qemu security update

[15:4.2.1-4.el7]

• Document CVE-2020-25723 as fixed (Mark Kanda) [Orabug: 32222397] {CVE-2020-25084} {CVE-2020-25723}
• hw/net/e1000e: advance desc_offset in case of null descriptor (Prasad J Pandit) [Orabug: 32217517] {CVE-2020-28916}
• i386: Add 2nd Generation AMD EPYC processors (Moger, Babu) [Orabug: 32217570]
• libslirp: Update version to include CVE fixes (Mark Kanda) [Orabug: 32208456] [Orabug: 32208462] {CVE-2020-29129} {CVE-2020-29130}
• Document CVE-2020-25624 as fixed (Mark Kanda) [Orabug: 32212527] {CVE-2020-25624} {CVE-2020-25625}
• pvpanic: Advertise the PVPANIC_CRASHLOADED event support (Paolo Bonzini) [Orabug: 32102853]
• ati: check x y display parameter values (Prasad J Pandit) [Orabug: 32108251] {CVE-2020-27616}
• Add AArch64 support for QMP regdump tool and sosreport plugin (Mark Kanda) [Orabug: 32080658]
• Add qemu_regdump sosreport plugin support for ‘-mon’ QMP sockets (Mark Kanda)
• migration/dirtyrate: present dirty rate only when querying the rate has completed (Chuan Zheng)
• migration/dirtyrate: record start_time and calc_time while at the measuring state (Chuan Zheng)
• migration/dirtyrate: Add trace_calls to make it easier to debug (Chuan Zheng)
• migration/dirtyrate: Implement qmp_cal_dirty_rate()/qmp_get_dirty_rate() function (Chuan Zheng)
• migration/dirtyrate: Implement calculate_dirtyrate() function (Chuan Zheng)
• migration/dirtyrate: Implement set_sample_page_period() and is_sample_period_valid() (Chuan Zheng)
• migration/dirtyrate: skip sampling ramblock with size below MIN_RAMBLOCK_SIZE (Chuan Zheng)
• migration/dirtyrate: Compare page hash results for recorded sampled page (Chuan Zheng)
• migration/dirtyrate: Record hash results for each sampled page (Chuan Zheng)
• migration/dirtyrate: move RAMBLOCK_FOREACH_MIGRATABLE into ram.h (Chuan Zheng)
• migration/dirtyrate: Add dirtyrate statistics series functions (Chuan Zheng)
• migration/dirtyrate: Add RamblockDirtyInfo to store sampled page info (Chuan Zheng)
• migration/dirtyrate: add DirtyRateStatus to denote calculation status (Chuan Zheng)
• migration/dirtyrate: setup up query-dirtyrate framwork (Chuan Zheng)
• ram_addr: Split RAMBlock definition (Juan Quintela)
  [15:4.2.1-3.el7]
• qemu-kvm.spec: Install block storage module RPMs by default (Karl Heubaum) [Orabug: 31943789]
• qemu-kvm.spec: Enable block-ssh module RPM (Karl Heubaum) [Orabug: 31943763]
• hw: usb: hcd-ohci: check for processed TD before retire (Prasad J Pandit) [Orabug: 31901690] {CVE-2020-25625}
• hw: usb: hcd-ohci: check len and frame_number variables (Prasad J Pandit) [Orabug: 31901690] {CVE-2020-25625}
• hw: ehci: check return value of ‘usb_packet_map’ (Li Qiang) [Orabug: 31901649] {CVE-2020-25084}
• hw: xhci: check return value of ‘usb_packet_map’ (Li Qiang) [Orabug: 31901649] {CVE-2020-25084}
• qemu.spec: Enable ‘-Werror’ for OL7 builds (Mark Kanda) [Orabug: 31922718]
• usb: fix setup_len init (CVE-2020-14364) (Gerd Hoffmann) [Orabug: 31848849] {CVE-2020-14364}
