spec: Update patch and changelog with !146 fix CVE-2021-3527 #I3U9T9 && CVE-2019-12067#I3VG5H && CVE-2021-20221 #I3UFOP !146

ide: ahci: add check to avoid null dereference (CVE-2019-12067) hw/intc/arm_gic: Fix interrupt ID in GICD_SGIR register usb: limit combined packets to 1 MiB (CVE-2021-3527) Signed-off-by: Chen Qun<kuhn.chenqun@huawei.com>
2021-06-21 16:27:26 +08:00 · 2021-06-21 16:27:26 +08:00 · f64c0eea3d
commit f64c0eea3d
parent 71a60cb18b
1 changed files with 8 additions and 0 deletions
--- a/qemu.spec
+++ b/qemu.spec
@ -334,6 +334,9 @@ Patch0321: vhost-user-gpu-fix-memory-leak-in-virgl_cmd_resource.patch
 Patch0322: vhost-user-gpu-fix-memory-leak-in-virgl_resource_att.patch
 Patch0323: vhost-user-gpu-fix-memory-disclosure-in-virgl_cmd_ge.patch
 Patch0324: vhost-user-gpu-fix-OOB-write-in-virgl_cmd_get_capset.patch
+Patch0325: ide-ahci-add-check-to-avoid-null-dereference-CVE-201.patch
+Patch0326: hw-intc-arm_gic-Fix-interrupt-ID-in-GICD_SGIR-regist.patch
+Patch0327: usb-limit-combined-packets-to-1-MiB-CVE-2021-3527.patch

 BuildRequires: flex
 BuildRequires: bison
@ -727,6 +730,11 @@ getent passwd qemu >/dev/null || \
 %endif

 %changelog
+* Mon Jun 21 2021 Chen Qun <kuhn.chenqun@huawei.com>
+- ide: ahci: add check to avoid null dereference (CVE-2019-12067)
+- hw/intc/arm_gic: Fix interrupt ID in GICD_SGIR register
+- usb: limit combined packets to 1 MiB (CVE-2021-3527)
+
 * Tue Jun 15 2021 Chen Qun <kuhn.chenqun@huawei.com>
 - vhost-user-gpu: fix resource leak in 'vg_resource_create_2d' (CVE-2021-3544)
 - vhost-user-gpu: fix memory leak in vg_resource_attach_backing (CVE-2021-3544)