virt:ol and virt-devel:rhel security, bug fix, and enhancement update

libvirt
[6.0.0-35.0.1]

• Set SOURCE_DATE_EPOCH from changelog [Orabug: 32019554]
• Add runtime deps for pkg librbd1 >= 1:10.2.5 (Keshav Sharma)
• Disable parallel builds (Karl Heubaum)
  libvirt-dbus
  [1.3.0]
• Resolves: bz#1810193
  (Upgrade components in virt:rhel module:stream for RHEL-8.3 release)
  libvirt-python
  [6.0.0]
• Resolves: bz#1810193
  (Upgrade components in virt:rhel module:stream for RHEL-8.3 release)
  nbdkit
  [1.16.2-4.0.1]
• Replace upstream references within the description tag
  [1.16.2]
• Resolves: bz#1810193
  (Upgrade components in virt:rhel module:stream for RHEL-8.3 release)
  [1.16.2]
• Resolves: bz#1810193
  (Upgrade components in virt:rhel module:stream for RHEL-8.3 release)
  perl-Sys-Virt
  [6.0.0]
• Resolves: bz#1810193
  (Upgrade components in virt:rhel module:stream for RHEL-8.3 release)
  qemu-kvm
  [4.2.0-48.el8]
• kvm-ide-atapi-check-logical-block-address-and-read-size-.patch [bz#1917451]
• Resolves: bz#1917451
  (CVE-2020-29443 virt:rhel/qemu-kvm: QEMU: ide: atapi: OOB access while processing read commands [rhel-8.4.0])
  [4.2.0-47.el8]
• kvm-x86-cpu-Enable-AVX512_VP2INTERSECT-cpu-feature.patch [bz#1790620]
• kvm-target-i386-add-fast-short-REP-MOV-support.patch [bz#1790620]
• kvm-x86-cpu-Populate-SVM-CPUID-feature-bits.patch [bz#1790620]
• kvm-i386-Add-the-support-for-AMD-EPYC-3rd-generation-pro.patch [bz#1790620]
• Resolves: bz#1790620
  ([RFE] AMD Milan - Add KVM/support for EPYC-Milan CPU Model - Slow Train)
  [4.2.0-46.el8]
• kvm-redhat-makes-qemu-respect-system-s-crypto-profile.patch [bz#1902960]
• kvm-spapr-Adjust-firmware-path-of-PCI-devices.patch [bz#1912891]
• Resolves: bz#1902960
  (QEMU doesnt honour system crypto policies)
• Resolves: bz#1912891
  ([ppc64le] --disk cdimage.iso,bus=usb fails to boot)
  [4.2.0-45.el8]
• kvm-virtiofsd-extract-lo_do_open-from-lo_open.patch [bz#1919111]
• kvm-virtiofsd-optionally-return-inode-pointer-from-lo_do.patch [bz#1919111]
• kvm-virtiofsd-prevent-opening-of-special-files-CVE-2020-.patch [bz#1919111]
• Resolves: bz#1919111
  (CVE-2020-35517 virt:rhel/qemu-kvm: QEMU: virtiofsd: potential privileged host device access from guest [rhel-8.4.0])
  [4.2.0-44.el8]
• kvm-spapr-Improve-handling-of-fdt-buffer-size.patch [bz#1901837]
• kvm-spapr-Fold-h_cas_compose_response-into-h_client_arch.patch [bz#1901837]
• kvm-spapr-Don-t-use-spapr_drc_needed-in-CAS-code.patch [bz#1901837]
• kvm-spapr-Fix-handling-of-unplugged-devices-during-CAS-a.patch [bz#1901837]
• kvm-spapr-Allow-memory-unplug-to-always-succeed.patch [bz#1901837]
• kvm-spapr-Improve-handling-of-memory-unplug-with-old-gue.patch [bz#1901837]
• kvm-block-Require-aligned-image-size-to-avoid-assertion-.patch [bz#1834281]
