Overview

File _patchinfo of Package patchinfo.656

<patchinfo incident="656">
  <packager>bfrogers</packager>
  <issue tracker="bnc" id="932770">VUL-0: CVE-2015-3209: qemu,xen,kvm: heap overflow in qemu pcnet controller allowing guest to host escape</issue>
  <issue tracker="bnc" id="893892">KVM: Cannot install SLES11 VMs on SLES12 because of display problem</issue>
  <issue tracker="cve" id="CVE-2015-3209"></issue>
  <issue tracker="cve" id="CVE-2015-4037"></issue>
  <issue tracker="bnc" id="932267">VUL-1: CVE-2015-4037: qemu,kvm,xen: insecure temporary file use in /net/slirp.c</issue>
  <category>security</category>
  <rating>important</rating>
  <summary>Security update for qemu</summary>
  <description>qemu was updated to fix two security issues and augments one non-security bug fix.

The following vulnerabilities were fixed:

* CVE-2015-3209: heap overflow in qemu pcnet controller allowing guest to host escape (XSA-135) (bsc#932770)
* CVE-2015-4037: Avoid predictable directory name for smb config (bsc#932267)

The fix for the following non-security bug was improved:

* bsc#893892: Use improved upstream patch for display issue affecting installs of SLES 11 VMs on SLES 12
</description>
</patchinfo>
openSUSE Build Service is sponsored by
Places