drucken bookmarks versenden konfigurieren admin pdf Sicherheit: Mehrere Probleme in xen
Name: |
Mehrere Probleme in xen |
|
ID: |
FEDORA-2019-3e89502cb1 |
|
Distribution: |
Fedora |
|
Plattformen: |
Fedora 29 |
|
Datum: |
Mi, 13. März 2019, 06:43 |
|
Referenzen: |
https://bugzilla.redhat.com/show_bug.cgi?id=1679332
https://bugzilla.redhat.com/show_bug.cgi?id=1679334
https://bugzilla.redhat.com/show_bug.cgi?id=1679321
https://bugzilla.redhat.com/show_bug.cgi?id=1683956
https://bugzilla.redhat.com/show_bug.cgi?id=1679328
https://bugzilla.redhat.com/show_bug.cgi?id=1685568
https://bugzilla.redhat.com/show_bug.cgi?id=1685570
https://bugzilla.redhat.com/show_bug.cgi?id=1679327
https://bugzilla.redhat.com/show_bug.cgi?id=1679326 |
|
Applikationen: |
Xen |
|
Originalnachricht |
------------------------------------------------------------------------------- - Fedora Update Notification FEDORA-2019-3e89502cb1 2019-03-12 22:17:51.347547 ------------------------------------------------------------------------------- -
Name : xen Product : Fedora 29 Version : 4.11.1 Release : 4.fc29 URL : http://xen.org/ Summary : Xen is a virtual machine monitor Description : This package contains the XenD daemon and xm command line tools, needed to manage virtual machines running under the Xen hypervisor
------------------------------------------------------------------------------- - Update Information:
xen: various flaws (#1685577) grant table transfer issues on large hosts [XSA-284] race with pass-through device hotplug [XSA-285] x86: steal_page violates page_struct access discipline [XSA-287] x86: Inconsistent PV IOMMU discipline [XSA-288] missing preemption in x86 PV page table unvalidation [XSA-290] x86/PV: page type reference counting issue with failed IOMMU update [XSA-291] x86: insufficient TLB flushing when using PCID [XSA-292] x86: PV kernel context switch corruption [XSA-293] x86 shadow: Insufficient TLB flushing when using PCID [XSA-294] ------------------------------------------------------------------------------- - ChangeLog:
* Tue Mar 5 2019 Michael Young <m.a.young@durham.ac.uk> - 4.11.1-4 - xen: various flaws (#1685577) grant table transfer issues on large hosts [XSA-284] race with pass-through device hotplug [XSA-285] x86: steal_page violates page_struct access discipline [XSA-287] x86: Inconsistent PV IOMMU discipline [XSA-288] missing preemption in x86 PV page table unvalidation [XSA-290] x86/PV: page type reference counting issue with failed IOMMU update [XSA-291] x86: insufficient TLB flushing when using PCID [XSA-292] x86: PV kernel context switch corruption [XSA-293] x86 shadow: Insufficient TLB flushing when using PCID [XSA-294] * Thu Feb 14 2019 Michael Young <m.a.young@durham.ac.uk> - 4.11.1-3 - add gcc9 build fixes (#1676229) * Sun Feb 3 2019 Fedora Release Engineering <releng@fedoraproject.org> - 4.11.1-2 - Rebuilt for https://fedoraproject.org/wiki/Fedora_30_Mass_Rebuild * Tue Dec 11 2018 Michael Young <m.a.young@durham.ac.uk> - 4.11.1-1 - update to 4.11.1 remove patches for issues now fixed upstream adjust xen.use.fedora.ipxe.patch - only include qemutrad build requirements for platforms that use it - construct ovmf.bin from edk2-ovmf package (#1656651) * Tue Nov 20 2018 Michael Young <m.a.young@durham.ac.uk> - 4.11.0-10 - insufficient TLB flushing / improper large page mappings with AMD IOMMUs [XSA-275, CVE-2018-19961, CVE-2018-19962] (#1651665) - x86: DoS from attempting to use INVPCID with a non-canonical addresses [XSA-279, CVE-2018-19965] (#1651970) - xen: various flaws (#1652251) resource accounting issues in x86 IOREQ server handling [XSA-276, CVE-2018-19963] x86: incorrect error handling for guest p2m page removals [XSA-277, CVE-2018-19964] Fix for XSA-240 conflicts with shadow paging [XSA-280, CVE-2018-19966] * Tue Nov 6 2018 Michael Young <m.a.young@durham.ac.uk> - 4.11.0-9 - guest use of HLE constructs may lock up host [XSA-282, CVE-2018-19967] * Wed Oct 24 2018 Michael Young <m.a.young@durham.ac.uk> - 4.11.0-8 - x86: Nested VT-x usable even when disabled [XSA-278, CVE-2018-18883] (#1643118) ------------------------------------------------------------------------------- - References:
[ 1 ] Bug #1679321 - xen: xsa288: Inconsistent PV IOMMU discipline https://bugzilla.redhat.com/show_bug.cgi?id=1679321 [ 2 ] Bug #1679326 - xen: xsa292: insufficient TLB flushing when using PCID https://bugzilla.redhat.com/show_bug.cgi?id=1679326 [ 3 ] Bug #1679327 - xen: xsa293: PV kernel context switch corruption https://bugzilla.redhat.com/show_bug.cgi?id=1679327 [ 4 ] Bug #1679328 - xen: xsa287: steal_page violates page_struct access discipline https://bugzilla.redhat.com/show_bug.cgi?id=1679328 [ 5 ] Bug #1679332 - xen: xsa285: race with pass-through device hotplug https://bugzilla.redhat.com/show_bug.cgi?id=1679332 [ 6 ] Bug #1679334 - xen: xsa290: missing preemption in x86 PV page table unvalidation https://bugzilla.redhat.com/show_bug.cgi?id=1679334 [ 7 ] Bug #1683956 - xen: xsa294: Insufficient TLB flushing when using PCID https://bugzilla.redhat.com/show_bug.cgi?id=1683956 [ 8 ] Bug #1685568 - xen: xsa284: grant table transfer issues on large hosts https://bugzilla.redhat.com/show_bug.cgi?id=1685568 [ 9 ] Bug #1685570 - xen: xsa291: x86/PV: page type reference counting issue with failed IOMMU update https://bugzilla.redhat.com/show_bug.cgi?id=1685570 ------------------------------------------------------------------------------- -
This update can be installed with the "dnf" update program. Use su -c 'dnf upgrade --advisory FEDORA-2019-3e89502cb1' at the command line. For more information, refer to the dnf documentation available at http://dnf.readthedocs.io/en/latest/command_ref.html#upgrade-command-label
All packages are signed with the Fedora Project GPG key. More details on the GPG keys used by the Fedora Project can be found at https://fedoraproject.org/keys ------------------------------------------------------------------------------- - _______________________________________________ package-announce mailing list -- package-announce@lists.fedoraproject.org To unsubscribe send an email to package-announce-leave@lists.fedoraproject.org Fedora Code of Conduct: https://getfedora.org/code-of-conduct.html List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines List Archives: https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org
|
|
|
|