{"update": {"autokarma": true, "autotime": false, "stable_karma": 3, "stable_days": 0, "unstable_karma": -3, "require_bugs": true, "require_testcases": true, "display_name": "", "notes": "Qemu: 9pfs: host memory leakage via v9fs_create [CVE-2017-7377] (#1437873)\nx86: broken check in memory_exchange() permits PV guest breakout\n[XSA-212, CVE-2017-7228] (#1438804)", "type": "security", "status": "stable", "request": null, "severity": "unspecified", "suggest": "unspecified", "locked": false, "pushed": true, "critpath": false, "critpath_groups": null, "close_bugs": true, "date_submitted": "2017-04-05 20:30:36", "date_modified": null, "date_approved": null, "date_testing": "2017-04-06 18:56:12", "date_stable": "2017-04-08 21:44:40", "alias": "FEDORA-2017-054729ab08", "test_gating_status": null, "from_tag": null, "date_pushed": "2017-04-08 21:44:40", "meets_testing_requirements": false, "url": "https://bodhi.fedoraproject.org/updates/FEDORA-2017-054729ab08", "title": "xen-4.7.2-5.fc25", "version_hash": "51c58461511e4217700d7b947e3aa91b19fc8478", "release": {"name": "F25", "long_name": "Fedora 25", "version": "25", "id_prefix": "FEDORA", "branch": "f25", "dist_tag": "f25", "stable_tag": "f25-updates", "testing_tag": "f25-updates-testing", "candidate_tag": "f25-updates-candidate", "pending_signing_tag": "f25-signing-pending", "pending_testing_tag": "f25-updates-testing-pending", "pending_stable_tag": "f25-updates-pending", "override_tag": "f25-override", "mail_template": "fedora_errata_template", "state": "archived", "composed_by_bodhi": true, "create_automatic_updates": null, "package_manager": "dnf", "testing_repository": "updates-testing", "released_on": null, "eol": null, "critpath_mandatory_days_in_testing": 14, "mandatory_days_in_testing": 7, "critpath_min_karma": 2, "min_karma": 1, "setting_status": null}, "user": {"name": "myoung", "email": "m.a.young@durham.ac.uk", "id": 129, "avatar": "https://seccdn.libravatar.org/avatar/cafef3050bdaacd4f890e9dfb2c45ae779cd95d6f836095f281368927146a63a?s=24&d=retro", "openid": "myoung.id.fedoraproject.org", "groups": [{"name": "packager"}, {"name": "ipausers"}, {"name": "fedora-contributor"}, {"name": "signed_fpca"}, {"name": "fedorabugs"}]}, "comments": [{"karma": 0, "karma_critpath": 0, "text": "This update has been submitted for testing by myoung. ", "timestamp": "2017-04-05 20:30:36", "update_id": 84427, "user_id": 91, "id": 588490, "bug_feedback": [], "testcase_feedback": [], "user": {"name": "bodhi", "email": null, "id": 91, "avatar": "https://apps.fedoraproject.org/img/icons/bodhi-24.png", "openid": "bodhi.id.fedoraproject.org", "groups": []}}, {"karma": 0, "karma_critpath": 0, "text": "This update has been pushed to testing.", "timestamp": "2017-04-06 20:25:03", "update_id": 84427, "user_id": 91, "id": 589082, "bug_feedback": [], "testcase_feedback": [], "user": {"name": "bodhi", "email": null, "id": 91, "avatar": "https://apps.fedoraproject.org/img/icons/bodhi-24.png", "openid": "bodhi.id.fedoraproject.org", "groups": []}}, {"karma": 1, "karma_critpath": 0, "text": "+1", "timestamp": "2017-04-07 06:58:16", "update_id": 84427, "user_id": 506, "id": 589383, "bug_feedback": [{"karma": 0, "comment_id": 589383, "bug_id": 1437873, "bug": {"bug_id": 1437873, "title": "CVE-2017-7377 xen: Qemu: 9pfs: host memory leakage via v9fs_create [fedora-all]", "security": true, "parent": false}}, {"karma": 0, "comment_id": 589383, "bug_id": 1438804, "bug": {"bug_id": 1438804, "title": "CVE-2017-7228 xen: xsa212 xen: x86: broken check in memory_exchange() permits PV guest breakout (XSA-212) [fedora-all]", "security": true, "parent": false}}, {"karma": 0, "comment_id": 589383, "bug_id": 1437871, "bug": {"bug_id": 1437871, "title": "CVE-2017-7377 Qemu: 9pfs: host memory leakage via