• Document CVE-2020-12829 and CVE-2020-14415 as fixed (Mark Kanda) [Orabug: 31855502] [Orabug: 31855427] {CVE-2020-12829} {CVE-2020-14415}
  [15:4.2.1-2.el7]
• hw/net/xgmac: Fix buffer overflow in xgmac_enet_send() (Mauro Matteo Cascella) [Orabug: 31667649] {CVE-2020-15863}
• hw/net/net_tx_pkt: fix assertion failure in net_tx_pkt_add_raw_fragment() (Mauro Matteo Cascella) [Orabug: 31737809] {CVE-2020-16092}
• migration: fix memory leak in qmp_migrate_set_parameters (Zheng Chuan) [Orabug: 31806256]
• virtio-net: fix removal of failover device (Juan Quintela) [Orabug: 31806255]
• pvpanic: implement crashloaded event handling (Zhenwei Pi) [Orabug: 31677154]
• pvpanic: introduce crashloaded for pvpanic (Zhenwei Pi) [Orabug: 31677154]
  [15:4.2.1-1.el7]
• hw/sd/sdcard: Do not switch to ReceivingData if address is invalid (Philippe Mathieu-Daude) [Orabug: 31414336] {CVE-2020-13253}
• hw/sd/sdcard: Update coding style to make checkpatch.pl happy (Philippe Mathieu-Daude) [Orabug: 31414336]
• hw/sd/sdcard: Do not allow invalid SD card sizes (Philippe Mathieu-Daude) [Orabug: 31414336] {CVE-2020-13253}
• hw/sd/sdcard: Simplify realize() a bit (Philippe Mathieu-Daude) [Orabug: 31414336]
• hw/sd/sdcard: Restrict Class 6 commands to SCSD cards (Philippe Mathieu-Daude) [Orabug: 31414336]
• libslirp: Update to v4.3.1 to fix CVE-2020-10756 (Karl Heubaum) [Orabug: 31604999] {CVE-2020-10756}
• Document CVEs as fixed 2/2 (Karl Heubaum) [Orabug: 30618035] {CVE-2017-18043} {CVE-2018-10839} {CVE-2018-11806} {CVE-2018-12617} {CVE-2018-15746} {CVE-2018-16847} {CVE-2018-16867} {CVE-2018-17958} {CVE-2018-17962} {CVE-2018-17963} {CVE-2018-18849} {CVE-2018-19364} {CVE-2018-19489} {CVE-2018-3639} {CVE-2018-5683} {CVE-2018-7550} {CVE-2018-7858} {CVE-2019-12068} {CVE-2019-15034} {CVE-2019-15890} {CVE-2019-20382} {CVE-2020-10702} {CVE-2020-10761} {CVE-2020-11102} {CVE-2020-11869} {CVE-2020-13361} {CVE-2020-13765} {CVE-2020-13800} {CVE-2020-1711} {CVE-2020-1983} {CVE-2020-8608}
• Document CVEs as fixed 1/2 (Karl Heubaum) [Orabug: 30618035] {CVE-2017-10806} {CVE-2017-11334} {CVE-2017-12809} {CVE-2017-13672} {CVE-2017-13673} {CVE-2017-13711} {CVE-2017-14167} {CVE-2017-15038} {CVE-2017-15119} {CVE-2017-15124} {CVE-2017-15268} {CVE-2017-15289} {CVE-2017-16845} {CVE-2017-17381} {CVE-2017-18030} {CVE-2017-2630} {CVE-2017-2633} {CVE-2017-5715} {CVE-2017-5753} {CVE-2017-5754} {CVE-2017-5931} {CVE-2017-6058} {CVE-2017-7471} {CVE-2017-7493} {CVE-2017-8112} {CVE-2017-8309} {CVE-2017-8379} {CVE-2017-8380} {CVE-2017-9503} {CVE-2017-9524} {CVE-2018-12126} {CVE-2018-12127} {CVE-2018-12130} {CVE-2018-16872} {CVE-2018-20123} {CVE-2018-20124} {CVE-2018-20125} {CVE-2018-20126} {CVE-2018-20191} {CVE-2018-20216} {CVE-2018-20815} {CVE-2019-11091} {CVE-2019-12155} {CVE-2019-14378} {CVE-2019-3812} {CVE-2019-5008} {CVE-2019-6501} {CVE-2019-6778} {CVE-2019-8934} {CVE-2019-9824}
• qemu-kvm.spec: Add .spec file for OL8 (Karl Heubaum) [Orabug: 30618035]
