FEDORA-2017-ed735463e3 created by myoung 2 years ago for Fedora 25
stable

Qemu: usb: ohci: infinite loop due to incorrect return value [CVE-2017-9330] (#1457698) Qemu: qemu-nbd: server breaks with SIGPIPE upon client abort [CVE-2017-10664] (#1466466) revised full fix for XSA-226 (regressed 32-bit Dom0 or backend domains)


full fix for XSA-226, replacing workaround drop conflict of xendomain and libvirtd as can cause problems (#1398590) add-to-physmap error paths fail to release lock on ARM [XSA-235] (#1484476) Qemu: audio: host memory leakage via capture buffer [CVE-2017-8309] (#1446521) Qemu: input: host memory leakage via keyboard events [CVE-2017-8379] (#1446561)


Qemu: serial: host memory leakage 16550A UART emulation [CVE-2017-5579] (#1416162) Qemu: display: cirrus: OOB read access issue [CVE-2017-7718] (#1443444) xen: various flaws (#1481765) multiple problems with transitive grants [XSA-226, CVE-2017-12135] x86: PV privilege escalation via map_grant_ref [XSA-227, CVE-2017-12137] grant_table: Race conditions with maptrack free list handling [XSA-228, CVE-2017-12136] grant_table: possibly premature clearing of GTF_writing / GTF_reading [XSA-230, CVE-2017-12855]

How to install

sudo dnf upgrade --advisory=FEDORA-2017-ed735463e3

This update has been submitted for testing by myoung.

2 years ago

This update has obsoleted xen-4.7.3-3.fc25, and has inherited its bugs and notes.

2 years ago

This update has been pushed to testing.

2 years ago
User Icon filiperosset commented & provided feedback 2 years ago
karma

no regressions noted

User Icon cserpentis commented & provided feedback 2 years ago
karma

works for me in a VM

This update has reached 7 days in testing and can be pushed to stable now if the maintainer wishes

2 years ago

This update has been submitted for stable by myoung.

2 years ago

This update has been pushed to stable.

2 years ago

Please login to add feedback.

Metadata
Type
security
Karma
2
Signed
Content Type
RPM
Test Gating
Settings
Unstable by Karma
-3
Stable by Karma
3
Dates
submitted
2 years ago
in testing
2 years ago
in stable
2 years ago
BZ#1398590 libvirtd doesn't start after reboot even though it's 'enabled'
0
0
BZ#1416162 CVE-2017-5579 xen: Qemu: serial: host memory leakage 16550A UART emulation [fedora-all]
0
0
BZ#1443444 CVE-2017-7718 xen: Qemu: display: cirrus: OOB read access issue [fedora-all]
0
0
BZ#1446517 CVE-2017-8309 Qemu: audio: host memory leakage via capture buffer
0
0
BZ#1446521 CVE-2017-8309 xen: Qemu: audio: host memory lekage via capture buffer [fedora-all]
0
0
BZ#1446547 CVE-2017-8379 Qemu: input: host memory lekage via keyboard events
0
0
BZ#1446561 CVE-2017-8379 xen: Qemu: input: host memory lekage via keyboard events [fedora-all]
0
0
BZ#1457697 CVE-2017-9330 Qemu: usb: ohci: infinite loop due to incorrect return value
0
0
BZ#1457698 CVE-2017-9330 xen: Qemu: usb: ohci: infinite loop due to incorrect return value [fedora-all]
0
0
BZ#1466190 CVE-2017-10664 Qemu: qemu-nbd: server breaks with SIGPIPE upon client abort
0
0
BZ#1466466 CVE-2017-10664 xen: Qemu: qemu-nbd: server breaks with SIGPIPE upon client abort [fedora-all]
0
0
BZ#1477651 CVE-2017-12136 xsa228 xen: grant_table: Race conditions with maptrack free list handling (XSA-228)
0
0
BZ#1477655 CVE-2017-12135 xsa226 xen: possibly unbounded recursion in grant table code (XSA-226)
0
0
BZ#1477657 CVE-2017-12137 xsa227 xen: x86: PV privilege escalation via map_grant_ref (XSA-227)
0
0
BZ#1481762 CVE-2017-12855 xsa230 CVE-2017-12855 xen: grant_table: possibly premature clearing of GTF_writing / GTF_reading (XSA-230)
0
0
BZ#1481765 CVE-2017-12134 CVE-2017-12135 CVE-2017-12136 CVE-2017-12137 CVE-2017-12855 xen: various flaws [fedora-all]
0
0
BZ#1484476 xsa235 xen: add-to-physmap error paths fail to release lock on ARM
0
0

Automated Test Results