FEDORA-2016-7b6fbff620

security update in Fedora 25 for xen

Status: stable 2 years ago

several qemu security fixes

Comments 9

This update has been submitted for testing by myoung.

This update has been pushed to testing.

no regression

karma: +1

zoiks. that's a lot of CVEs. is there value in making this a freeze exception for F25, since freeze is in ~6 hours?

It looks worse than it is as a lot of the qemu fixes aren't reached in the Fedora build.

Works great! LGTM! =)

karma: +1

This update has been submitted for stable by bodhi.

works for me

karma: +1

This update has been pushed to stable.

Add Comment & Feedback

Please login to add feedback.

Content Type
RPM
Status
stable
Test Gating
Submitted by
Update Type
security
Update Severity
unspecified
Karma
+3
stable threshold: 3
unstable threshold: -3
Autopush (karma)
Enabled
Autopush (time)
Disabled
Dates
submitted 2 years ago
in testing 2 years ago
in stable 2 years ago

Related Bugs 21

00 #1327626 Qemu: timer: a9gtimer: Infinite loop unfolds when updating a9gtimer
00 #1333425 CVE-2016-8576 Qemu: usb: xHCI: infinite loop vulnerability in xhci_ring_fetch
00 #1382323 CVE-2016-8576 xen: Qemu: usb: xHCI: infinite loop vulnerability in xhci_ring_fetch [fedora-all]
00 #1383287 CVE-2016-8577 xen: Qemu: 9pfs: host memory leakage in v9fs_read [fedora-all]
00 #1383291 CVE-2016-8578 Qemu: 9pfs: potential NULL dereferencein 9pfs routines
00 #1383293 CVE-2016-8578 xen: Qemu: 9pfs: potential NULL dereferencein 9pfs routines [fedora-all]
00 #1384909 CVE-2016-8669 Qemu: char: divide by zero error in serial_update_parameters
00 #1384910 CVE-2016-8669 xen: Qemu: char: divide by zero error in serial_update_parameters [fedora-all]
00 #1388046 CVE-2016-8910 Qemu: net: rtl8139: infinite loop while transmit in C+ mode
00 #1388048 CVE-2016-8910 xen: Qemu: net: rtl8139: infinite loop while transmit in C+ mode [fedora-all]
00 #1388301 xen: qemu-kvm: Infinite loop vulnerability in a9_gtimer_update() [fedora-all]
00 #1389550 CVE-2016-9102 Qemu: 9pfs: memory leakage when creating extended attribute
00 #1389552 CVE-2016-9102 xen: Qemu: 9pfs: memory leakage when creating extended attribute [fedora-all]
00 #1389642 CVE-2016-9103 Qemu: 9pfs: information leakage via xattr
00 #1389644 CVE-2016-9103 xen: Qemu: 9pfs: information leakage via xattr [fedora-all]
00 #1389686 CVE-2016-9104 Qemu: 9pfs: integer overflow leading to OOB access
00 #1389689 CVE-2016-9104 xen: Qemu: 9pfs: integer overflow leading to OOB access [fedora-all]
00 #1389702 CVE-2016-9105 Qemu: 9pfs: memory leakage in v9fs_link
00 #1389705 CVE-2016-9105 xen: Qemu: 9pfs: memory leakage in v9fs_link [fedora-all]
00 #1389712 CVE-2016-9106 Qemu: 9pfs: memory leakage in v9fs_write
00 #1389714 CVE-2016-9106 xen: Qemu: 9pfs: memory leakage in v9fs_write [fedora-all]

Automated Test Results