• qemu.spec: Add .spec file for OL7 (Karl Heubaum) [Orabug: 30618035]
• qemu-submodule-init: Add Git submodule init script (Karl Heubaum) [Orabug: 30618035]
• vhost.conf: Initial vhost.conf (Karl Heubaum) [Orabug: 30618035]
• parfait: Add buildrpm/parfait-qemu.conf (Karl Heubaum) [Orabug: 30618035]
• virtio: Set PCI subsystem vendor ID to Oracle (Karl Heubaum) [Orabug: 30618035]
• qemu_regdump.py: Initial qemu_regdump.py (Karl Heubaum) [Orabug: 30618035]
• qmp-regdump: Initial qmp-regdump (Karl Heubaum) [Orabug: 30618035]
• bridge.conf: Initial bridge.conf (Karl Heubaum) [Orabug: 30618035]
• kvm.conf: Initial kvm.conf (Karl Heubaum) [Orabug: 30618035]
• 80-kvm.rules: Initial 80-kvm.rules (Karl Heubaum) [Orabug: 30618035]
• exec: set map length to zero when returning NULL (Prasad J Pandit) [Orabug: 31439733] {CVE-2020-13659}
• megasas: use unsigned type for reply_queue_head and check index (Prasad J Pandit) [Orabug: 31414338] {CVE-2020-13362}
• memory: Revert ‘memory: accept mismatching sizes in memory_region_access_valid’ (Michael S. Tsirkin) [Orabug: 31439736] [Orabug: 31452202] {CVE-2020-13754} {CVE-2020-13791}
  [15:4.1.1-3.el7]
• buildrpm/spec files: Dont package elf2dmp (Karl Heubaum) [Orabug: 31657424]
• qemu-kvm.spec: Enable the block-curl package (Karl Heubaum) [Orabug: 31657424]
• qemu.spec: enable have_curl in spec (Dongli Zhang) [Orabug: 31657424]
  [15:4.1.1-2.el7]
• Document CVE-2020-13765 as fixed (Karl Heubaum) [Orabug: 31463250] {CVE-2020-13765}
• kvm: Reallocate dirty_bmap when we change a slot (Dr. David Alan Gilbert) [Orabug: 31076399]
• kvm: split too big memory section on several memslots (Igor Mammedov) [Orabug: 31076399]
• target/i386: do not set unsupported VMX secondary execution controls (Vitaly Kuznetsov) [Orabug: 31463710]
• target/i386: add VMX definitions (Paolo Bonzini) [Orabug: 31463710]
• ati-vga: check mm_index before recursive call (CVE-2020-13800) (Prasad J Pandit) [Orabug: 31452206] {CVE-2020-13800}
• es1370: check total frame count against current frame (Prasad J Pandit) [Orabug: 31463235] {CVE-2020-13361}
• ati-vga: Fix checks in ati_2d_blt() to avoid crash (BALATON Zoltan) [Orabug: 31238432] {CVE-2020-11869}
• libslirp: Update to stable-4.2 to fix CVE-2020-1983 (Karl Heubaum) [Orabug: 31241227] {CVE-2020-1983}
• Document CVEs as fixed (Karl Heubaum) {CVE-2019-12068} {CVE-2019-15034}
• libslirp: Update to version 4.2.0 to fix CVEs (Karl Heubaum) [Orabug: 30274592] [Orabug: 30869830] {CVE-2019-15890} {CVE-2020-8608}
• target/i386: add support for MSR_IA32_TSX_CTRL (Paolo Bonzini) [Orabug: 31124041]
• qemu-img: Add --target-is-zero to convert (David Edmondson)
• vnc: fix memory leak when vnc disconnect (Li Qiang) [Orabug: 30996427] {CVE-2019-20382}
• iscsi: Cap block count from GET LBA STATUS (CVE-2020-1711) (Felipe Franciosi) [Orabug: 31124035] {CVE-2020-1711}
• qemu.spec: Remove ‘BuildRequires: kernel’ (Karl Heubaum) [Orabug: 31124047]
  [15:4.1.1-1.el7]
• qemu-submodule-init: Add Git submodule init script