What Are You Looking For?

Sign Up
Date:         Wed, 1 Oct 2008 13:29:51 -0500
Reply-To:     Troy Dawson 
Sender:       Security Errata for Scientific Linux
              
From:         Troy Dawson 
Subject:      FASTBUGS for SL 5.x i386/x86_64
Comments: To: "scientific-linux-errata@fnal.gov"
          

The following FASTBUGS have been uploaded to



         i386:
gnome-terminal-2.16.0-5.3.el5.i386.rpm
cman-2.0.84-2.el5_2.1.i386.rpm
cman-devel-2.0.84-2.el5_2.1.i386.rpm
freeipmi-0.5.1-6.el5.i386.rpm
freeipmi-bmc-watchdog-0.5.1-6.el5.i386.rpm
freeipmi-devel-0.5.1-6.el5.i386.rpm
freeipmi-ipmidetectd-0.5.1-6.el5.i386.rpm
initscripts-8.45.19.1.EL-1.i386.rpm
redhat-menus-6.7.8-3.el5.noarch.rpm
stunnel-4.15-2.el5.1.i386.rpm
        x86_64:
gnome-terminal-2.16.0-5.3.el5.x86_64.rpm
cman-2.0.84-2.el5_2.1.x86_64.rpm
cman-devel-2.0.84-2.el5_2.1.i386.rpm
cman-devel-2.0.84-2.el5_2.1.x86_64.rpm
freeipmi-0.5.1-6.el5.i386.rpm
freeipmi-0.5.1-6.el5.x86_64.rpm
freeipmi-bmc-watchdog-0.5.1-6.el5.x86_64.rpm
freeipmi-devel-0.5.1-6.el5.i386.rpm
freeipmi-devel-0.5.1-6.el5.x86_64.rpm
freeipmi-ipmidetectd-0.5.1-6.el5.x86_64.rpm
initscripts-8.45.19.1.EL-1.x86_64.rpm
redhat-menus-6.7.8-3.el5.noarch.rpm
stunnel-4.15-2.el5.1.x86_64.rpm

-Connie Sieh
-Troy Dawson
Date:         Wed, 1 Oct 2008 13:31:34 -0500
Reply-To:     Troy Dawson 
Sender:       Security Errata for Scientific Linux
              
From:         Troy Dawson 
Subject:      FASTBUGS for SL 4.x i386/x86_64
Comments: To: "scientific-linux-errata@fnal.gov"
          

The following FASTBUGS have been uploaded to


          i386:
fence-1.32.63-1.el4_7.1.i686.rpm
fence-debuginfo-1.32.63-1.el4_7.1.i686.rpm
sos-1.7-6.1.el4_6.3.noarch.rpm
traceroute-1.4a12-26.EL4.1.i386.rpm
traceroute-debuginfo-1.4a12-26.EL4.1.i386.rpm
         x86_64:
fence-1.32.63-1.el4_7.1.x86_64.rpm
fence-debuginfo-1.32.63-1.el4_7.1.x86_64.rpm
sos-1.7-6.1.el4_6.3.noarch.rpm
traceroute-1.4a12-26.EL4.1.x86_64.rpm
traceroute-debuginfo-1.4a12-26.EL4.1.x86_64.rpm


-Connie Sieh
-Troy Dawson
Date:         Wed, 1 Oct 2008 14:22:39 -0500
Reply-To:     Troy Dawson 
Sender:       Security Errata for Scientific Linux
              
From:         Troy Dawson 
Subject:      Security ERRATA for xen on SL5.x i386/x86_64
Comments: To: "scientific-linux-errata@fnal.gov"
          

Synopsis:	Important: xen security and bug fix update
Issue date:	2008-10-01
CVE Names:	CVE-2008-1945 CVE-2008-1952

It was discovered that the hypervisor's para-virtualized framebuffer (PVFB)
backend failed to validate the frontend's framebuffer description properly.
This could allow a privileged user in the unprivileged domain (DomU) to
cause a denial of service, or, possibly, elevate privileges to the
privileged domain (Dom0). (CVE-2008-1952)

A flaw was found in the QEMU block format auto-detection, when running
fully-virtualized guests and using Qemu images written on removable media
(USB storage, 3.5" disks). Privileged users of such fully-virtualized
guests (DomU), with a raw-formatted disk image, were able to write a header
to that disk image describing another format. This could allow such guests
to read arbitrary files in their hypervisor's host (Dom0). (CVE-2008-1945)

Additionally, the following bug is addressed in this update:

* The qcow-create command terminated when invoked due to glibc bounds
checking on the realpath() function.

SL 5.x

    SRPMS:
xen-3.0.3-64.el5_2.3.src.rpm
    i386:
xen-3.0.3-64.el5_2.3.i386.rpm
xen-devel-3.0.3-64.el5_2.3.i386.rpm
xen-libs-3.0.3-64.el5_2.3.i386.rpm
    x86_64:
xen-3.0.3-64.el5_2.3.x86_64.rpm
xen-devel-3.0.3-64.el5_2.3.i386.rpm
xen-devel-3.0.3-64.el5_2.3.x86_64.rpm
xen-libs-3.0.3-64.el5_2.3.i386.rpm
xen-libs-3.0.3-64.el5_2.3.x86_64.rpm