• kvm-file-posix-Allow-byte-aligned-O_DIRECT-with-NFS.patch [bz#1834281]
• kvm-block-iscsi-fix-heap-buffer-overflow-in-iscsi_aio_io.patch [bz#1912974]
• Resolves: bz#1834281
  (qemu-img convert abort when converting image with unaligned size)
• Resolves: bz#1901837
  (Failed to hotunplug pc-dimm device)
• Resolves: bz#1912974
  (CVE-2020-11947 virt:rhel/qemu-kvm: QEMU: heap buffer overflow in iscsi_aio_ioctl_cb() in block/iscsi.c may lead to information disclosure [rhel-8])
  [4.2.0-43.el8]
• kvm-Drop-bogus-IPv6-messages.patch [bz#1918054]
• Resolves: bz#1918054
  (CVE-2020-10756 virt:rhel/qemu-kvm: QEMU: slirp: networking out-of-bounds read information disclosure vulnerability [rhel-8.4.0])
  [4.2.0-42.el8]
• kvm-linux-headers-add-vfio-DMA-available-capability.patch [bz#1905391]
• kvm-s390x-pci-Move-header-files-to-include-hw-s390x.patch [bz#1905391]
• kvm-vfio-Create-shared-routine-for-scanning-info-capabil.patch [bz#1905391]
• kvm-vfio-Find-DMA-available-capability.patch [bz#1905391]
• kvm-s390x-pci-Add-routine-to-get-the-vfio-dma-available-.patch [bz#1905391]
• kvm-s390x-pci-Honor-DMA-limits-set-by-vfio.patch [bz#1905391]
• kvm-s390x-fix-build-for-without-default-devices.patch [bz#1905391]
• Resolves: bz#1905391
  (RHEL8.4 - s390x/pci: Honor vfio DMA limiting (qemu-kvm))
  [4.2.0-41.el8]
• kvm-udev-kvm-check-remove-the-exceeded-subscription-limi.patch [bz#1909244]
• kvm-hw-arm-smmu-common-Factorize-some-code-in-smmu_ptw_6.patch [bz#1843852]
• kvm-hw-arm-smmu-common-Add-IOTLB-helpers.patch [bz#1843852]
• kvm-hw-arm-smmu-Introduce-smmu_get_iotlb_key.patch [bz#1843852]
• kvm-hw-arm-smmu-Introduce-SMMUTLBEntry-for-PTW-and-IOTLB.patch [bz#1843852]
• kvm-hw-arm-smmu-common-Manage-IOTLB-block-entries.patch [bz#1843852]
• kvm-hw-arm-smmuv3-Introduce-smmuv3_s1_range_inval-helper.patch [bz#1843852]
• kvm-hw-arm-smmuv3-Get-prepared-for-range-invalidation.patch [bz#1843852]
• kvm-hw-arm-smmuv3-Fix-potential-integer-overflow-CID-143.patch [bz#1843852]
• kvm-memory-Rename-memory_region_notify_one-to-memory_reg.patch [bz#1843852]
• kvm-memory-Add-IOMMUTLBEvent.patch [bz#1843852]
• kvm-memory-Add-IOMMU_NOTIFIER_DEVIOTLB_UNMAP-IOMMUTLBNot.patch [bz#1843852]
• kvm-intel_iommu-Skip-page-walking-on-device-iotlb-invali.patch [bz#1843852]
• kvm-memory-Skip-bad-range-assertion-if-notifier-is-DEVIO.patch [bz#1843852]
• kvm-memory-clamp-cached-translation-in-case-it-points-to.patch [bz#1904393]
• kvm-hw-ehci-check-return-value-of-usb_packet_map.patch [bz#1898628]
• kvm-hw-net-e1000e-advance-desc_offset-in-case-of-null-de.patch [bz#1903070]
• Resolves: bz#1909244
  (Remove KVM guest count and limit info message)
• Resolves: bz#1843852
  (qemu core dumped: qemu-kvm: /builddir/build/BUILD/qemu-4.2.0/memory.c:1928: memory_region_notify_one: Assertion entry->iova >= notifier->start && entry_end <= notifier->end failed.)
