Fedora alert FEDORA-2016-7b6fbff620 (xen)
| From: | updates@fedoraproject.org | |
| To: | package-announce@lists.fedoraproject.org | |
| Subject: | [SECURITY] Fedora 25 Update: xen-4.7.0-7.fc25 | |
| Date: | Sat, 19 Nov 2016 21:36:03 +0000 (UTC) | |
| Message-ID: | <20161119213603.559D160560A5@bastion01.phx2.fedoraproject.org> |
-------------------------------------------------------------------------------- Fedora Update Notification FEDORA-2016-7b6fbff620 2016-11-19 18:59:18.544367 -------------------------------------------------------------------------------- Name : xen Product : Fedora 25 Version : 4.7.0 Release : 7.fc25 URL : http://xen.org/ Summary : Xen is a virtual machine monitor Description : This package contains the XenD daemon and xm command line tools, needed to manage virtual machines running under the Xen hypervisor -------------------------------------------------------------------------------- Update Information: several qemu security fixes -------------------------------------------------------------------------------- ChangeLog: -------------------------------------------------------------------------------- References: [ 1 ] Bug #1383291 - CVE-2016-8578 Qemu: 9pfs: potential NULL dereferencein 9pfs routines https://bugzilla.redhat.com/show_bug.cgi?id=1383291 [ 2 ] Bug #1333425 - CVE-2016-8576 Qemu: usb: xHCI: infinite loop vulnerability in xhci_ring_fetch https://bugzilla.redhat.com/show_bug.cgi?id=1333425 [ 3 ] Bug #1384909 - CVE-2016-8669 Qemu: char: divide by zero error in serial_update_parameters https://bugzilla.redhat.com/show_bug.cgi?id=1384909 [ 4 ] Bug #1388046 - CVE-2016-8910 Qemu: net: rtl8139: infinite loop while transmit in C+ mode https://bugzilla.redhat.com/show_bug.cgi?id=1388046 [ 5 ] Bug #1327626 - Qemu: timer: a9gtimer: Infinite loop unfolds when updating a9gtimer https://bugzilla.redhat.com/show_bug.cgi?id=1327626 [ 6 ] Bug #1389642 - CVE-2016-9103 Qemu: 9pfs: information leakage via xattr https://bugzilla.redhat.com/show_bug.cgi?id=1389642 [ 7 ] Bug #1389550 - CVE-2016-9102 Qemu: 9pfs: memory leakage when creating extended attribute https://bugzilla.redhat.com/show_bug.cgi?id=1389550 [ 8 ] Bug #1389702 - CVE-2016-9105 Qemu: 9pfs: memory leakage in v9fs_link https://bugzilla.redhat.com/show_bug.cgi?id=1389702 [ 9 ] Bug #1389712 - CVE-2016-9106 Qemu: 9pfs: memory leakage in v9fs_write https://bugzilla.redhat.com/show_bug.cgi?id=1389712 [ 10 ] Bug #1389686 - CVE-2016-9104 Qemu: 9pfs: integer overflow leading to OOB access https://bugzilla.redhat.com/show_bug.cgi?id=1389686 -------------------------------------------------------------------------------- This update can be installed with the "dnf" update program. Use su -c 'dnf upgrade xen' at the command line. For more information, refer to the dnf documentation available at http://dnf.readthedocs.io/en/latest/command_ref.html#upgr... All packages are signed with the Fedora Project GPG key. More details on the GPG keys used by the Fedora Project can be found at https://fedoraproject.org/keys -------------------------------------------------------------------------------- _______________________________________________ package-announce mailing list -- package-announce@lists.fedoraproject.org To unsubscribe send an email to package-announce-leave@lists.fedoraproject.org