Security
Nov 23, 2020, 11:34 AM
consul
Version: 1.8.6-alt1
Summary: Consul is a tool for service discovery and configuration
Changelog:
- Updated to upstream version 1.8.6 (Fixes: CVE-2019-9764, CVE-2019-12291, CVE-2020-7219, CVE-2020-7955, CVE-2020-12797, CVE-2020-13170, CVE-2020-13250).
Nov 20, 2020, 03:19 PM
sqliteodbc
Version: 0.9996-alt3
Summary: ODBC driver for SQLite
Changelog:
- Updated rpm post script (Fixes: CVE-2020-12050).
Nov 20, 2020, 12:52 PM
jbig2dec
Version: 0.19-alt1
Summary: A decoder implementation of the JBIG2 image compression format
Changelog:
- Updated to upstream version 0.19 (Fixes: CVE-2016-9601, CVE-2020-12268).
Nov 19, 2020, 05:28 PM
cifs-utils
Version: 6.11-alt1
Summary: Utilities for doing and managing mounts of the Linux CIFS filesystem
Changelog:
- Updated to upstream version 6.11 (Fixes: CVE-2020-14342).
Nov 18, 2020, 04:54 PM
ruby
Version: 2.5.9-alt1
Summary: An Interpreted Object-Oriented Scripting Language
Changelog:
- ^ 2.5.5 -> 2.5.9 - Fixes: + CVE-2019-16255: A code injection vulnerability of Shell#[] and Shell#test (closes #39292) + CVE-2019-16254: HTTP response splitting in WEBrick (Additional fix) + CVE-2019-15845: A NUL injection vulnerability of File.fnmatch and File.fnmatch? + CVE-2019-16201: Regular Expression Denial of Service vulnerability of WEBrick's Digest access authentication
Nov 18, 2020, 05:53 AM
perl
Version: 5.28.3-alt1
Summary: Practical Extraction and Report Language
Changelog:
- p9 build - 5.28.3 - fixes CVE-2020-10543,CVE-2020-10878,CVE-2020-12723
Nov 17, 2020, 09:24 AM
libXtst
Version: 1.2.3-alt1
Summary: The Xtst Library
Changelog:
- 1.2.3 - securuty fixes: CVE-2016-7951, CVE-2016-7952
Nov 17, 2020, 09:15 AM
libXrender
Version: 0.9.10-alt1
Summary: X Render Library
Changelog:
- 0.9.10 - securuty fixes: CVE-2016-7949, CVE-2016-7950
Nov 16, 2020, 11:02 AM
libxslt
Version: 1.1.34-alt1.p9.1
Summary: Library providing XSLT support
Changelog:
- Backported to p9 (fixes CVE-2019-11068, CVE-2019-13117 and CVE-2019-13118).
Nov 13, 2020, 01:07 AM
unzip
Version: 6.0-alt4
Summary: An utility for unpacking zip archives
Changelog:
- Build with bzip2 compression method support - Massive apply security patches from Fedora and openSUSE - Fixes: + CVE-2014-8139 CRC32 verification heap-based buffer overread + CVE-2014-8140 out-of-bounds write issue in test_compr_eb() + CVE-2014-8141 getZip64Data() out-of-bounds read issues + CVE-2014-9913 buffer overflow in zipinfo + CVE-2014-9636 out-of-bounds read or write and crash + CVE-2015-7696 fix for heap overflow + CVE-2015-7697 fix infinite loop when extracting empty bzip2 data + CVE-2016-9844 buffer overflow in zipinfo in similar way like fix for CVE-2014-9913 + CVE-2018-1000035 heap based buffer overflow when opening password protected files + CVE-2018-18384 buffer overflow, when a ZIP archive specially crafted
Nov 10, 2020, 06:40 PM
libass
Version: 0.15.0-alt1
Summary: Portable library for SSA/ASS subtitles rendering
Changelog:
- Updated to upstream version 0.15.0 (Fixes: CVE-2020-26682).
Nov 6, 2020, 02:58 PM
puppetdb
Version: 6.13.0-alt1
Summary: Centralized Puppet Storage
Changelog:
- Updated to upstream version 6.13.0 (Fixes: CVE-2020-7943).
