Overview

File _patchinfo of Package patchinfo.1643

<patchinfo incident="1643">
  <issue id="957162" tracker="bnc">VUL-0: CVE-2015-7512: kvm, qemu: net: pcnet: buffer overflow in non-loopback mode</issue>
  <issue id="954864" tracker="bnc">no bootable device reported on KVM guest with large number of processors assigned</issue>
  <issue id="956829" tracker="bnc">VUL-0: CVE-2015-8345: qemu: net: eepro100: infinite loop in processing command block list</issue>
  <issue id="CVE-2015-8345" tracker="cve" />
  <issue id="CVE-2015-7512" tracker="cve" />
  <category>security</category>
  <rating>important</rating>
  <packager>bfrogers</packager>
  <description>
This update fixes the following security issues:

- Enforce receive packet size, thus eliminating buffer overflow and
  potential security issue. (bsc#957162 CVE-2015-7512)
- Infinite loop in processing command block list. CVE-2015-8345 (bsc#956829):

This update also fixes a non-security bug:
- Due to space restrictions in limited bios data areas, don't create
  mptable if vcpu count is "high" (ie more than ~19). (bsc#954864)
  (No supported guests are negatively impacted by this change, which
  is taken from upstream seabios)
</description>
  <summary>Security update for qemu</summary>
</patchinfo>
openSUSE Build Service is sponsored by
Places