qemu-kvm security, bug fix, and enhancement update

[1.5.3-141.el7]

• kvm-Fix-memory-slot-page-alignment-logic-bug-1455745.patch [bz#1455745]
• kvm-Do-not-hang-on-full-PTY.patch [bz#1452067]
• kvm-serial-fixing-vmstate-for-save-restore.patch [bz#1452067]
• kvm-serial-reinstate-watch-after-migration.patch [bz#1452067]
• kvm-nbd-Fully-initialize-client-in-case-of-failed-negoti.patch [bz#1451614]
• kvm-nbd-Fix-regression-on-resiliency-to-port-scan.patch [bz#1451614]
• Resolves: bz#1451614
  (CVE-2017-9524 qemu-kvm: segment fault when private user nmap qemu-nbd server [rhel-7.4])
• Resolves: bz#1452067
  (migration can confuse serial port user)
• Resolves: bz#1455745
  (Backport fix for broken logic thats supposed to ensure memory slots are page aligned)
  [1.5.3-140.el7]
• kvm-spice-fix-spice_chr_add_watch-pre-condition.patch [bz#1456983]
• Resolves: bz#1456983
  (Character device regression due to missing patch)
  [1.5.3-139.el7]
• kvm-char-change-qemu_chr_fe_add_watch-to-return-unsigned.patch [bz#1451470]
• Resolves: bz#1451470
  (RHEL 7.2 based VM (Virtual Machine) hung for several hours apparently waiting for lock held by main_loop)
  [1.5.3-138.el7]
• kvm-char-serial-cosmetic-fixes.patch [bz#1451470]
• kvm-char-serial-Use-generic-Fifo8.patch [bz#1451470]
• kvm-char-serial-serial_ioport_write-Factor-out-common-co.patch [bz#1451470]
• kvm-char-serial-fix-copy-paste-error-fifo8_is_full-vs-em.patch [bz#1451470]
• kvm-char-serial-Fix-emptyness-check.patch [bz#1451470]
• kvm-char-serial-Fix-emptyness-handling.patch [bz#1451470]
• kvm-serial-poll-the-serial-console-with-G_IO_HUP.patch [bz#1451470]
• kvm-serial-change-retry-logic-to-avoid-concurrency.patch [bz#1451470]
• kvm-qemu-char-ignore-flow-control-if-a-PTY-s-slave-is-no.patch [bz#1451470]
• kvm-serial-check-if-backed-by-a-physical-serial-port-at-.patch [bz#1451470]
• kvm-serial-reset-thri_pending-on-IER-writes-with-THRI-0.patch [bz#1451470]
• kvm-serial-clean-up-THRE-TEMT-handling.patch [bz#1451470]
• kvm-serial-update-LSR-on-enabling-disabling-FIFOs.patch [bz#1451470]
• kvm-serial-only-resample-THR-interrupt-on-rising-edge-of.patch [bz#1451470]
• kvm-serial-make-tsr_retry-unsigned.patch [bz#1451470]
• kvm-serial-simplify-tsr_retry-reset.patch [bz#1451470]
• kvm-serial-separate-serial_xmit-and-serial_watch_cb.patch [bz#1451470]
• kvm-serial-remove-watch-on-reset.patch [bz#1451470]
• Resolves: bz#1451470
  (RHEL 7.2 based VM (Virtual Machine) hung for several hours apparently waiting for lock held by main_loop)
  [1.5.3-137.el7]
• kvm-ide-fix-halted-IO-segfault-at-reset.patch [bz#1299875]
• Resolves: bz#1299875
  (system_reset should clear pending request for error (IDE))
  [1.5.3-136.el7]
• kvm-target-i386-get-set-migrate-XSAVES-state.patch [bz#1327593]
• kvm-Removing-texi2html-from-build-requirements.patch [bz#1440987]
• kvm-Disable-build-of-32bit-packages.patch [bz#1441778]
• kvm-Add-sample-images-to-srpm.patch [bz#1436280]
• Resolves: bz#1327593
  ([Intel 7.4 FEAT] KVM Enable the XSAVEC, XSAVES and XRSTORS instructions)
• Resolves: bz#1436280
  (sample images for qemu-iotests are missing in the SRPM)
• Resolves: bz#1440987
  (Remove texi2html build dependancy from RPM)
• Resolves: bz#1441778
  (Stop building qemu-img for 32bit architectures.)
