Mehrere Probleme in Xen
ID: | FEDORA-2015-efc1d7ba5e |
Distribution: | Fedora |
Plattformen: | Fedora 22 |
Datum: | Mo, 5. Oktober 2015, 07:38 |
Referenzen: | http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-6815
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-5278 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-5239 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-5279 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-5745 |
Applikationen: | Xen |
Originalnachricht |
|
Name : xen Product : Fedora 22 Version : 4.5.1 Release : 9.fc22 URL : http://xen.org/ Summary : Xen is a virtual machine monitor Description : This package contains the XenD daemon and xm command line tools, needed to manage virtual machines running under the Xen hypervisor -------------------------------------------------------------------------------- Update Information: ui/vnc: limit client_cut_text msg payload size [CVE-2015-5239] (#1259504), e1000: Avoid infinite loop in processing transmit descriptor [CVE-2015-6815] (#1260224), net: add checks to validate ring buffer pointers [CVE-2015-5279] (#1263278), net: avoid infinite loop when receiving packets [CVE-2015-5278] (#1263281), qemu buffer overflow in virtio-serial [CVE-2015-5745] (#1251354) -------------------------------------------------------------------------------- References: [ 1 ] Bug #1257735 - CVE-2015-5239 qemu-kvm: Integer overflow in vnc_client_read() and protocol_client_msg() https://bugzilla.redhat.com/show_bug.cgi?id=1257735 [ 2 ] Bug #1260076 - CVE-2015-6815 qemu: net: e1000: infinite loop issue https://bugzilla.redhat.com/show_bug.cgi?id=1260076 [ 3 ] Bug #1256672 - CVE-2015-5279 qemu: Heap overflow vulnerability in ne2000_receive() function https://bugzilla.redhat.com/show_bug.cgi?id=1256672 [ 4 ] Bug #1256661 - CVE-2015-5278 qemu: Infinite loop in ne2000_receive() function https://bugzilla.redhat.com/show_bug.cgi?id=1256661 [ 5 ] Bug #1251157 - CVE-2015-5745 kernel: qemu buffer overflow in virtio-serial https://bugzilla.redhat.com/show_bug.cgi?id=1251157 -------------------------------------------------------------------------------- This update can be installed with the "yum" update program. Use su -c 'yum update xen' at the command line. For more information, refer to "Managing Software with yum", available at https://docs.fedoraproject.org/yum/. All packages are signed with the Fedora Project GPG key. More details on the GPG keys used by the Fedora Project can be found at https://fedoraproject.org/keys -------------------------------------------------------------------------------- _______________________________________________ package-announce mailing list package-announce@lists.fedoraproject.org https://admin.fedoraproject.org/mailman/listinfo/package-announce |