Nov 5, 2020, 12:41 PM
aview
Version: 1.3.0-alt3.rc1
Summary: High quality ascii-art image (pnm) browser and animation (fli/flc) player
Changelog:
- Switched to CVE-2008-4935 fix from Debian. - Added -Werror=implicit-function-declaration compiler flag.
Nov 5, 2020, 11:33 AM
mimetex
Version: 1.76-alt1
Summary: Mimetex ets you easily embed LaTeX math in your html pages
Changelog:
- Updated to version 1.76 from Debian (Fixes: CVE-2009-1382, CVE-2009-2459).
Nov 3, 2020, 03:36 PM
libsdp
Version: 1.1.108-alt1.0.17.ga6958ef
Summary: LD_PRELOAD-able library for using SDP
Changelog:
- Updated to upstream version 1.1.108-0.17.ga6958ef (Fixes: CVE-2010-4173).
Nov 2, 2020, 05:47 PM
unace
Version: 1.2b-alt5
Summary: ACE unarchiver
Changelog:
- Cleaned up sources by importing sources from Debian. - Forced using system build flags. - Updated fix for CVE-2015-2063.
Oct 30, 2020, 01:04 PM
libtar
Version: 1.2.20-alt2.git.6d0ab4c
Summary: C library for manipulating POSIX tar files
Changelog:
- Applied patches from Debian (Fixes: CVE-2013-4420).
Oct 29, 2020, 06:33 PM
antiword
Version: 0.37-alt4
Summary: Antiword an application to display Microsoft(R) Word files
Changelog:
- Applied patches from Debian (Fixes: CVE-2014-8123).
Oct 29, 2020, 04:51 PM
nbd
Version: 3.20-alt1
Summary: Network Block Device user space tools
Changelog:
- Updated to upstream version 3.20 (Fixes: CVE-2013-6410, CVE-2013-7441, CVE-2015-0847).
Oct 29, 2020, 02:32 PM
libfreetype
Version: 2.10.1-alt1.1.p9.1
Summary: A free and portable font rendering engine
Changelog:
- Fixed CVE-2020-15999.
Oct 29, 2020, 12:47 PM
fuseiso
Version: 20070708-alt3
Summary: Mount ISO filesystem images as a non-root user
Changelog:
- Applied patches from Gentoo (Fixes: CVE-2015-8836, CVE-2015-8837).
Oct 28, 2020, 05:55 PM
gifsicle
Version: 1.92-alt1
Summary: command-line program for manipulating GIF images
Changelog:
- Updated to upstream version 1.92 (Fixes: CVE-2017-1000421).
Oct 28, 2020, 05:23 PM
bchunk
Version: 1.2.2-alt1
Summary: A CD image format converter from .bin/.cue to .iso/.cdr/.wav
Changelog:
- Updated to upstream version 1.2.2 (Fixes: CVE-2017-15953, CVE-2017-15954, CVE-2017-15955).
Oct 28, 2020, 03:15 PM
gdb
Version: 8.2.50.20180917-alt6
Summary: A GNU source-level debugger for C, C++ and other languages
Changelog:
- Applied upstream patch (ALT#39135) (fixes CVE-2019-1010180).
Oct 27, 2020, 03:43 PM
mpg321
Version: 0.3.2-alt2
Summary: A Free command-line mp3 player, compatible with mpg123
Changelog:
- Applied patches from Gentoo (Fixes: CVE-2019-14247).
Oct 27, 2020, 12:48 PM
snmptt
Version: 1.4.2-alt1
Summary: An SNMP trap handler written in Perl
Changelog:
- Updated to upstream version 1.4.2 (Fixes: CVE-2020-24361).
Oct 26, 2020, 05:14 PM
inspircd
Version: 2.0.29-alt1
Summary: InspIRCd is a modular Internet Relay Chat (IRC) server
Changelog:
- Updated to upstream version 2.0.29 (Fixes: CVE-2019-20917, CVE-2020-25269).
Oct 24, 2020, 02:49 AM
squid
Version: 4.13-alt1
Summary: The Squid proxy caching server
Changelog:
- 4.13 (Fixes: CVE-2020-15811, CVE-2020-15810, CVE-2020-24606)
Oct 23, 2020, 05:19 PM
hostapd
Version: 2.9-alt2
Summary: User space daemon for extended IEEE 802.11 management
Changelog:
- AP: Silently ignore management frame from unexpected source address (Fixes: CVE-2019-16275) (Closes: 39131)
Oct 22, 2020, 03:07 PM
xli
Version: 1.17.0-alt9
Summary: X11 Image Loading Utility
Changelog:
- Applied patches from Debian (Fixes: CVE-2005-3178).