• Resolves: bz#1904393
  (CVE-2020-27821 virt:rhel/qemu-kvm: QEMU: heap buffer overflow in msix_table_mmio_write() in hw/pci/msix.c [rhel-8])
• Resolves: bz#1898628
  (CVE-2020-25723 virt:rhel/qemu-kvm: QEMU: assertion failure through usb_packet_unmap() in hw/usb/hcd-ehci.c [rhel-8])
• Resolves: bz#1903070
  (CVE-2020-25707 CVE-2020-28916 virt:rhel/qemu-kvm: various flaws [rhel-8])
  [4.2.0-40.el8]
• kvm-redhat-link-etc-qemu-ga-fsfreeze-hook-to-etc-qemu-kv.patch [bz#1910267]
• kvm-qga-rename-Error-parameter-to-more-common-errp.patch [bz#1910326]
• kvm-util-Introduce-qemu_get_host_name.patch [bz#1910326]
• kvm-qga-Use-qemu_get_host_name-instead-of-g_get_host_nam.patch [bz#1910326]
• kvm-redhat-add-un-pre-install-systemd-hooks-for-qemu-ga.patch [bz#1910220]
• Resolves: bz#1910267
  (There is no soft link ‘/etc/qemu-kvm/fsfreeze-hook’)
• Resolves: bz#1910326
  (Incorrect hostname returned by qga command ‘guest-get-host-name’)
• Resolves: bz#1910220
  (qemu-ga service still active and can work after qemu-guest-agent been removed)
  [4.2.0-39.el8]
• kvm-ppc-spapr-Add-hotremovable-flag-on-DIMM-LMBs-on-drme.patch [bz#1901837]
• kvm-ppc-spapr-re-assert-IRQs-during-event-scan-if-there-.patch [bz#1901837]
• kvm-slirp-check-pkt_len-before-reading-protocol-header.patch [bz#1902237]
• kvm-s390x-s390-virtio-ccw-Reset-PCI-devices-during-subsy.patch [bz#1905386]
• kvm-qapi-enable-use-of-g_autoptr-with-QAPI-types.patch [bz#1859494]
• kvm-error-Fix-examples-in-error.h-s-big-comment.patch [bz#1859494]
• kvm-error-Improve-error.h-s-big-comment.patch [bz#1859494]
• kvm-error-Document-Error-API-usage-rules.patch [bz#1859494]
• kvm-error-New-macro-ERRP_GUARD.patch [bz#1859494]
• kvm-qga-add-command-guest-get-disks.patch [bz#1859494]
• kvm-qga-add-implementation-of-guest-get-disks-for-Linux.patch [bz#1859494]
• kvm-qga-add-implementation-of-guest-get-disks-for-Window.patch [bz#1859494]
• kvm-qga-fix-missing-closedir-in-qmp_guest_get_disks.patch [bz#1859494]
• kvm-qga-update-schema-for-guest-get-disks-dependents-fie.patch [bz#1859494]
• Resolves: bz#1859494
  (Report logical_name for disks without mounted file-system)
• Resolves: bz#1901837
  (Failed to hotunplug pc-dimm device)
• Resolves: bz#1902237
  (CVE-2020-29129 CVE-2020-29130 virt:rhel/qemu-kvm: QEMU: slirp: out-of-bounds access while processing ARP/NCSI packets [rhel-8])
• Resolves: bz#1905386
  (RHEL8.3 - s390x/s390-virtio-ccw: Reset PCI devices during subsystem reset (qemu-kvm))
  [4.2.0-38.el8]
• kvm-seccomp-fix-killing-of-whole-process-instead-of-thre.patch [bz#1880546]
• kvm-pc-bios-s390x-Rename-PSW_MASK_ZMODE-to-PSW_MASK_64.patch [bz#1903135]
• kvm-pc-bios-s390x-Use-PSW-masks-where-possible-and-intro.patch [bz#1903135]
• kvm-pc-bios-s390x-Ensure-Read-IPL-memory-is-clean.patch [bz#1903135]
• kvm-pc-bios-s390x-Clear-out-leftover-S390EP-string.patch [bz#1903135]
• Resolves: bz#1880546
  (qemu use SCMP_ACT_TRAP even SCMP_ACT_KILL_PROCESS is available)
• Resolves: bz#1903135
  (RHEL8.3 - KVM Distro install to vfio_ccw backed DASD gets error at the reboot step (qemu-kvm))
  [4.2.0-37.el8]
• kvm-hw-net-net_tx_pkt-fix-assertion-failure-in-net_tx_pk.patch [bz#1860994]
• Resolves: bz#1860994
  (CVE-2020-16092 virt:rhel/qemu-kvm: QEMU: reachable assertion failure in net_tx_pkt_add_raw_fragment() in hw/net/net_tx_pkt.c [rhel-8])
  [4.2.0-36.el8]
