FEDORA-2015-12a089920e created by myoung 4 years ago for Fedora 23
stable

eepro100: Prevent two endless loops [CVE-2015-8345], pcnet: fix rx buffer overflow [CVE-2015-7512], ui: vnc: avoid floating point exception [CVE-2015-8504], additional patch for [XSA-158, CVE-2015-8338] long running memory operations on ARM [XSA-158, CVE-2015-8338] XENMEM_exchange error handling issues [XSA-159, CVE-2015-8339, CVE-2015-8340] libxl leak of pv kernel and initrd on error [XSA-160, CVE-2015-8341]


heap buffer overflow vulnerability in pcnet emulator [XSA-162, CVE-2015-7504], virtual PMU is unsupported [XSA-163]

How to install

sudo dnf upgrade --advisory=FEDORA-2015-12a089920e

This update has been submitted for testing by myoung.

4 years ago

This update has obsoleted xen-4.5.2-3.fc23, and has inherited its bugs and notes.

4 years ago

myoung edited this update.

4 years ago

This update has been pushed to testing.

4 years ago
User Icon cserpentis commented & provided feedback 4 years ago
karma

works for me

User Icon mhayden commented & provided feedback 4 years ago
karma

Works for me.

This update has been submitted for stable by bodhi.

3 years ago
User Icon nonamedotc commented & provided feedback 3 years ago
karma

looks ok

This update has been pushed to stable.

3 years ago

Please login to add feedback.

Metadata
Type
security
Karma
3
Signed
Content Type
RPM
Test Gating
Settings
Unstable by Karma
-3
Stable by Karma
3
Dates
submitted
4 years ago
in testing
4 years ago
in stable
3 years ago
modified
4 years ago
BZ#1261461 CVE-2015-7504 Qemu: net: pcnet: heap overflow vulnerability in pcnet_receive
0
0
BZ#1284911 CVE-2015-8338 xen: Long running memory operations on ARM cause DoS
0
0
BZ#1284919 CVE-2015-8339 CVE-2015-8340 xen: XENMEM_exchange error handling may cause DoS to host
0
0
BZ#1284933 CVE-2015-8341 xen: libxl leak of PV kernel can cause OOM condition
0
0
BZ#1285061 CVE-2015-7512 Qemu: net: pcnet: buffer overflow in non-loopback mode
0
0
BZ#1285213 CVE-2015-8345 Qemu: net: eepro100: infinite loop in processing command block list
0
0
BZ#1285215 CVE-2015-8345 xen: Qemu: net: eepro100: infinite loop in processing command block list [fedora-all]
0
0
BZ#1285350 xen: Virtual Performance Measurement Unit feature is unsupported
0
0
BZ#1285351 xen: Virtual Performance Measurement Unit feature is unsupported [fedora-all]
0
0
BZ#1286544 CVE-2015-7504 xen: Qemu: net: pcnet: heap overflow vulnerability in pcnet_receive [fedora-all]
0
0
BZ#1286563 CVE-2015-7512 xen: Qemu: net: pcnet: buffer overflow in non-loopback mode [fedora-all]
0
0
BZ#1289541 CVE-2015-8504 Qemu: ui: vnc: avoid floating point exception
0
0
BZ#1289544 CVE-2015-8504 xen: Qemu: ui: vnc: avoid floating point exception [fedora-all]
0
0
BZ#1289568 CVE-2015-8338 CVE-2015-8339 CVE-2015-8340 CVE-2015-8341 xen: various flaws [fedora-all]
0
0

Automated Test Results