Sign Up
Log In
Log In
or
Sign Up
Places
All Projects
Status Monitor
Collapse sidebar
openSUSE:Step:15-SP2
patchinfo.18959
_patchinfo
Overview
Repositories
Revisions
Requests
Users
Attributes
Meta
File _patchinfo of Package patchinfo.18959
<patchinfo incident="18959"> <issue tracker="cve" id="2020-29443"/> <issue tracker="cve" id="2020-25625"/> <issue tracker="cve" id="2020-28916"/> <issue tracker="cve" id="2021-20257"/> <issue tracker="cve" id="2020-27617"/> <issue tracker="cve" id="2021-3416"/> <issue tracker="cve" id="2020-27616"/> <issue tracker="cve" id="2020-15469"/> <issue tracker="cve" id="2020-29130"/> <issue tracker="cve" id="2020-29129"/> <issue tracker="cve" id="2020-25723"/> <issue tracker="cve" id="2020-27821"/> <issue tracker="cve" id="2020-12829"/> <issue tracker="cve" id="2020-25084"/> <issue tracker="cve" id="2020-25624"/> <issue tracker="bnc" id="1179466">VUL-1: CVE-2020-29129: kvm,qemu,slirp4netns: out-of-bounds access while processing NCSI packets</issue> <issue tracker="bnc" id="1178934">VUL-1: CVE-2020-25723: kvm,qemu: assertion failure through usb_packet_unmap() in hw/usb/hcd-ehci.c</issue> <issue tracker="bnc" id="1179467">VUL-0: CVE-2020-29130: kvm,qemu,slirp4netns: out-of-bounds access while processing ARP packets</issue> <issue tracker="bnc" id="1182577">VUL-0: CVE-2021-20257: kvm,qemu: infinite loop issue in the e1000 NIC emulator</issue> <issue tracker="bnc" id="1178400">VUL-1: CVE-2020-27616: qemu,kvm: ati-vga: potential crash via invalid x y parameter values</issue> <issue tracker="bnc" id="1179686">VUL-0: CVE-2020-27821: kvm,qemu: heap buffer overflow in msix_table_mmio_write() in hw/pci/msix.c</issue> <issue tracker="bnc" id="1182425">VUL-0: qemu, kvm: packaging workflow implemented in config.sh and update_git.sh uses fixed temporary files and directories</issue> <issue tracker="bnc" id="1184064">'virtio-gpu-pci' is not a valid device model name</issue> <issue tracker="bnc" id="1176684">VUL-1: CVE-2020-25625: kvm,qemu: usb: hcd-ohci: infinite loop issue while processing transfer descriptors</issue> <issue tracker="bnc" id="1181108">VUL-0: CVE-2020-29443: qemu,kvm: atapi: OOB access while processing read commands</issue> <issue tracker="bnc" id="1176673">VUL-0: CVE-2020-25084: kvm,qemu: usb: use-after-free issue while setting up packet</issue> <issue tracker="bnc" id="1179468">VUL-1: CVE-2020-28916: qemu,kvm: e1000e: infinite loop scenario in case of null packet descriptor</issue> <issue tracker="bnc" id="1176682">VUL-0: CVE-2020-25624: kvm,qemu: usb: hcd-ohci: out-of-bound access issue while processing transfer descriptors</issue> <issue tracker="bnc" id="1173612">VUL-0: CVE-2020-15469: kvm,qemu: QEMU: MMIO ops null pointer dereference may lead to DoS</issue> <issue tracker="bnc" id="1172385">VUL-0: CVE-2020-12829: qemu: OOB read and write due to integer overflow in sm501_2d_operation() in hw/display/sm501.c</issue> <issue tracker="bnc" id="1178174">VUL-1: CVE-2020-27617: qemu: assert failure in eth_get_gso_type</issue> <issue tracker="bnc" id="1182968">VUL-0: CVE-2021-3419: qemu,kvm: rtl8139: stack overflow induced by infinite recursion issue</issue> <packager>bfrogers</packager> <rating>important</rating> <category>security</category> <summary>Security update for qemu</summary> <description>This update for qemu fixes the following issues: - CVE-2020-12829: Fix OOB access in sm501 device emulation (bsc#1172385) - CVE-2020-25723: Fix use-after-free in usb xhci packet handling (bsc#1178934) - CVE-2020-25084: Fix use-after-free in usb ehci packet handling (bsc#1176673) - CVE-2020-25625: Fix infinite loop (DoS) in usb hcd-ohci emulation (bsc#1176684) - CVE-2020-25624: Fix OOB access in usb hcd-ohci emulation (bsc#1176682) - CVE-2020-27617: Fix guest triggerable assert in shared network handling code (bsc#1178174) - CVE-2020-28916: Fix infinite loop (DoS) in e1000e device emulation (bsc#1179468) - CVE-2020-29443: Fix OOB access in atapi emulation (bsc#1181108) - CVE-2020-27821: Fix heap overflow in MSIx emulation (bsc#1179686) - CVE-2020-15469: Fix null pointer deref. (DoS) in mmio ops (bsc#1173612) - CVE-2021-20257: Fix infinite loop (DoS) in e1000 device emulation (bsc#1182577) - CVE-2021-3416: Fix OOB access (stack overflow) in rtl8139 NIC emulation (bsc#1182968) - CVE-2021-3416: Fix OOB access (stack overflow) in other NIC emulations (bsc#1182968) - CVE-2020-27616: Fix OOB access in ati-vga emulation (bsc#1178400) - CVE-2020-29129: Fix OOB access in SLIRP ARP/NCSI packet processing (bsc#1179466, CVE-2020-29130, bsc#1179467) - Fix package scripts to not use hard coded paths for temporary working directories and log files (bsc#1182425) - Add split-provides through forsplits/13 to cover updates of SLE15-SP2 to SLE15-SP3, and openSUSE equivalents (bsc#1184064) - Added a few more usability improvements for our git packaging workflow </description> </patchinfo>
Locations
Projects
Search
Status Monitor
Help
OpenBuildService.org
Documentation
API Documentation
Code of Conduct
Contact
Support
@OBShq
Terms
openSUSE Build Service is sponsored by
The Open Build Service is an
openSUSE project
.
Sign Up
Log In
Places
Places
All Projects
Status Monitor