-Connie Sieh
-Troy Dawson

SciLinux: CVE-2008-1945 xen SL5.x i386/x86_64

Important: xen security and bug fix update

Summary

Date:         Wed, 1 Oct 2008 13:29:51 -0500Reply-To:     Troy Dawson Sender:       Security Errata for Scientific Linux              From:         Troy Dawson Subject:      FASTBUGS for SL 5.x i386/x86_64Comments: To: "scientific-linux-errata@fnal.gov"          The following FASTBUGS have been uploaded to         i386:gnome-terminal-2.16.0-5.3.el5.i386.rpmcman-2.0.84-2.el5_2.1.i386.rpmcman-devel-2.0.84-2.el5_2.1.i386.rpmfreeipmi-0.5.1-6.el5.i386.rpmfreeipmi-bmc-watchdog-0.5.1-6.el5.i386.rpmfreeipmi-devel-0.5.1-6.el5.i386.rpmfreeipmi-ipmidetectd-0.5.1-6.el5.i386.rpminitscripts-8.45.19.1.EL-1.i386.rpmredhat-menus-6.7.8-3.el5.noarch.rpmstunnel-4.15-2.el5.1.i386.rpm        x86_64:gnome-terminal-2.16.0-5.3.el5.x86_64.rpmcman-2.0.84-2.el5_2.1.x86_64.rpmcman-devel-2.0.84-2.el5_2.1.i386.rpmcman-devel-2.0.84-2.el5_2.1.x86_64.rpmfreeipmi-0.5.1-6.el5.i386.rpmfreeipmi-0.5.1-6.el5.x86_64.rpmfreeipmi-bmc-watchdog-0.5.1-6.el5.x86_64.rpmfreeipmi-devel-0.5.1-6.el5.i386.rpmfreeipmi-devel-0.5.1-6.el5.x86_64.rpmfreeipmi-ipmidetectd-0.5.1-6.el5.x86_64.rpminitscripts-8.45.19.1.EL-1.x86_64.rpmredhat-menus-6.7.8-3.el5.noarch.rpmstunnel-4.15-2.el5.1.x86_64.rpm-Connie Sieh-Troy DawsonDate:         Wed, 1 Oct 2008 13:31:34 -0500Reply-To:     Troy Dawson Sender:       Security Errata for Scientific Linux              From:         Troy Dawson Subject:      FASTBUGS for SL 4.x i386/x86_64Comments: To: "scientific-linux-errata@fnal.gov"          The following FASTBUGS have been uploaded to          i386:fence-1.32.63-1.el4_7.1.i686.rpmfence-debuginfo-1.32.63-1.el4_7.1.i686.rpmsos-1.7-6.1.el4_6.3.noarch.rpmtraceroute-1.4a12-26.EL4.1.i386.rpmtraceroute-debuginfo-1.4a12-26.EL4.1.i386.rpm         x86_64:fence-1.32.63-1.el4_7.1.x86_64.rpmfence-debuginfo-1.32.63-1.el4_7.1.x86_64.rpmsos-1.7-6.1.el4_6.3.noarch.rpmtraceroute-1.4a12-26.EL4.1.x86_64.rpmtraceroute-debuginfo-1.4a12-26.EL4.1.x86_64.rpm-Connie Sieh-Troy DawsonDate:         Wed, 1 Oct 2008 14:22:39 -0500Reply-To:     Troy Dawson Sender:       Security Errata for Scientific Linux              From:         Troy Dawson Subject:      Security ERRATA for xen on SL5.x i386/x86_64Comments: To: "scientific-linux-errata@fnal.gov"          Synopsis:	Important: xen security and bug fix updateIssue date:	2008-10-01CVE Names:	CVE-2008-1945 CVE-2008-1952It was discovered that the hypervisor's para-virtualized framebuffer (PVFB)backend failed to validate the frontend's framebuffer description properly.This could allow a privileged user in the unprivileged domain (DomU) tocause a denial of service, or, possibly, elevate privileges to theprivileged domain (Dom0). (CVE-2008-1952)A flaw was found in the QEMU block format auto-detection, when runningfully-virtualized guests and using Qemu images written on removable media(USB storage, 3.5" disks). Privileged users of such fully-virtualizedguests (DomU), with a raw-formatted disk image, were able to write a headerto that disk image describing another format. This could allow such gueststo read arbitrary files in their hypervisor's host (Dom0). (CVE-2008-1945)Additionally, the following bug is addressed in this update:* The qcow-create command terminated when invoked due to glibc boundschecking on the realpath() function.SL 5.x    SRPMS:xen-3.0.3-64.el5_2.3.src.rpm    i386:xen-3.0.3-64.el5_2.3.i386.rpmxen-devel-3.0.3-64.el5_2.3.i386.rpmxen-libs-3.0.3-64.el5_2.3.i386.rpm    x86_64:xen-3.0.3-64.el5_2.3.x86_64.rpmxen-devel-3.0.3-64.el5_2.3.i386.rpmxen-devel-3.0.3-64.el5_2.3.x86_64.rpmxen-libs-3.0.3-64.el5_2.3.i386.rpmxen-libs-3.0.3-64.el5_2.3.x86_64.rpm-Connie Sieh-Troy Dawson



Security Fixes

Severity

Related News

Security Highlights from KubeCon + CloudNativeCon 2023

Nov 18, 2023

Kubernetes Security on AWS: A Practical Guide

Nov 18, 2023

Nitrux 3.2.0 Linux Distro Released with Enhanced Security and New Features

Nov 28, 2023

Kinsing Hackers Exploit Apache ActiveMQ Vulnerability to Deploy Linux Rootkits

Nov 25, 2023

News

Advisories

HOWTOs

Features

Unlocking the Future of Authentication: Passkeys vs. Passwords
Empowering MSPs with Straightforward Linux Device Management
A Complete Guide to Torrenting Safely in 2024
Cloud Security Basics for Small Businesses
Scanning and Defending Networks with Nmap

About Us

Powered By

Footer Logo