Oracle Linux 6260 Published by

A qemu-kvm security and bug fix update has been released for Oracle Linux 6.



El-errata: ELSA-2020-1403 Important: Oracle Linux 6 qemu-kvm security and bug fix update


Oracle Linux Security Advisory ELSA-2020-1403

  http://linux.oracle.com/errata/ELSA-2020-1403.html

The following updated rpms for Oracle Linux 6 have been uploaded to the
Unbreakable Linux Network:

i386:
qemu-guest-agent-0.12.1.2-2.506.el6_10.7.i686.rpm

x86_64:
qemu-guest-agent-0.12.1.2-2.506.el6_10.7.x86_64.rpm
qemu-img-0.12.1.2-2.506.el6_10.7.x86_64.rpm
qemu-kvm-0.12.1.2-2.506.el6_10.7.x86_64.rpm
qemu-kvm-tools-0.12.1.2-2.506.el6_10.7.x86_64.rpm

SRPMS:
  http://oss.oracle.com/ol6/SRPMS-updates/qemu-kvm-0.12.1.2-2.506.el6_10.7.src.rpm


Description of changes:

[0.12.1.2-2.506.el6_10.7]
- kvm-slirp-disable-tcp_emu.patch [bz#1791680]
- kvm-slirp-add-slirp_fmt-helpers.patch [bz#1798966]
- kvm-tcp_emu-fix-unsafe-snprintf-usages.patch [bz#1798966]
- Resolves: bz#1791680
(QEMU: Slirp: disable emulation of tcp programs like ftp IRC etc. [rhel-6])
- Resolves: bz#1798966
(CVE-2020-8608 qemu-kvm: QEMU: Slirp: potential OOB access due to unsafe
snprintf() usages [rhel-6.10.z])