  [1.5.3-135.el7]
• kvm-fix-cirrus_vga-fix-OOB-read-case-qemu-Segmentation-f.patch [bz#1430060]
• kvm-cirrus-vnc-zap-bitblit-support-from-console-code.patch [bz#1430060]
• kvm-cirrus-add-option-to-disable-blitter.patch [bz#1430060]
• kvm-cirrus-fix-cirrus_invalidate_region.patch [bz#1430060]
• kvm-cirrus-stop-passing-around-dst-pointers-in-the-blitt.patch [bz#1430060]
• kvm-cirrus-stop-passing-around-src-pointers-in-the-blitt.patch [bz#1430060]
• kvm-cirrus-fix-off-by-one-in-cirrus_bitblt_rop_bkwd_tran.patch [bz#1430060]
• Resolves: bz#1430060
  (CVE-2016-9603 qemu-kvm: Qemu: cirrus: heap buffer overflow via vnc connection [rhel-7.4])
  [1.5.3-134.el7]
• kvm-ui-vnc-introduce-VNC_DIRTY_PIXELS_PER_BIT-macro.patch [bz#1377977]
• kvm-ui-vnc-derive-cmp_bytes-from-VNC_DIRTY_PIXELS_PER_BI.patch [bz#1377977]
• kvm-ui-vnc-optimize-dirty-bitmap-tracking.patch [bz#1377977]
• kvm-ui-vnc-optimize-setting-in-vnc_dpy_update.patch [bz#1377977]
• kvm-ui-vnc-fix-vmware-VGA-incompatiblities.patch [bz#1377977]
• kvm-ui-vnc-fix-potential-memory-corruption-issues.patch [bz#1377977]
• kvm-vnc-fix-memory-corruption-CVE-2015-5225.patch [bz#1377977]
• kvm-vnc-fix-overflow-in-vnc_update_stats.patch [bz#1377977]
• kvm-i386-kvmvapic-initialise-imm32-variable.patch [bz#1335751]
• kvm-qemu-iotests-Filter-out-actual-image-size-in-067.patch [bz#1427176]
• vm-qcow2-Don-t-rely-on-free_cluster_index-in-alloc_ref2.patch [bz#1427176]
• kvm-qemu-iotests-Fix-core-dump-suppression-in-test-039.patch [bz#1427176]
• kvm-qemu-io-Add-sigraise-command.patch [bz#1427176]
• kvm-iotests-Filter-for-Killed-in-qemu-io-output.patch [bz#1427176]
• kvm-iotests-Fix-test-039.patch [bz#1427176]
• kvm-blkdebug-Add-bdrv_truncate.patch [bz#1427176]
• kvm-vhdx-Fix-zero-fill-iov-length.patch [bz#1427176]
• kvm-qemu-iotests-Disable-030-040-041.patch [bz#1427176]
• kvm-x86-add-AVX512_VPOPCNTDQ-features.patch [bz#1415830]
• kvm-usb-ccid-check-ccid-apdu-length.patch [bz#1419818]
• kvm-usb-ccid-better-bulk_out-error-handling.patch [bz#1419818]
• kvm-usb-ccid-move-header-size-check.patch [bz#1419818]
• kvm-usb-ccid-add-check-message-size-checks.patch [bz#1419818]
• kvm-spec-Update-rdma-build-dependency.patch [bz#1433920]
• Resolves: bz#1335751
  (CVE-2016-4020 qemu-kvm: Qemu: i386: leakage of stack memory to guest in kvmvapic.c [rhel-7.4])
• Resolves: bz#1377977
  (qemu-kvm coredump in vnc_raw_send_framebuffer_update [rhel-7.4])
• Resolves: bz#1415830
  ([Intel 7.4 FEAT] Enable vpopcntdq for KNM - qemu/kvm)
• Resolves: bz#1419818
  (CVE-2017-5898 qemu-kvm: Qemu: usb: integer overflow in emulated_apdu_from_guest [rhel-7.4])
