openSUSE Security Update : qemu (openSUSE-2016-252)
Medium Nessus Plugin ID 88925
SynopsisThe remote openSUSE host is missing a security update.
DescriptionThis update fixes the following security issues :
- Enforce receive packet size, thus eliminating buffer overflow and potential security issue. (bsc#957162 CVE-2015-7512)
- Infinite loop in processing command block list.
CVE-2015-8345 (bsc#956829) :
This update also fixes a non-security bug :
- Due to space restrictions in limited bios data areas, don't create mptable if vcpu count is 'high' (ie more than ~19). (bsc#954864) (No supported guests are negatively impacted by this change, which is taken from upstream seabios)
This update was imported from the SUSE:SLE-12-SP1:Update update project.
SolutionUpdate the affected qemu packages.