v9fs_create", "security": true, "parent": true}}, {"karma": 0, "comment_id": 589383, "bug_id": 1434741, "bug": {"bug_id": 1434741, "title": "CVE-2017-7228 xsa212 xen: x86: broken check in memory_exchange() permits PV guest breakout (XSA-212)", "security": true, "parent": true}}], "testcase_feedback": [], "user": {"name": "smithp", "email": "smithpeter835@yahoo.co.uk", "id": 506, "avatar": "https://seccdn.libravatar.org/avatar/cdf0e9eb825568e6173694f0d1788bd389a980b3497928ce6f44f889943928a5?s=24&d=retro", "openid": "smithp.id.fedoraproject.org", "groups": [{"name": "ipausers"}]}}, {"karma": 1, "karma_critpath": 0, "text": "works for me", "timestamp": "2017-04-07 08:16:34", "update_id": 84427, "user_id": 739, "id": 589442, "bug_feedback": [], "testcase_feedback": [], "user": {"name": "cserpentis", "email": "cserpentis@gmail.com", "id": 739, "avatar": "https://seccdn.libravatar.org/avatar/a3febfef42f58ed535f3c3a3cf9743653cd774dbb6e4554e2ce7c847d9802b6c?s=24&d=retro", "openid": "cserpentis.id.fedoraproject.org", "groups": [{"name": "packager"}, {"name": "ipausers"}, {"name": "fedora-contributor"}, {"name": "signed_fpca"}, {"name": "fedorabugs"}]}}, {"karma": 1, "karma_critpath": 0, "text": "Works", "timestamp": "2017-04-08 16:49:48", "update_id": 84427, "user_id": 491, "id": 590156, "bug_feedback": [], "testcase_feedback": [], "user": {"name": "pwalter", "email": "walter.pete@yandex.com", "id": 491, "avatar": "https://seccdn.libravatar.org/avatar/20f7756718e08ef810fe23344dfdcafe17dfb277e2c27d5cbf81e35b66247795?s=24&d=retro", "openid": "pwalter.id.fedoraproject.org", "groups": [{"name": "packager"}, {"name": "provenpackager"}, {"name": "ipausers"}, {"name": "fedora-contributor"}, {"name": "signed_fpca"}, {"name": "fedorabugs"}]}}, {"karma": 0, "karma_critpath": 0, "text": "This update has been submitted for stable by bodhi. ", "timestamp": "2017-04-08 16:49:50", "update_id": 84427, "user_id": 91, "id": 590157, "bug_feedback": [], "testcase_feedback": [], "user": {"name": "bodhi", "email": null, "id": 91, "avatar": "https://apps.fedoraproject.org/img/icons/bodhi-24.png", "openid": "bodhi.id.fedoraproject.org", "groups": []}}, {"karma": 0, "karma_critpath": 0, "text": "This update has been pushed to stable.", "timestamp": "2017-04-09 02:55:42", "update_id": 84427, "user_id": 91, "id": 590376, "bug_feedback": [], "testcase_feedback": [], "user": {"name": "bodhi", "email": null, "id": 91, "avatar": "https://apps.fedoraproject.org/img/icons/bodhi-24.png", "openid": "bodhi.id.fedoraproject.org", "groups": []}}], "builds": [{"nvr": "xen-4.7.2-5.fc25", "signed": true, "release_id": 15, "type": "rpm", "epoch": 0}], "bugs": [{"bug_id": 1434741, "title": "CVE-2017-7228 xsa212 xen: x86: broken check in memory_exchange() permits PV guest breakout (XSA-212)", "security": true, "parent": true, "feedback": [{"karma": 0, "comment_id": 589383, "bug_id": 1434741, "comment": {"karma": 1, "karma_critpath": 0, "text": "+1", "timestamp": "2017-04-07 06:58:16", "update_id": 84427, "user_id": 506, "id": 589383, "testcase_feedback": [], "user": {"name": "smithp", "email": "smithpeter835@yahoo.co.uk", "id": 506, "avatar": "https://seccdn.libravatar.org/avatar/cdf0e9eb825568e6173694f0d1788bd389a980b3497928ce6f44f889943928a5?s=24&d=retro", "openid": "smithp.id.fedoraproject.org", "groups": [{"name": "ipausers"}]}}}]}, {"bug_id": 1437871, "title": "CVE-2017-7377 Qemu: 9pfs: host memory leakage via v9fs_create", "security": true, "parent": true, "feedback": [{"karma": 0, "comment_id": 589383, "bug_id": 1437871, "comment": {"karma": 1, "karma_critpath": 0, "text": "+1", "timestamp": "2017-04-07 06:58:16", "update_id": 84427, "user_id": 506, "id": 589383, "testcase_feedback": [], "user": {"name": "smithp", "email": "smithpeter835@yahoo.co.uk", "id": 