Oct 22, 2020, 10:43 AM
pstotext
Version: 1.9-alt3
Summary: PostScript to text converter
Changelog:
- Applied patches from Debian and Gentoo (Fixes: CVE-2005-2536, CVE-2006-5869). - Build now respects %optflags.
Oct 21, 2020, 02:39 PM
t1lib
Version: 5.1.2-alt6
Summary: Type 1 font rasterizer
Changelog:
- Applied security fixes from Gentoo (Fixes: CVE-2010-2642, CVE-2011-0433, CVE-2011-0764, CVE-2011-1552, CVE-2011-1553, CVE-2011-1554, CVE-2011-5244).
Oct 20, 2020, 02:22 PM
w3m
Version: 0.5.3-alt3.git20200502
Summary: w3m is a pager with Web browsing capability
Changelog:
- Updated to snapshot from upstream (Fixes: CVE-2016-9422, CVE-2016-9423, CVE-2016-9424, CVE-2016-9425, CVE-2016-9426, CVE-2016-9428, CVE-2016-9429, CVE-2016-9430, CVE-2016-9431, CVE-2016-9432, CVE-2016-9433, CVE-2016-9434, CVE-2016-9435, CVE-2016-9436, CVE-2016-9437, CVE-2016-9438, CVE-2016-9439, CVE-2016-9440, CVE-2016-9441, CVE-2016-9442, CVE-2016-9443, CVE-2016-9622, CVE-2016-9623, CVE-2016-9624, CVE-2016-9625, CVE-2016-9626, CVE-2016-9627, CVE-2016-9628, CVE-2016-9629, CVE-2016-9630, CVE-2016-9631, CVE-2016-9632, CVE-2016-9633, CVE-2018-6196, CVE-2018-6197, CVE-2018-6198).
Oct 19, 2020, 06:28 PM
libid3tag
Version: 0.15.1b-alt9
Summary: ID3 Tag manipulation library
Changelog:
- Applied patches from Debian and Gentoo (Fixes: CVE-2004-2779).
Oct 19, 2020, 04:50 PM
feh
Version: 3.5-alt1
Summary: Image viewer using Imlib 2
Changelog:
- Updated to upstream version 3.5 (Fixes: CVE-2017-7875).
Oct 19, 2020, 03:38 PM
freecol
Version: 0.11.6-alt2
Summary: FreeCol is opensource Colonization clone.
Changelog:
- Applied security fix from Debian (Fixes: CVE-2018-1000825). - Updated license tag.
Oct 8, 2020, 01:09 PM
proftpd
Version: 1.3.6-alt0.4.ga73dbfe3b
Summary: ProFTPd -- Professional FTP Server
Changelog:
- Applied security fixes from upstream (Fixes: CVE-2020-9272, CVE-2020-9273). - Built with system libcap.
Oct 8, 2020, 12:16 PM
tpm2-tss
Oct 2, 2020, 12:41 PM
libssh2
Version: 1.9.0-alt2
Summary: A library implementing the SSH2 protocol
Changelog:
- Applied security fixes from upstream (Fixes: CVE-2019-17498).
Oct 2, 2020, 11:54 AM
dia
Version: 0.97.4-alt0.7.1
Summary: A gtk+ based diagram creation program
Changelog:
- Applied security fix from upstream (Fixes: CVE-2019-19451).
Oct 1, 2020, 05:32 PM
upx
Version: 3.96-alt1
Summary: The Ultimate Packer for eXecutables
Changelog:
- Updated to upstream version 3.96 (Fixes: CVE-2019-20805).
Oct 1, 2020, 04:50 PM
accel-ppp
Version: 1.12.0-alt4
Summary: High performance PPTP/L2TP/PPPoE server
Changelog:
- Applied security fixes from upstream (Fixes: CVE-2020-15173).
Oct 1, 2020, 01:00 PM
ghostscript
Version: 9.27-alt1.M90P.1
Summary: PostScript interpreter and renderer, most printer drivers
Changelog:
- Applied security fixes from upstream (Fixes: CVE-2019-10216, CVE-2019-14811, CVE-2019-14812, CVE-2019-14813, CVE-2019-14817, CVE-2019-14869).
