[SECURITY] Fedora Core 6 Test Update: xen-3.0.3-8.fc6

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



---------------------------------------------------------------------
Fedora Test Update Notification
FEDORA-2007-343
2007-03-15
---------------------------------------------------------------------

Product     : Fedora Core 6
Name        : xen
Version     : 3.0.3
Release     : 8.fc6
Summary     : Xen is a virtual machine monitor
Description :
This package contains the Xen hypervisor and Xen tools, needed to
run virtual machines on x86 systems, together with the kernel-xen*
packages.  Information on how to use Xen can be found at the Xen
project pages.

Virtualisation can be used to run multiple versions or multiple
Linux distributions on one system, or to test untrusted applications
in a sandboxed environment.

---------------------------------------------------------------------
Update Information:

A flaw was found affecting the VNC server code in QEMU. On a
fullyvirtualized guest VM, where qemu monitor mode is
enabled, a user who had access to the VNC server could gain
the ability to read arbitrary files as root in the host
filesystem. (CVE-2007-0998)

---------------------------------------------------------------------
* Wed Mar 14 2007 Daniel P. Berrange <berrange@xxxxxxxxxx> - 3.0.3-8.fc6
- Disable access to QEMU monitor over VNC (CVE-2007-0998, bz 230295)
* Tue Mar  6 2007 Daniel P. Berrange <berrange@xxxxxxxxxx> - 3.0.3-7.fc6
- Ensure PVFB daemon terminates if domain doesn't startup (bz 230634)
- Fix ia64 shadow page table mode
- Close QEMU file handles when running network script
* Thu Feb 15 2007 Daniel P. Berrange <berrange@xxxxxxxxxx> - 3.0.3-6.fc6
- Improve hotplug error reporting
- Don't start PVFB daemon for HVM guests
- Conflict tag to force requirement of newer libvirt for PVFB changes
* Tue Jan 30 2007 Daniel P. Berrange <berrange@xxxxxxxxxx> - 3.0.3-5.fc6
- disable ipv6 autoconf on xenbr* devices (rhbz#216504)
- Fixed destroyDevice callers
- Workaround 'Cannot allocate memory' HVM bug
- Santize man pages
* Mon Jan 15 2007 Markus Armbruster <armbru@xxxxxxxxxx> - 3.0.3-4.fc6
- Update Xen paravirt framebuffer patch to upstream xen-unstable
  changeset 13066.  This changes the protocol to the one accepted
  upstream.
- Add compatibility with guests running our initial protocol.

---------------------------------------------------------------------
This update can be downloaded from:
    http://download.fedora.redhat.com/pub/fedora/linux/core/updates/testing/6/

4909964b19864d0669a3c7f9a7850e7a08ee54c2  SRPMS/xen-3.0.3-8.fc6.src.rpm
4909964b19864d0669a3c7f9a7850e7a08ee54c2  noarch/xen-3.0.3-8.fc6.src.rpm
fe8f3c60cded039f4d3ae52b5bdffce4f637e38d  x86_64/debug/xen-debuginfo-3.0.3-8.fc6.x86_64.rpm
afefbf2da04f1503e8bed49dbbccdec68b77da14  x86_64/xen-3.0.3-8.fc6.x86_64.rpm
964e39013a485669b20bebf23dff651304f63ae5  x86_64/xen-libs-3.0.3-8.fc6.x86_64.rpm
7f5296c48ec6f3bf34fb892ea1058e7cad70587d  x86_64/xen-devel-3.0.3-8.fc6.x86_64.rpm
3a1a5fdf74c6b633dd319632b822ac9ed069591e  i386/debug/xen-debuginfo-3.0.3-8.fc6.i386.rpm
e328262cd35838bfbe3bdab4ea758f34135b72d1  i386/xen-libs-3.0.3-8.fc6.i386.rpm
baa6605f92dc2363063ad56a176fa8c6317eb73b  i386/xen-devel-3.0.3-8.fc6.i386.rpm
1d4ba397ebe398b52556cf47e60f4b8c0b85f5f6  i386/xen-3.0.3-8.fc6.i386.rpm

This update can be installed with the 'yum' update program.  Use 'yum update
package-name' at the command line.  For more information, refer to 'Managing
Software with yum,' available at http://fedora.redhat.com/docs/yum/.
---------------------------------------------------------------------

-- 
fedora-test-list mailing list
fedora-test-list@xxxxxxxxxx
To unsubscribe: 
https://www.redhat.com/mailman/listinfo/fedora-test-list

[Index of Archives]     [Fedora Desktop]     [Fedora SELinux]     [Photo Sharing]     [Yosemite Forum]     [KDE Users]