506, "avatar": "https://seccdn.libravatar.org/avatar/cdf0e9eb825568e6173694f0d1788bd389a980b3497928ce6f44f889943928a5?s=24&d=retro", "openid": "smithp.id.fedoraproject.org", "groups": [{"name": "ipausers"}]}}}, {"karma": 0, "comment_id": 634888, "bug_id": 1437871, "comment": {"karma": 1, "karma_critpath": 1, "text": "No regressions noted.", "timestamp": "2017-07-14 02:26:08", "update_id": 92218, "user_id": 194, "id": 634888, "testcase_feedback": [], "user": {"name": "dhgutteridge", "email": "dhgutteridge@hotmail.com", "id": 194, "avatar": "https://seccdn.libravatar.org/avatar/95e7a46aa03707373935111628c2b387339f570b9175d20455a53fd00acafbcb?s=24&d=retro", "openid": "dhgutteridge.id.fedoraproject.org", "groups": [{"name": "ipausers"}]}}}, {"karma": 0, "comment_id": 635344, "bug_id": 1437871, "comment": {"karma": 1, "karma_critpath": 0, "text": "No regressions.", "timestamp": "2017-07-15 00:51:28", "update_id": 92218, "user_id": 273, "id": 635344, "testcase_feedback": [], "user": {"name": "wolnei", "email": "e@wolnei.com.br", "id": 273, "avatar": "https://seccdn.libravatar.org/avatar/80619c350617edf030f2667bd8ffe77ff68f515022f339677c4571a0b2ec8296?s=24&d=retro", "openid": "wolnei.id.fedoraproject.org", "groups": [{"name": "qa"}, {"name": "ipausers"}, {"name": "fedora-contributor"}, {"name": "signed_fpca"}, {"name": "fedorabugs"}, {"name": "ambassadors"}, {"name": "fedora-br"}, {"name": "triagers"}, {"name": "advocates"}]}}}, {"karma": 0, "comment_id": 637723, "bug_id": 1437871, "comment": {"karma": 1, "karma_critpath": 1, "text": "I tested this on my development system with vagrant-libvirt and the things I do seem to work well.", "timestamp": "2017-07-20 22:54:32", "update_id": 92218, "user_id": 2897, "id": 637723, "testcase_feedback": [], "user": {"name": "bowlofeggs", "email": "randy@electronsweatshop.com", "id": 2897, "avatar": "https://seccdn.libravatar.org/avatar/74e6735e7dfd745bcd1aba3f64ead2d32631373aae819d812c28f339c5700ed8?s=24&d=retro", "openid": "bowlofeggs.id.fedoraproject.org", "groups": [{"name": "packager"}, {"name": "provenpackager"}, {"name": "ipausers"}, {"name": "fedora-contributor"}, {"name": "signed_fpca"}, {"name": "fedorabugs"}, {"name": "communishift"}, {"name": "atomic-wg"}, {"name": "erlang"}, {"name": "erlang-maint-sig"}]}}}]}, {"bug_id": 1437873, "title": "CVE-2017-7377 xen: Qemu: 9pfs: host memory leakage via v9fs_create [fedora-all]", "security": true, "parent": false, "feedback": [{"karma": 0, "comment_id": 589383, "bug_id": 1437873, "comment": {"karma": 1, "karma_critpath": 0, "text": "+1", "timestamp": "2017-04-07 06:58:16", "update_id": 84427, "user_id": 506, "id": 589383, "testcase_feedback": [], "user": {"name": "smithp", "email": "smithpeter835@yahoo.co.uk", "id": 506, "avatar": "https://seccdn.libravatar.org/avatar/cdf0e9eb825568e6173694f0d1788bd389a980b3497928ce6f44f889943928a5?s=24&d=retro", "openid": "smithp.id.fedoraproject.org", "groups": [{"name": "ipausers"}]}}}]}, {"bug_id": 1438804, "title": "CVE-2017-7228 xen: xsa212 xen: x86: broken check in memory_exchange() permits PV guest breakout (XSA-212) [fedora-all]", "security": true, "parent": false, "feedback": [{"karma": 0, "comment_id": 589383, "bug_id": 1438804, "comment": {"karma": 1, "karma_critpath": 0, "text": "+1", "timestamp": "2017-04-07 06:58:16", "update_id": 84427, "user_id": 506, "id": 589383, "testcase_feedback": [], "user": {"name": "smithp", "email": "smithpeter835@yahoo.co.uk", "id": 506, "avatar": "https://seccdn.libravatar.org/avatar/cdf0e9eb825568e6173694f0d1788bd389a980b3497928ce6f44f889943928a5?s=24&d=retro", "openid": "smithp.id.fedoraproject.org", "groups": [{"name": "ipausers"}]}}}]}], "updateid": "FEDORA-2017-054729ab08", "karma": 3, "content_type": "rpm", "test_cases": []}, "can_edit": false, "ci_allowed": false}