• Resolves: bz#1427176
  (test cases of qemu-iotests failed)
• Resolves: bz#1433920
  (Switch from librdmacm-devel to rdma-core-devel)
  [1.5.3-133.el7]
• kvm-target-i386-add-Ivy-Bridge-CPU-model.patch [bz#1368375]
• kvm-x86-add-AVX512_4VNNIW-and-AVX512_4FMAPS-features.patch [bz#1382122]
• kvm-target-i386-kvm_cpu_fill_host-Kill-unused-code.patch [bz#1382122]
• kvm-target-i386-kvm_cpu_fill_host-No-need-to-check-level.patch [bz#1382122]
• kvm-target-i386-kvm_cpu_fill_host-No-need-to-check-CPU-v.patch [bz#1382122]
• kvm-target-i386-kvm_cpu_fill_host-No-need-to-check-xleve.patch [bz#1382122]
• kvm-target-i386-kvm_cpu_fill_host-Set-all-feature-words-.patch [bz#1382122]
• kvm-target-i386-kvm_cpu_fill_host-Fill-feature-words-in-.patch [bz#1382122]
• kvm-target-i386-kvm_check_features_against_host-Kill-fea.patch [bz#1382122]
• kvm-target-i386-Make-TCG-feature-filtering-more-readable.patch [bz#1382122]
• kvm-target-i386-Filter-FEAT_7_0_EBX-TCG-features-too.patch [bz#1382122]
• kvm-target-i386-Filter-KVM-and-0xC0000001-features-on-TC.patch [bz#1382122]
• kvm-target-i386-Define-TCG_-_FEATURES-earlier-in-cpu.c.patch [bz#1382122]
• kvm-target-i386-Loop-based-copying-and-setting-unsetting.patch [bz#1382122]
• kvm-target-i386-Loop-based-feature-word-filtering-in-TCG.patch [bz#1382122]
• kvm-spice-remove-spice-experimental.h-include.patch [bz#1430606]
• kvm-spice-replace-use-of-deprecated-API.patch [bz#1430606]
• Resolves: bz#1368375
  ([Intel 7.4 Bug] qemu-kvm does not support ‘-cpu IvyBridge’)
• Resolves: bz#1382122
  ([Intel 7.4 FEAT] KVM Enable the avx512_4vnniw, avx512_4fmaps instructions in qemu)
• Resolves: bz#1430606
  (Cant build qemu-kvm with newer spice packages)
  [1.5.3-132.el7]
• kvm-cirrus-fix-patterncopy-checks.patch [bz#1420492]
• kvm-Revert-cirrus-allow-zero-source-pitch-in-pattern-fil.patch [bz#1420492]
• kvm-cirrus-add-blit_is_unsafe-call-to-cirrus_bitblt_cput.patch [bz#1420492]
• Resolves: bz#1420492
  (EMBARGOED CVE-2017-2620 qemu-kvm: Qemu: display: cirrus: potential arbitrary code execution via cirrus_bitblt_cputovideo [rhel-7.4])
  [1.5.3-131.el7]
• kvm-memory-Allow-access-only-upto-the-maximum-alignment-.patch [bz#1342768]
• kvm-virtio-blk-Release-s-rq-queue-at-system_reset.patch [bz#1361488]
• kvm-cirrus_vga-fix-off-by-one-in-blit_region_is_unsafe.patch [bz#1418233]
• kvm-display-cirrus-check-vga-bits-per-pixel-bpp-value.patch [bz#1418233]
• kvm-display-cirrus-ignore-source-pitch-value-as-needed-i.patch [bz#1418233]
• kvm-cirrus-handle-negative-pitch-in-cirrus_invalidate_re.patch [bz#1418233]
• kvm-cirrus-allow-zero-source-pitch-in-pattern-fill-rops.patch [bz#1418233]
