FEDORA-2016-a56fb613a8 created by crobinso 3 years ago for Fedora 24
stable
  • CVE-2016-6351: scsi: esp: OOB write access in esp_do_dma (bz #1360600)
  • CVE-2016-6833: vmxnet3: use-after-free (bz #1368982)
  • CVE-2016-6490: virtio: infinite loop in virtqueue_pop (bz #1361428)
  • CVE-2016-7156: pvscsi: infinite loop when building SG list (bz #1373480)
  • CVE-2016-7170: vmware_vga: OOB stack memory access (bz #1374709)
  • CVE-2016-7161: net: Heap overflow in xlnx.xps-ethernetlite (bz #1379298)
  • CVE-2016-7466: usb: xhci memory leakage during device unplug (bz #1377838)
  • CVE-2016-7422: virtio: null pointer dereference (bz #1376756)
  • CVE-2016-7908: net: Infinite loop in mcf_fec_do_tx (bz #1381193)
  • CVE-2016-8576: usb: xHCI: infinite loop vulnerability (bz #1382322)
  • CVE-2016-7995: usb: hcd-ehci: memory leak (bz #1382669)
  • Don't depend on edk2 roms where they aren't available (bz #1373576)

How to install

sudo dnf upgrade --advisory=FEDORA-2016-a56fb613a8

This update has been submitted for testing by crobinso.

3 years ago
User Icon dhgutteridge commented & provided feedback 3 years ago
karma

No regressions noted. (Includes use of various USB and vmware_vga.)

This update has been pushed to testing.

3 years ago
User Icon nivag commented & provided feedback 3 years ago

On trying to install using dnf, I got:

Error: package qemu-user-static-2:2.6.2-2.fc24.x86_64 conflicts with qemu-user-binfmt provided by qemu-user-binfmt-2:2.6.2-2.fc24.x86_64

Both these were download by bodhi!!!!

User Icon cserpentis commented & provided feedback 3 years ago
karma

works for me

This update has been submitted for stable by bodhi.

3 years ago
User Icon lupinix commented & provided feedback 3 years ago
karma

works fine

This update has been pushed to stable.

3 years ago

Please login to add feedback.

Metadata
Type
security
Karma
3
Signed
Content Type
RPM
Test Gating
Settings
Unstable by Karma
-3
Stable by Karma
3
Stable by Time
disabled
Dates
submitted
3 years ago
in testing
3 years ago
in stable
3 years ago
BZ#1327465 CVE-2016-7908 Qemu: net: Infinite loop in mcf_fec_do_tx()
0
0
BZ#1333425 CVE-2016-8576 Qemu: usb: xHCI: infinite loop vulnerability in xhci_ring_fetch
0
0
BZ#1360599 CVE-2016-6351 Qemu: scsi: esp: OOB write access in esp_do_dma
0
0
BZ#1360600 CVE-2016-6351 Qemu: scsi: esp: OOB write access in esp_do_dma [fedora-all]
0
0
BZ#1361427 CVE-2016-6490 Qemu: virtio: infinite loop in virtqueue_pop
0
0
BZ#1361428 CVE-2016-6490 Qemu: virtio: infinite loop in virtqueue_pop [fedora-all]
0
0
BZ#1368980 CVE-2016-6833 Qemu: net: vmxnet3: use-after-free while writing to device
0
0
BZ#1368982 CVE-2016-6833 Qemu: net: vmxnet3: use-after-free while writing to device [fedora-all]
0
0
BZ#1373478 CVE-2016-7156 Qemu: scsi: pvscsi: infintie loop when building SG list
0
0
BZ#1373480 CVE-2016-7156 Qemu: scsi: pvscsi: infintie loop when building SG list [fedora-all]
0
0
BZ#1373576 Unable to install qemu-2:2.7.0-0.2.rc3 on fc25 Alpha1.2 ppc64le
0
0
BZ#1374702 CVE-2016-7170 Qemu: vmware_vga: OOB stack memory access when processing svga command
0
0
BZ#1374709 CVE-2016-7170 Qemu: vmware_vga: OOB stack memory access when processing svga command [fedora-all]
0
0
BZ#1376755 CVE-2016-7422 Qemu: virtio: null pointer dereference in virtqueu_map_desc
0
0
BZ#1376756 CVE-2016-7422 Qemu: virtio: null pointer dereference in virtqueu_map_desc [fedora-all]
0
0
BZ#1377837 CVE-2016-7466 Qemu: usb: xhci memory leakage during device unplug
0
0
BZ#1377838 CVE-2016-7466 Qemu: usb: xhci memory leakage during device unplug [fedora-all]
0
0
BZ#1379297 CVE-2016-7161 qemu: hw: net: Heap overflow in xlnx.xps-ethernetlite
0
0
BZ#1379298 CVE-2016-7161 qemu: hw: net: Heap overflow in xlnx.xps-ethernetlite [fedora-all]
0
0
BZ#1381193 CVE-2016-7908 Qemu: net: Infinite loop in mcf_fec_do_tx() [fedora-all]
0
0
BZ#1382322 CVE-2016-8576 Qemu: usb: xHCI: infinite loop vulnerability in xhci_ring_fetch [fedora-all]
0
0
BZ#1382668 CVE-2016-7995 Qemu: usb: hcd-ehci: memory leak in ehci_process_itd
0
0
BZ#1382669 CVE-2016-7995 Qemu: usb: hcd-ehci: memory leak in ehci_process_itd [fedora-all]
0
0

Automated Test Results