Qemu CVE-2017-5715 aka Spectre update

Bug #1748200 reported by Adam Heczko on 2018-02-08
256
This bug affects 1 person
Affects Status Importance Assigned to Milestone
Mirantis OpenStack
Medium
Valeriy Saharov
7.0.x
Medium
MOS Maintenance
8.0.x
Medium
MOS Maintenance

Bug Description

Detailed bug description:
Provide updated Qemu packages to MOS.

This update allows QEMU to expose new CPU features added by microcode
updates to guests on amd64, i386, and s390x. On amd64 and i386, new CPU
models that match the updated microcode features were added with an -IBRS
suffix. Certain environments will require guests to be switched manually to
the new CPU models after microcode updates have been applied to the host.

https://usn.ubuntu.com/usn/usn-3560-1/

CVE References

Changed in mos:
assignee: nobody → MOS Maintenance (mos-maintenance)
Changed in mos:
milestone: 9.x-updates → 9.2-mu-5
status: New → Confirmed
Changed in mos:
assignee: MOS Maintenance (mos-maintenance) → Valeriy Saharov (vsakharov)
status: Confirmed → In Progress

Reviewed: https://review.fuel-infra.org/38102
Submitter: Pkgs Jenkins <email address hidden>
Branch: 9.0

Commit: 02a8d213d19a2f348a83ce8d89953feb206d1875
Author: Dmitry Teselkin <email address hidden>
Date: Wed Mar 21 13:22:45 2018

qemu 2.5+dfsg-5ubuntu10.24

Sync patches from upstream distribution

This request contains patches for Spectre (CVE-2017-5715)

Related-Prod: PROD-18662

Closes-Bug: #1748200

Change-Id: I8b99a05c3c44717a64ed09e7b1ae425b8d4ed327

Changed in mos:
status: In Progress → Fix Committed
Vladimir Jigulin (vjigulin) wrote :

Verified on 9.2-mu5-proposed

Changed in mos:
status: Fix Committed → Fix Released
To post a comment you must log in.
This report contains Public Security information  Edit
Everyone can see this security related information.

Other bug subscribers