projects / gentoo.git / commit
? search:
summary | shortlog | log | commit | commitdiff | tree
(parent: 811e644) | patch
app-emulation/qemu: version bump to 2.11.0, important security fixes
authorMatthias Maier <tamiko@gentoo.org>
Sun, 11 Feb 2018 20:16:02 +0000 (14:16 -0600)
committerMatthias Maier <tamiko@gentoo.org>
Sun, 11 Feb 2018 20:27:01 +0000 (14:27 -0600)
commit725631c3eee62d147ea634c969ab90d1c70f5612
tree0f4bf955168bca895680c5bf505101752138b838tree | snapshot
parent811e64445c4c55cc76aac97bd1e52d060608a5ebcommit | diff
app-emulation/qemu: version bump to 2.11.0, important security fixes

 - Added slot operator for libnfs

 - Added patch for glibc-2.27 compatibility

 - Added patch for CVE-2017-16845

 - Backported upstream msr / spec ctrl patches:

   6cfbc54e89  i386: Add EPYC-IBPB CPU model
   ac96c41354  i386: Add new -IBRS versions of Intel CPU models
   1b3420e1c4  i386: Add FEAT_8000_0008_EBX CPUID feature word
   a2381f0934  i386: Add spec-ctrl CPUID bit
   a33a2cfe2f  i386: Add support for SPEC_CTRL MSR

 - CVEs addressed by bump:

   CVE-2017-17381
   CVE-2017-18030
   CVE-2017-18043

 - CVEs addressed by patchset:

   CVE-2017-15124
   CVE-2017-16845
   CVE-2018-5683

 - CVE-2018-5748 is a libvirt vulnerability, not a qemu issue...

Bug:    https://bugs.gentoo.org/638506
Bug:    https://bugs.gentoo.org/643432
Bug:    https://bugs.gentoo.org/646814
Closes: https://bugs.gentoo.org/641100
Closes: https://bugs.gentoo.org/646568
Closes: https://bugs.gentoo.org/646710
Package-Manager: Portage-2.3.24, Repoman-2.3.6
app-emulation/qemu/Manifest diff | blob | history
app-emulation/qemu/files/qemu-2.11.0-glibc-2.27.patch [new file with mode: 0644] blob
app-emulation/qemu/qemu-2.11.0.ebuild [new file with mode: 0644] blob
Unnamed repository; edit this file 'description' to name the repository.