Hello community,
here is the log from the commit of package patchinfo.14292 for
openSUSE:Leap:15.1:Update checked in at 2020-10-03 06:23:08
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Comparing /work/SRC/openSUSE:Leap:15.1:Update/patchinfo.14292 (Old)
and /work/SRC/openSUSE:Leap:15.1:Update/.patchinfo.14292.new.4249 (New)
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Package is "patchinfo.14292"
Sat Oct 3 06:23:08 2020 rev:1 rq:838630 version:unknown
Changes:
--------
New Changes file:
NO CHANGES FILE!!!
New:
----
_patchinfo
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Other differences:
------------------
++++++ _patchinfo ++++++
<patchinfo incident="14292">
<issue tracker="bnc" id="1176590">VUL-0: EMBARGOED:
CVE-2020-14374,CVE-2020-14375,CVE-2020-14376,CVE-2020-14377,CVE-2020-14378:
dpdk: VM escape</issue>
<issue tracker="cve" id="2020-14374"/>
<issue tracker="cve" id="2020-14375"/>
<issue tracker="cve" id="2020-14376"/>
<issue tracker="cve" id="2020-14377"/>
<issue tracker="cve" id="2020-14378"/>
<packager>jaicaa</packager>
<rating>critical</rating>
<category>security</category>
<summary>Security update for dpdk</summary>
<description>This update for dpdk fixes the following issues:
- dpdk was updated to 18.11.9. For a list of fixes check:
- CVE-2020-14374,CVE-2020-14375,CVE-2020-14376,CVE-2020-14377,CVE-2020-14378:
Fixed multiple issues where a malicious guest could
harm the host using vhost crypto, including executing code in host (VM
Escape), reading host application memory space to guest
and causing partially denial of service in the host(bsc#1176590).
For a list of fixes check:
https://doc.dpdk.org/guides-18.11/rel_notes/release_18_11.html#fixes
This update was imported from the SUSE:SLE-15-SP1:Update update
project.</description>
</patchinfo>