Aug 26, 2020, 11:12 AM
libvncserver
Version: 0.9.13-alt1
Summary: An easy API to write one's own VNC server
Changelog:
- new version - security (fixes: CVE-2018-21247, CVE-2019-20839, CVE-2019-20840, CVE-2020-14396, CVE-2020-14397, CVE-2020-14398, CVE-2020-14399, CVE-2020-14400, CVE-2020-14401, CVE-2020-14402, CVE-2020-14403, CVE-2020-14404, CVE-2020-14405)
Aug 12, 2020, 04:46 PM
kde5-ark
Aug 7, 2020, 08:06 PM
libslirp
Version: 4.3.1-alt1
Summary: A general purpose TCP-IP emulator
Changelog:
- new version 4.3.1 (Fixes: CVE-2020-10756)
Jul 9, 2020, 09:18 PM
tor
Version: 0.4.3.6-alt1
Summary: Anonymizing overlay network for TCP (The onion router)
Changelog:
- new version (fixes CVE-2020-15572)
Jul 4, 2020, 06:19 PM
json-c
Version: 0.13.1-alt2
Summary: JSON implementation in C
Changelog:
- Update to json-c-0.13 branch (ee9f67c81a3c2a44557f0cc16dc136c140293252) - Fixes: CVE-2020-12762
Jun 25, 2020, 10:04 AM
libjpeg8
Version: 2.0.5-alt1
Summary: The MMX/SSE accelerated JPEG compression/decompression library
Changelog:
- New version (2.0.5) with rpmgs script. - Updated license tag. - Fixes: + CVE-2020-13790.
Jun 20, 2020, 11:33 AM
libnghttp2
Version: 1.41.0-alt1
Summary: HTTP/2.0 C Library
Changelog:
- 1.40.1 (Closes: #38626) - Security fix: CVE-2020-11080
Jun 14, 2020, 04:05 PM
adns
Version: 1.5.2-alt1
Summary: GNU adns, an asynchronous DNS resolver
Changelog:
- 1.5.2 (Fixes: CVE-2017-9103 CVE-2017-9104 CVE-2017-9105 CVE-2017-9109, CVE-2017-9106, CVE-2017-9107, CVE-2017-9108)
May 12, 2020, 11:38 AM
kde5-kio-extras
Version: 19.12.3-alt2
Summary: KDE Workspace 5 additional kio-slaves
Changelog:
- don't store unasked fish:/ passwords (Fixes: CVE-2020-12755)
Apr 29, 2020, 07:11 PM
coturn
Version: 4.5.1.1-alt2
Summary: Coturn TURN Server
Changelog:
- Applied upstream fixes for CVE-2020-6062/TALOS-2020-0985. - Applied upstream fixes for CVE-2020-6061/TALOS-2020-0984.
Apr 20, 2020, 09:39 PM
git
Version: 2.25.4-alt1
Summary: Git core and tools
Changelog:
- 2.25.3 -> 2.25.4 (fixes: CVE-2020-11008).
Apr 17, 2020, 06:50 PM
python-module-psutil
Version: 5.7.0-alt1
Summary: A process utilities module for Python
Changelog:
- new version 5.7.0 (with rpmrb script) (ALT bug 38347) - CVE-2019-18874
Mar 10, 2020, 09:33 PM
ppp
Jan 13, 2020, 09:45 PM
atril-gtk
Version: 1.22.3-alt2
Summary: Document viewer
Changelog:
- Patch from upstream: tiff: Handle failure from TIFFReadRGBAImageOriented (fixes: CVE-2019-11459). - dvi: Require texlive. - Update Russian translation (thx Olesya Gerasimenko).
