drucken bookmarks versenden konfigurieren admin pdf Sicherheit: Ausführen beliebiger Kommandos in Xen
Name: |
Ausführen beliebiger Kommandos in Xen |
|
ID: |
FEDORA-2011-8403 |
|
Distribution: |
Fedora |
|
Plattformen: |
Fedora 14 |
|
Datum: |
Do, 30. Juni 2011, 11:20 |
|
Referenzen: |
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-1898 |
|
Applikationen: |
Xen |
|
Originalnachricht |
------------------------------------------------------------------------------- - Fedora Update Notification FEDORA-2011-8403 2011-06-21 16:08:55 ------------------------------------------------------------------------------- -
Name : xen Product : Fedora 14 Version : 4.0.2 Release : 1.fc14 URL : http://xen.org/ Summary : Xen is a virtual machine monitor Description : This package contains the XenD daemon and xm command line tools, needed to manage virtual machines running under the Xen hypervisor
------------------------------------------------------------------------------- - Update Information:
update to 4.0.2 - includes various bugfixes and fix for [CVE-2011-1898] guest with pci passthrough can gain privileged access to base domain ------------------------------------------------------------------------------- - ChangeLog:
* Wed Jun 15 2011 Michael Young <m.a.young@durham.ac.uk> - 4.0.2-1 - update to 4.0.2 remove upstream patches localpy27fixes.patch xen.irq.fixes.patch xen.xsave.disable.patch xen.8259afix.patch cve-2011-1583-4.0.patch rebase localcleanups.patch * Tue May 10 2011 Michael Young <m.a.young@durham.ac.uk> - 4.0.1-11 - Overflows in kernel decompression can allow root on xen PV guest to gain privileged access to base domain, or access to xen configuration info. Lack of error checking could allow DoS attack from guest [CVE-2011-1583] - Don't require /usr/bin/qemu-nbd as it isn't used at present. - Fix issue with VGA passthrough (#694001) * Mon Jan 31 2011 Michael Young <m.a.young@durham.ac.uk> - 4.0.1-9 - Make libraries executable so that rpm gets dependencies right * Sat Jan 29 2011 Michael Young <m.a.young@durham.ac.uk> - 4.0.1-8 - Temporarily turn off some compile options so it will build on rawhide * Fri Jan 28 2011 Michael Young <m.a.young@durham.ac.uk> - 4.0.1-7 - ghost directories in /var/run (#656724) - minor fixes to /usr/share/doc/xen-doc-4.?.?/misc/network_setup.txt (#653159) /etc/xen/scripts/network-route, /etc/xen/scripts/vif-common.sh (#669747) and /etc/sysconfig/modules/xen.modules (#656536) ------------------------------------------------------------------------------- -
This update can be installed with the "yum" update program. Use su -c 'yum update xen' at the command line. For more information, refer to "Managing Software with yum", available at http://docs.fedoraproject.org/yum/.
All packages are signed with the Fedora Project GPG key. More details on the GPG keys used by the Fedora Project can be found at https://fedoraproject.org/keys ------------------------------------------------------------------------------- - _______________________________________________ package-announce mailing list package-announce@lists.fedoraproject.org https://admin.fedoraproject.org/mailman/listinfo/package-announce
|
|
|
|