Update qemu package to mitigate CVE-2015-3456

[packages/centos6/qemu.git] / qemu.spec

diff --git a/qemu.spec b/qemu.spec
index ddbee04999cdfe9913c8646984a97479414c67e5..8956116c4a241106617328f66e272616724a93cc 100644 (file)
--- a/qemu.spec
+++ b/qemu.spec
@@ -154,7 +154,7 @@
 Summary: QEMU is a FAST! processor emulator
 Name: qemu
 Version: 2.0.0
-Release: 4
+Release: 5
 Epoch: 2
 License: GPLv2+ and LGPLv2+ and BSD
 Group: Development/Tools
@@ -220,6 +220,7 @@ Patch0021: 0021-ssi-sd-fix-buffer-overrun-on-invalid-state-load.patch
 Patch0022: 0022-openpic-avoid-buffer-overrun-on-incoming-migration.patch
 Patch0023: 0023-virtio-net-out-of-bounds-buffer-write-on-load.patch
 Patch0024: 0024-virtio-validate-config_len-on-load.patch
+Patch0025: 0025-fdc-force-the-fifo-access-to-be-in-bounds-of-the-allocated-buffer.patch
 
 BuildRequires: SDL-devel
 BuildRequires: zlib-devel
@@ -768,7 +769,7 @@ CAC emulation development files.
 %patch0022 -p1
 %patch0023 -p1
 %patch0024 -p1
-
+%patch0025 -p1
 
 %build
 %if %{with kvmonly}
@@ -1548,6 +1549,9 @@ fi
 %endif
 
 %changelog
+* Wed May 13 2015 Aleksandr Mogylchenko <amogylchenko@mirantis.com> - 2:2.0.0-5
+- VENOM, or CVE-2015-3456;
+
 * Sun May 11 2014 Cole Robinson <crobinso@redhat.com> - 2:2.0.0-4
 - Migration CVEs: CVE-2014-0182 etc.