Dec 2, 2019, 12:28 PM
oniguruma
Version: 6.9.4-alt1
Summary: Regular expressions library
Changelog:
- 6.9.4 - fixes: * CVE-2019-19012 Integer overflow related to reg->dmax in search_in_range() * CVE-2019-19203 heap-buffer-overflow in gb18030_mbc_enc_len() * CVE-2019-19204 heap-buffer-overflow in fetch_interval_quantifier()
Sep 23, 2019, 04:56 PM
libadplug
Version: 2.2.1-alt3
Summary: AdLib sound player library
Changelog:
- added fedora patches: + inline (fixes e2k ftbfs) + cve-2018-17825 (fixes: CVE-2018-17825) + (signed-char unneeded, worked around in previous build) - NB: there's 2.3.1 release over at guthub
Sep 20, 2019, 06:44 AM
poco
Version: 1.9.4-alt1
Summary: POrtable COmponents C++ Libraries
Changelog:
- 1.9.4 (Fixes CVE-2019-15903)
Aug 22, 2019, 02:30 PM
rzip
Version: 2.1-alt3
Summary: A large-file compression program
Changelog:
- Applied security fix from Gentoo (Fixes: CVE-2017-8364)
Aug 22, 2019, 10:37 AM
spark
Version: 2.6.0-alt2
Summary: A simple expressive web framework for java
Changelog:
- Applied security fixes from upstream (Fixes: CVE-2018-9159)
Aug 4, 2019, 10:36 PM
gvfs
Version: 1.40.2-alt1
Summary: The GNOME virtual filesystem libraries
Changelog:
- updated to 1.40.2-2-g4fd68eb2 (fixed CVE-2019-12447, CVE-2019-12448, CVE-2019-12449, CVE-2019-12795)
Jul 6, 2019, 03:26 PM
kernel-image-tegra
Version: 4.9.140-alt2
Summary: The Linux kernel (the core of the Linux operating system)
Changelog:
Apr 10, 2019, 02:02 AM
libtiff
Version: 4.0.10.0.57.f9fc01c3-alt1
Summary: Library of functions for manipulating TIFF format image files
Changelog:
- Updated to v4.0.10-57-gf9fc01c3 (ALT #36575, #34677). - Applied SUSE patches: + tiff-4.0.3-seek.patch; + tiff-4.0.3-compress-warning.patch; + tiff-CVE-2018-12900.patch. - Built with support of: + libjbig; + libwebp; + libzstd. - Fixes: + CVE-2012-4564 Zero size buffer exploit in ppm2tiff; + CVE-2013-1960 Heap-based buffer overflow in the t2p_process_jpeg_strip(); + CVE-2013-4232 Use-after-free vulnerability in the t2p_readwrite_pdf_image(); + CVE-2013-4243 Heap-based buffer overflow in the readgifimage(); + CVE-2013-4244 DoS or possible RCE via crafted GIF image; + CVE-2014-8127 Out-of-bounds read with malformed TIFF image in multiple tool; + CVE-2014-8129 Out-of-bounds read/write with malformed TIFF image in tiff2pdf; + CVE-2014-8130 Divide-by-zero error in _TIFFmalloc(); + CVE-2014-9330 Integer overflow in tif_packbits.c in bmp2tif; + CVE-2015-8870 Integer overflow in tools/bmp2tiff.c (DoS or information leak); + CVE-2018-5360 Heap-based buffer overflow in the ReadTIFFImage().
Apr 6, 2019, 03:56 AM
nettle
Version: 3.4.1-alt1
Summary: A low-level cryptographic library
Changelog:
- Updated to 3.4.1 (fixes: CVE-2018-16869).
Apr 3, 2019, 12:26 PM
libopenjpeg2.0
Version: 2.3.1-alt1
Summary: JPEG 2000 codec library (API version 2.0)
Changelog:
- 2.3.1 (fixed CVE-2017-14041, CVE-2018-6616, CVE-2018-5785, CVE-2018-14423)
Apr 2, 2019, 07:39 PM
cracklib
Apr 1, 2019, 08:14 AM
icecast
Version: 2.4.4-alt1
Summary: Streaming Media Server
Changelog:
- Updated to upstream version 2.4.4 (Fixes: CVE-2018-18820).
Mar 31, 2019, 03:43 PM
tinc
Version: 1.0.35-alt1
Summary: Virtual Private Network (VPN) daemon that uses tunnelling and encryption to create a secure private network between hosts on the Internet.
Changelog:
- New version * Prevent oracle attacks (CVE-2018-16737, CVE-2018-16738) * Prevent a MITM from forcing a NULL cipher for UDP (CVE-2018-16758) - Disabling VDE support
Mar 27, 2019, 04:32 PM
ruby-loofah
Version: 2.2.3-alt1
Summary: HTML/XML manipulation and sanitization based on Nokogiri
Changelog:
- 2.2.3 (CVE-2018-16468); - fix version in gamespec for packaging (closes: #36441).
