spec: Update patch and changelog with !149 fix CVE-2021-3527 #I3U9T9 && CVE-2019-12067#I3VG5H && CVE-2021-20221 #I3UFOP !149

ide: ahci: add check to avoid null dereference (CVE-2019-12067) hw/intc/arm_gic: Fix interrupt ID in GICD_SGIR register usb: limit combined packets to 1 MiB (CVE-2021-3527) Signed-off-by: Chen Qun<kuhn.chenqun@huawei.com>
2021-06-21 16:27:23 +08:00 · 2021-06-21 16:27:23 +08:00 · 707acdc80c
commit 707acdc80c
parent 581470ea22
1 changed files with 8 additions and 0 deletions
--- a/qemu.spec
+++ b/qemu.spec
@ -318,6 +318,9 @@ Patch0305: vhost-user-gpu-fix-memory-leak-in-virgl_cmd_resource.patch
 Patch0306: vhost-user-gpu-fix-memory-leak-in-virgl_resource_att.patch
 Patch0307: vhost-user-gpu-fix-memory-disclosure-in-virgl_cmd_ge.patch
 Patch0308: vhost-user-gpu-fix-OOB-write-in-virgl_cmd_get_capset.patch
+Patch0309: ide-ahci-add-check-to-avoid-null-dereference-CVE-201.patch
+Patch0310: hw-intc-arm_gic-Fix-interrupt-ID-in-GICD_SGIR-regist.patch
+Patch0311: usb-limit-combined-packets-to-1-MiB-CVE-2021-3527.patch

 BuildRequires: flex
 BuildRequires: bison
@ -705,6 +708,11 @@ getent passwd qemu >/dev/null || \
 %endif

 %changelog
+* Mon Jun 21 2021 Chen Qun <kuhn.chenqun@huawei.com>
+- ide: ahci: add check to avoid null dereference (CVE-2019-12067)
+- hw/intc/arm_gic: Fix interrupt ID in GICD_SGIR register
+- usb: limit combined packets to 1 MiB (CVE-2021-3527)
+
 * Tue Jun 15 2021 Chen Qun <kuhn.chenqun@huawei.com>
 - vhost-user-gpu: fix resource leak in 'vg_resource_create_2d' (CVE-2021-3544)
 - vhost-user-gpu: fix memory leak in vg_resource_attach_backing (CVE-2021-3544)