File _patchinfo of Package patchinfo.31662

<patchinfo incident="31662">
  <issue tracker="bnc" id="1213210">User process fault: interruption code 0011 ilc:2 in libc.so.6</issue>
  <issue tracker="bnc" id="1212850">VUL-0: CVE-2023-3354: qemu,kvm: improper I/O watch removal in VNC TLS handshake can lead to remote unauthenticated denial of service</issue>
  <issue tracker="bnc" id="1215311">qemu will stop compiling when binutils update is released (toolchain update 2023)</issue>
  <issue tracker="bnc" id="1188609">VUL-1: CVE-2021-3638: qemu: ati-vga: inconsistent check in ati_2d_blt() may lead to out-of-bounds write</issue>
  <issue tracker="bnc" id="1213925">VUL-0: CVE-2023-3180: qemu,kvm: virtio-crypto: heap buffer overflow in virtio_crypto_sym_op_helper()</issue>
  <issue tracker="cve" id="2023-3180"/>
  <issue tracker="cve" id="2021-3638"/>
  <issue tracker="cve" id="2023-3354"/>
  <packager>dfaggioli</packager>
  <rating>important</rating>
  <category>security</category>
  <summary>Security update for qemu</summary>
  <description>This update for qemu fixes the following issues:

- CVE-2021-3638: hw/display/ati_2d: Fix buffer overflow in ati_2d_blt (bsc#1188609)
- CVE-2023-3180: virtio-crypto: verify src and dst buffer length for sym request (bsc#1213925)
- CVE-2023-3354: io: remove io watch if TLS channel is closed during handshake (bsc#1212850)
- [openSUSE] roms/ipxe: Backport 0aa2e4ec9635, in preparation of binutils 2.41 (bsc#1215311)
- target/s390x: Fix the "ignored match" case in VSTRS (bsc#1213210)
- linux-user/elfload: Enable vxe2 on s390x (bsc#1213210)
</description>
</patchinfo>