drucken bookmarks versenden konfigurieren admin pdf Sicherheit: Mehrere Probleme in Xen
Name: |
Mehrere Probleme in Xen |
|
ID: |
FEDORA-2015-12a089920e |
|
Distribution: |
Fedora |
|
Plattformen: |
Fedora 23 |
|
Datum: |
Do, 17. Dezember 2015, 08:47 |
|
Referenzen: |
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8340
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7512
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7504
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8504
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8345
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8338
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8339
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8341 |
|
Applikationen: |
Xen |
|
Originalnachricht |
Name : xen Product : Fedora 23 Version : 4.5.2 Release : 5.fc23 URL : http://xen.org/ Summary : Xen is a virtual machine monitor Description : This package contains the XenD daemon and xm command line tools, needed to manage virtual machines running under the Xen hypervisor
------------------------------------------------------------------------------- - Update Information:
eepro100: Prevent two endless loops [CVE-2015-8345], pcnet: fix rx buffer overflow [CVE-2015-7512], ui: vnc: avoid floating point exception [CVE-2015-8504], additional patch for [XSA-158, CVE-2015-8338] long running memory operations on ARM [XSA-158, CVE-2015-8338] XENMEM_exchange error handling issues [XSA-159, CVE-2015-8339, CVE-2015-8340] libxl leak of pv kernel and initrd on error [XSA-160, CVE-2015-8341] ---- heap buffer overflow vulnerability in pcnet emulator [XSA-162, CVE-2015-7504], virtual PMU is unsupported [XSA-163] ------------------------------------------------------------------------------- - References:
[ 1 ] Bug #1285213 - CVE-2015-8345 Qemu: net: eepro100: infinite loop in processing command block list https://bugzilla.redhat.com/show_bug.cgi?id=1285213 [ 2 ] Bug #1285061 - CVE-2015-7512 Qemu: net: pcnet: buffer overflow in non-loopback mode https://bugzilla.redhat.com/show_bug.cgi?id=1285061 [ 3 ] Bug #1289541 - CVE-2015-8504 Qemu: ui: vnc: avoid floating point exception https://bugzilla.redhat.com/show_bug.cgi?id=1289541 [ 4 ] Bug #1261461 - CVE-2015-7504 Qemu: net: pcnet: heap overflow vulnerability in pcnet_receive https://bugzilla.redhat.com/show_bug.cgi?id=1261461 [ 5 ] Bug #1285350 - xen: Virtual Performance Measurement Unit feature is unsupported https://bugzilla.redhat.com/show_bug.cgi?id=1285350 [ 6 ] Bug #1284933 - CVE-2015-8341 xen: libxl leak of PV kernel can cause OOM condition https://bugzilla.redhat.com/show_bug.cgi?id=1284933 [ 7 ] Bug #1284919 - CVE-2015-8339 CVE-2015-8340 xen: XENMEM_exchange error handling may cause DoS to host https://bugzilla.redhat.com/show_bug.cgi?id=1284919 [ 8 ] Bug #1284911 - CVE-2015-8338 xen: Long running memory operations on ARM cause DoS https://bugzilla.redhat.com/show_bug.cgi?id=1284911 ------------------------------------------------------------------------------- -
This update can be installed with the "yum" update program. Use su -c 'yum update xen' at the command line. For more information, refer to "Managing Software with yum", available at https://docs.fedoraproject.org/yum/.
All packages are signed with the Fedora Project GPG key. More details on the GPG keys used by the Fedora Project can be found at https://fedoraproject.org/keys ------------------------------------------------------------------------------- - _______________________________________________ package-announce mailing list package-announce@lists.fedoraproject.org https://admin.fedoraproject.org/mailman/listinfo/package-announce
|
|
|
|