FEDORA-2015-015aec3bf2

security update in Fedora 21 for xen

Status: stable 4 years ago

ui/vnc: limit client_cut_text msg payload size [CVE-2015-5239] (#1259504), e1000: Avoid infinite loop in processing transmit descriptor [CVE-2015-6815] (#1260224), net: add checks to validate ring buffer pointers [CVE-2015-5279] (#1263278), net: avoid infinite loop when receiving packets [CVE-2015-5278] (#1263281), qemu buffer overflow in virtio-serial [CVE-2015-5745] (#1251354)

How to install

sudo dnf upgrade --advisory=FEDORA-2015-015aec3bf2

Comments 4

This update has been submitted for testing by myoung.

This update has been pushed to testing.

This update has been submitted for stable by myoung.

This update has been pushed to stable.

Add Comment & Feedback

Please login to add feedback.

Content Type
RPM
Status
stable
Test Gating
Submitted by
Update Type
security
Update Severity
unspecified
Karma
0
stable threshold: 3
unstable threshold: -3
Autopush (karma)
Enabled
Autopush (time)
Disabled
Dates
submitted 4 years ago
in testing 4 years ago
in stable 4 years ago

Related Bugs 10

00 #1251157 CVE-2015-5745 kernel: qemu buffer overflow in virtio-serial
00 #1251354 CVE-2015-5745 xen: kernel: qemu buffer overflow in virtio-serial [fedora-all]
00 #1256661 CVE-2015-5278 qemu: Infinite loop in ne2000_receive() function
00 #1256672 CVE-2015-5279 qemu: Heap overflow vulnerability in ne2000_receive() function
00 #1257735 CVE-2015-5239 qemu-kvm: Integer overflow in vnc_client_read() and protocol_client_msg()
00 #1259504 CVE-2015-5239 xen: qemu-kvm: Integer overflow in vnc_client_read() and protocol_client_msg() [fedora-all]
00 #1260076 CVE-2015-6815 qemu: net: e1000: infinite loop issue
00 #1260224 xen: Qemu: net: e1000: infinite loop issue [fedora-all]
00 #1263278 CVE-2015-5279 xen: qemu: Heap overflow vulnerability in ne2000_receive() function [fedora-all]
00 #1263281 CVE-2015-5278 xen: qemu: Infinite loop in ne2000_receive() function [fedora-all]

Automated Test Results