Mehrere Probleme in Xen
ID: | FEDORA-2016-da6b1d277b |
Distribution: | Fedora |
Plattformen: | Fedora 23 |
Datum: | Do, 10. November 2016, 22:51 |
Referenzen: | http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9102
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-8576 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-8910 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9106 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-8578 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9105 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9103 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9104 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-8669 |
Applikationen: | Xen |
Originalnachricht |
|
Name : xen Product : Fedora 23 Version : 4.5.5 Release : 3.fc23 URL : http://xen.org/ Summary : Xen is a virtual machine monitor Description : This package contains the XenD daemon and xm command line tools, needed to manage virtual machines running under the Xen hypervisor -------------------------------------------------------------------------------- Update Information: several qemu security fixes -------------------------------------------------------------------------------- References: [ 1 ] Bug #1333425 - CVE-2016-8576 Qemu: usb: xHCI: infinite loop vulnerability in xhci_ring_fetch https://bugzilla.redhat.com/show_bug.cgi?id=1333425 [ 2 ] Bug #1383291 - CVE-2016-8578 Qemu: 9pfs: potential NULL dereferencein 9pfs routines https://bugzilla.redhat.com/show_bug.cgi?id=1383291 [ 3 ] Bug #1384909 - CVE-2016-8669 Qemu: char: divide by zero error in serial_update_parameters https://bugzilla.redhat.com/show_bug.cgi?id=1384909 [ 4 ] Bug #1388046 - CVE-2016-8910 Qemu: net: rtl8139: infinite loop while transmit in C+ mode https://bugzilla.redhat.com/show_bug.cgi?id=1388046 [ 5 ] Bug #1327626 - Qemu: timer: a9gtimer: Infinite loop unfolds when updating a9gtimer https://bugzilla.redhat.com/show_bug.cgi?id=1327626 [ 6 ] Bug #1389642 - CVE-2016-9103 Qemu: 9pfs: information leakage via xattr https://bugzilla.redhat.com/show_bug.cgi?id=1389642 [ 7 ] Bug #1389550 - CVE-2016-9102 Qemu: 9pfs: memory leakage when creating extended attribute https://bugzilla.redhat.com/show_bug.cgi?id=1389550 [ 8 ] Bug #1389702 - CVE-2016-9105 Qemu: 9pfs: memory leakage in v9fs_link https://bugzilla.redhat.com/show_bug.cgi?id=1389702 [ 9 ] Bug #1389712 - CVE-2016-9106 Qemu: 9pfs: memory leakage in v9fs_write https://bugzilla.redhat.com/show_bug.cgi?id=1389712 [ 10 ] Bug #1389686 - CVE-2016-9104 Qemu: 9pfs: integer overflow leading to OOB access https://bugzilla.redhat.com/show_bug.cgi?id=1389686 -------------------------------------------------------------------------------- This update can be installed with the "dnf" update program. Use su -c 'dnf upgrade xen' at the command line. For more information, refer to the dnf documentation available at http://dnf.readthedocs.io/en/latest/command_ref.html#upgrade-command-label All packages are signed with the Fedora Project GPG key. More details on the GPG keys used by the Fedora Project can be found at https://fedoraproject.org/keys -------------------------------------------------------------------------------- _______________________________________________ package-announce mailing list -- package-announce@lists.fedoraproject.org To unsubscribe send an email to package-announce-leave@lists.fedoraproject.org |