Feb 28, 2019, 12:29 AM
openslp
Version: 2.0.0-alt2
Summary: OpenSLP implementation of Service Location Protocol V2
Changelog:
- Fixed libslp namespace (closes: #35692). - Enabled SLPv2 Security. - Enabled testing. - Applied security fixes (fixes: CVE-2012-4428, CVE-2016-4912, CVE-2016-7567, CVE-2017-17833).
Feb 24, 2019, 10:06 AM
libyaml-cpp0
Version: 0.6.2-alt2
Summary: A YAML parser and emitter for C++
Changelog:
- Applied patches from Fedora (Fixes: CVE-2017-5950)
Jan 29, 2019, 09:47 AM
libvorbis
Version: 1.3.6-alt2
Summary: The Vorbis General Audio Compression Codec
Changelog:
- Backported upstream fixes (fixes: CVE-2017-14160, CVE-2018-10392, CVE-2018-10393). - Fixed probabilistic behaviour of %check.
Aug 30, 2018, 01:20 PM
xinetd
Version: 2.3.15-alt4
Summary: xinetd is a powerful replacement for inetd
Changelog:
- Applied upstream fix for TCPMUX services (fixes: CVE-2013-4342). - Stripped executable bit from xinetd.service (closes: #34566). - Disabled tcp_wrappers support.
Aug 2, 2018, 02:18 AM
NetworkManager-vpnc
Version: 1.2.6-alt1
Summary: NetworkManager VPN plugin for vpnc
Changelog:
- Disable libnm-glib-* support. - Fix build without libnm-glib-*. - Updated to 1.2.6 (fixes CVE-2018-10900).
Jul 23, 2018, 02:42 PM
libytnef
Version: 1.9.3-alt1
Summary: TNEF Stream Parser Library
Changelog:
- 1.9.3 (fixed CVE-2017-9470, CVE-2017-9471, CVE-2017-9474, CVE-2017-9058, CVE-2017-12142, CVE-2017-12141, CVE-2017-12144)
Mar 27, 2018, 03:46 AM
procmail
Version: 3.22-alt10
Summary: The procmail mail processing program
Changelog:
- Applied various fixes from Debian 3.22-26 package, including fixes for memory corruption bugs in formail (fixes: CVE-2017-16844).
Feb 15, 2018, 09:58 PM
rsync
Version: 3.1.3-alt1
Summary: A program for synchronizing files over a network
Changelog:
- v3.1.2 -> v3.1.3 (fixes CVE-2018-5764). - Fixed running with an unknown current directory (by Florian Weimer; fixes upstream bug 6422). - Added --noatime option (based on patch from Nicolas George; fixes upstream bug 7249).
Sep 27, 2017, 04:35 PM
libwmf
Version: 0.2.8.4-alt13
Summary: A library to convert wmf files
Changelog:
- Secutity (Fixes: CVE-2015-0848, CVE-2015-4588, CVE-2015-4695, CVE-2015-4696, CVE-2016-9011)
Jul 1, 2016, 01:40 PM
rssh
Version: 2.3.4-alt2
Summary: Restricted shell for scp or sftp
Changelog:
- really update sources to 2.3.4 fixes (CVE-2012-3478 and CVE-2012-2252) - add patch for rsync3 compat
Jan 5, 2016, 02:39 PM
keepassx
Version: 0.4.4-alt1
Summary: KeePassX Password Safe - light-weight cross-platform password manager
Changelog:
- New version: security fixes - Fix CVE-2015-8378: Canceling XML export operation creates export as ".xml"
May 15, 2015, 03:52 PM
kde4-webkitpart
Version: 1.3.4-alt2
Summary: WebKit render engine for Konqueror
Changelog:
- security fix: CVE-2014-8600
Jan 27, 2015, 03:50 AM
pxz
Version: 4.999.9beta-alt3
Summary: Parallel LZMA compressor using liblzma
Changelog:
- CVE-2015-1200 fix (patch from debian bug #775306)
May 13, 2014, 02:21 AM
kernel-src-kvm
Version: 3.10.21-alt8
Summary: KVM modules sources for Linux kernel
Changelog:
- updates from linux-3.10.40: + KVM: ioapic: fix assignment of ioapic->rtc_status.pending_eoi (CVE-2014-0155)