Fedora 25: 2017-f7fd3fe7eb Critical: Xen Grant Table Security Flaws

This package contains the XenD daemon and xm command line

tools, needed to manage virtual machines running under the

Xen hypervisor

xen: various flaws (#1490884) Missing NUMA node parameter verification [XSA-231,

CVE-2017-14316] Missing check for grant table [XSA-232, CVE-2017-14318]

cxenstored: Race in domain cleanup [XSA-233, CVE-2017-14317] insufficient grant

unmapping checks for x86 PV guests [XSA-234, CVE-2017-14319]

[ 1 ] Bug #1486707 - CVE-2017-14316 xsa231 xen: Missing NUMA node parameter verification (XSA-231)

https://bugzilla.redhat.com/show_bug.cgi?id=1486707

[ 2 ] Bug #1486708 - CVE-2017-14318 xsa232 xen: Missing check for grant table (XSA-232)

https://bugzilla.redhat.com/show_bug.cgi?id=1486708

[ 3 ] Bug #1486709 - CVE-2017-14317 xsa233 xen: cxenstored: Race in domain cleanup (XSA-233)

https://bugzilla.redhat.com/show_bug.cgi?id=1486709

[ 4 ] Bug #1486710 - CVE-2017-14319 xsa234 xen: insufficient grant unmapping checks for x86 PV guests (XSA-234)

https://bugzilla.redhat.com/show_bug.cgi?id=1486710

su -c 'dnf upgrade xen' at the command line.

For more information, refer to the dnf documentation available at

https://dnf.readthedocs.io/en/latest/command_ref.html

All packages are signed with the Fedora Project GPG key. More details on the

GPG keys used by the Fedora Project can be found at

https://fedoraproject.org/security/

package-announce mailing list -- package-announce@lists.fedoraproject.org

To unsubscribe send an email to package-announce-leave@lists.fedoraproject.org