• kvm-qga-fix-assert-regression-on-guest-shutdown.patch [bz#1884531]
• kvm-libvhost-user-handle-endianness-as-mandated-by-the-s.patch [bz#1857733]
• kvm-virtio-add-vhost-user-fs-ccw-device.patch [bz#1857733]
• kvm-Ensure-vhost-user-fs-is-enabled-on-s390x.patch [bz#1857733]
• kvm-s390x-sclp.c-remove-unneeded-label-in-sclp_service_c.patch [bz#1798506]
• kvm-s390-sclp-get-machine-once-during-read-scp-cpu-info.patch [bz#1798506]
• kvm-s390-sclp-rework-sclp-boundary-checks.patch [bz#1798506]
• kvm-s390-sclp-read-sccb-from-mem-based-on-provided-lengt.patch [bz#1798506]
• kvm-s390-sclp-check-sccb-len-before-filling-in-data.patch [bz#1798506]
• kvm-s390-sclp-use-cpu-offset-to-locate-cpu-entries.patch [bz#1798506]
• kvm-s390-sclp-add-extended-length-sccb-support-for-kvm-g.patch [bz#1798506]
• kvm-linux-headers-Partial-update-against-Linux-5.9-rc4.patch [bz#1798506]
• kvm-misc-Replace-zero-length-arrays-with-flexible-array-.patch [bz#1798506]
• kvm-s390-guest-support-for-diagnose-0x318.patch [bz#1798506]
• kvm-s390x-pv-Remove-sclp-boundary-checks.patch [bz#1798506]
• kvm-s390x-pv-Fix-diag318-PV-fencing.patch [bz#1798506]
• kvm-s390-kvm-fix-diag318-propagation-and-reset-functiona.patch [bz#1659412]
• kvm-trace-use-STAP_SDT_V2-to-work-around-symbol-visibili.patch [bz#1898700]
• Resolves: bz#1659412
  ([IBM 8.4 FEAT] KVM enablement for enhanced hardware diagnose data of guest kernel on s390x - qemu part)
• Resolves: bz#1798506
  ([IBM 8.4 FEAT] KVM: Support extended-length SCCBs - qemu part)
• Resolves: bz#1857733
  ([IBM 8.4 FEAT] KVM: Add support for virtio-fs on s390x - qemu part)
• Resolves: bz#1884531
  (qemu-ga aborts after guest-shutdown command)
• Resolves: bz#1898700
  (qemu-kvm for RHEL-8.4 doesnt build due to a possible incompatibility with systemtap-sdt-devel-4.4-1)
  [4.2.0-35.el8]
• kvm-qga-commands-posix-Rework-build_guest_fsinfo_for_rea.patch [bz#1755075]
• kvm-qga-commands-posix-Move-the-udev-code-from-the-pci-t.patch [bz#1755075]
• kvm-qga-commands-posix-Support-fsinfo-for-non-PCI-virtio.patch [bz#1755075]
• kvm-nvram-Exit-QEMU-if-NVRAM-cannot-contain-all-prom-env.patch [bz#1874780]
• kvm-pc-bios-s390-ccw-Makefile-Compile-with-std-gnu99-fwr.patch [bz#1846975]
• kvm-pc-bios-s390-ccw-Move-ipl-related-code-from-main-int.patch [bz#1846975]
• kvm-pc-bios-s390-ccw-Introduce-ENODEV-define-and-remove-.patch [bz#1846975]
• kvm-pc-bios-s390-ccw-Move-the-inner-logic-of-find_subch-.patch [bz#1846975]
• kvm-pc-bios-s390-ccw-Do-not-bail-out-early-if-not-findin.patch [bz#1846975]
• kvm-pc-bios-s390-ccw-Scan-through-all-devices-if-no-boot.patch [bz#1846975]
• kvm-pc-bios-s390-ccw-Allow-booting-in-case-the-first-vir.patch [bz#1846975]
• kvm-pc-bios-s390-ccw-main-Remove-superfluous-call-to-ena.patch [bz#1846975]
• kvm-aio-posix-completely-stop-polling-when-disabled.patch [bz#1846975]
• kvm-Remove-explicit-glusterfs-api-dependency.patch [bz#1872854]
• Resolves: bz#1755075
  ([qemu-guest-agent] fsinfo doesnt return disk info on s390x)
• Resolves: bz#1846975
  (Failed to boot up a s390x guest with virtio-blk-ccw if attaching a virtio-scsi-ccw bus in previous)
• Resolves: bz#1872854
  (move the glusterfs dependency out of qemu-kvm-core to the glusterfs module)
• Resolves: bz#1874780
  (-prom-env does not validate input)
  supermin
  [5.1.19]
• Resolves: bz#1810193
  (Upgrade components in virt:rhel module:stream for RHEL-8.3 release)