.1
          qemu-block-curl-debuginfo-2.6.2-41.59.1
          qemu-block-ssh-2.6.2-41.59.1
          qemu-block-ssh-debuginfo-2.6.2-41.59.1
          qemu-debugsource-2.6.2-41.59.1
          qemu-guest-agent-2.6.2-41.59.1
          qemu-guest-agent-debuginfo-2.6.2-41.59.1
          qemu-lang-2.6.2-41.59.1
          qemu-tools-2.6.2-41.59.1
          qemu-tools-debuginfo-2.6.2-41.59.1
    
       - SUSE Linux Enterprise Server 12-SP2-LTSS (s390x x86_64):
    
          qemu-kvm-2.6.2-41.59.1
    
       - SUSE Linux Enterprise Server 12-SP2-LTSS (ppc64le):
    
          qemu-ppc-2.6.2-41.59.1
          qemu-ppc-debuginfo-2.6.2-41.59.1
    
       - SUSE Linux Enterprise Server 12-SP2-LTSS (noarch):
    
          qemu-ipxe-1.0.0-41.59.1
          qemu-seabios-1.9.1-41.59.1
          qemu-sgabios-8-41.59.1
          qemu-vgabios-1.9.1-41.59.1
    
       - SUSE Linux Enterprise Server 12-SP2-LTSS (x86_64):
    
          qemu-block-rbd-2.6.2-41.59.1
          qemu-block-rbd-debuginfo-2.6.2-41.59.1
          qemu-x86-2.6.2-41.59.1
          qemu-x86-debuginfo-2.6.2-41.59.1
    
       - SUSE Linux Enterprise Server 12-SP2-LTSS (s390x):
    
          qemu-s390-2.6.2-41.59.1
          qemu-s390-debuginfo-2.6.2-41.59.1
    
       - SUSE Linux Enterprise Server 12-SP2-BCL (noarch):
    
          qemu-ipxe-1.0.0-41.59.1
          qemu-seabios-1.9.1-41.59.1
          qemu-sgabios-8-41.59.1
          qemu-vgabios-1.9.1-41.59.1
    
       - SUSE Linux Enterprise Server 12-SP2-BCL (x86_64):
    
          qemu-2.6.2-41.59.1
          qemu-block-curl-2.6.2-41.59.1
          qemu-block-curl-debuginfo-2.6.2-41.59.1
          qemu-block-rbd-2.6.2-41.59.1
          qemu-block-rbd-debuginfo-2.6.2-41.59.1
          qemu-block-ssh-2.6.2-41.59.1
          qemu-block-ssh-debuginfo-2.6.2-41.59.1
          qemu-debugsource-2.6.2-41.59.1
          qemu-guest-agent-2.6.2-41.59.1
          qemu-guest-agent-debuginfo-2.6.2-41.59.1
          qemu-kvm-2.6.2-41.59.1
          qemu-lang-2.6.2-41.59.1
          qemu-tools-2.6.2-41.59.1
          qemu-tools-debuginfo-2.6.2-41.59.1
          qemu-x86-2.6.2-41.59.1
          qemu-x86-debuginfo-2.6.2-41.59.1
    
    
    References:
    
       https://www.suse.com/security/cve/CVE-2019-12068.html
       https://www.suse.com/security/cve/CVE-2019-15890.html
       https://www.suse.com/security/cve/CVE-2019-6778.html
       https://www.suse.com/security/cve/CVE-2020-1711.html
       https://www.suse.com/security/cve/CVE-2020-1983.html
       https://www.suse.com/security/cve/CVE-2020-7039.html
       https://www.suse.com/security/cve/CVE-2020-8608.html
       https://bugzilla.suse.com/1123156
       https://bugzilla.suse.com/1146873
       https://bugzilla.suse.com/1149811
       https://bugzilla.suse.com/1161066
       https://bugzilla.suse.com/1163018
       https://bugzilla.suse.com/1166240
       https://bugzilla.suse.com/1170940
    
    _______________________________________________
    sle-security-updates mailing list
    This email address is being protected from spambots. You need JavaScript enabled to view it.
    https://lists.suse.com/mailman/listinfo/sle-security-updates
    

    LinuxSecurity Poll

    If you are using full-disk encryption: are you concerned about the resulting performance hit?

    No answer selected. Please try again.
    Please select either existing option or enter your own, however not both.
    Please select minimum 0 answer(s) and maximum 2 answer(s).
    /main-polls/34-if-you-are-using-full-disk-encryption-are-you-concerned-about-the-resulting-performance-hit?task=poll.vote&format=json
    34
    radio
    [{"id":"120","title":"Yes","votes":"14","type":"x","order":"1","pct":60.87,"resources":[]},{"id":"121","title":"No ","votes":"9","type":"x","order":"2","pct":39.13,"resources":[]}] ["#ff5b00","#4ac0f2","#b80028","#eef66c","#60bb22","#b96a9a","#62c2cc"] ["rgba(255,91,0,0.7)","rgba(74,192,242,0.7)","rgba(184,0,40,0.7)","rgba(238,246,108,0.7)","rgba(96,187,34,0.7)","rgba(185,106,154,0.7)","rgba(98,194,204,0.7)"] 350
    bottom 200

    Please enable / Bitte aktiviere JavaScript!
    Veuillez activer / Por favor activa el Javascript![ ? ]

    We use cookies to provide and improve our services. By using our site, you consent to our Cookie Policy.