• kvm-cirrus-fix-blit-address-mask-handling.patch [bz#1418233]
• kvm-cirrus-fix-oob-access-issue-CVE-2017-2615.patch [bz#1418233]
• kvm-HMP-Fix-user-manual-typo-of-__com.redhat_qxl_screend.patch [bz#1419898]
• kvm-HMP-Fix-documentation-of-__com.redhat.drive_add.patch [bz#1419898]
• Resolves: bz#1342768
  ([Intel 7.4 Bug] qemu-kvm crashes with Linux kernel 4.6.0 or above)
• Resolves: bz#1361488
  (system_reset should clear pending request for error (virtio-blk))
• Resolves: bz#1418233
  (CVE-2017-2615 qemu-kvm: Qemu: display: cirrus: oob access while doing bitblt copy backward mode [rhel-7.4])
• Resolves: bz#1419898
  (Documentation inaccurate for __com.redhat_qxl_screendump and __com.redhat_drive_add)
  [1.5.3-130.el7]
• kvm-gluster-correctly-propagate-errors.patch [bz#1151859]
• kvm-gluster-Correctly-propagate-errors-when-volume-isn-t.patch [bz#1151859]
• kvm-block-gluster-add-support-for-selecting-debug-loggin.patch [bz#1151859]
• Resolves: bz#1151859
  ([RFE] Allow the libgfapi logging level to be controlled.)
  [1.5.3-129.el7]
• kvm-Update-qemu-kvm-package-Summary-and-Description.patch [bz#1378541]
• kvm-vl-Don-t-silently-change-topology-when-all-smp-optio.patch [bz#1375507]
• kvm-net-check-packet-payload-length.patch [bz#1398218]
• kvm-qxl-Only-emit-QXL_INTERRUPT_CLIENT_MONITORS_CONFIG-o.patch [bz#1342489]
• Resolves: bz#1342489
  (Flickering Fedora 24 Login Screen on RHEL 7)
• Resolves: bz#1375507
  (‘threads’ option is overwritten if both ‘sockets’ and ‘cores’ is set on -smp)
• Resolves: bz#1378541
  (QEMU: update package summary and description)
• Resolves: bz#1398218
  (CVE-2016-2857 qemu-kvm: Qemu: net: out of bounds read in net_checksum_calculate() [rhel-7.4])
  [1.5.3-128.el7]
• kvm-virtio-introduce-virtqueue_unmap_sg.patch [bz#1377968]
• kvm-virtio-introduce-virtqueue_discard.patch [bz#1377968]
• kvm-virtio-decrement-vq-inuse-in-virtqueue_discard.patch [bz#1377968]
• kvm-balloon-fix-segfault-and-harden-the-stats-queue.patch [bz#1377968]
• kvm-virtio-balloon-discard-virtqueue-element-on-reset.patch [bz#1377968]
• kvm-virtio-zero-vq-inuse-in-virtio_reset.patch [bz#1377968]
• kvm-virtio-add-virtqueue_rewind.patch [bz#1377968]
• kvm-virtio-balloon-fix-stats-vq-migration.patch [bz#1377968]
• Resolves: bz#1377968
  ([RHEL7.3] KVM guest shuts itself down after 128th reboot)
  [1.5.3-127.el7]
• kvm-hw-i386-regenerate-checked-in-AML-payload-RHEL-only.patch [bz#1377087]
• kvm-ide-fix-halted-IO-segfault-at-reset.patch [bz#1377087]
• Resolves: bz#1377087
  (shutdown rhel 5.11 guest failed and stop at ‘system halted’)