paravirtualized drivers incautious about shared memory contents [XSA-155, CVE-2015-8550] qemu-dm buffer overrun in MSI-X handling [XSA-164, CVE-2015-8554] information leak in legacy x86 FPU/XMM initialization [XSA-165, CVE-2015-8555] ioreq handling possibly susceptible to multiple read issue [XSA-166]. -------------------------------------------------------------------------------- Fedora Update Notification FEDORA-2015-c44bd3e0fa 2016-01-02 19:00:01.936286 -------------------------------------------------------------------------------- Name : xen Product : Fedora 22 Version : 4.5.2 Release : 6.fc22 URL : https://xenproject.org/ Summary : Xen is a virtual machine monitor Description : This package contains the XenD daemon and xm command line tools, needed to manage virtual machines running under the Xen hypervisor -------------------------------------------------------------------------------- Update Information: paravirtualized drivers incautious about shared memory contents [XSA-155, CVE-2015-8550] qemu-dm buffer overrun in MSI-X handling [XSA-164, CVE-2015-8554] information leak in legacy x86 FPU/XMM initialization [XSA-165, CVE-2015-8555] ioreq handling possibly susceptible to multiple read issue [XSA-166] -------------------------------------------------------------------------------- References: [ 1 ] Bug #1290365 - xsa166 xen: ioreq handling possibly susceptible to multiple read issue (XSA-166) https://bugzilla.redhat.com/show_bug.cgi?id=1290365 [ 2 ] Bug #1289129 - CVE-2015-8554 xsa164 xen: qemu-dm buffer overrun in MSI-X handling (XSA-164) https://bugzilla.redhat.com/show_bug.cgi?id=1289129 [ 3 ] Bug #1289130 - CVE-2015-8555 xsa165 xen: information leak in legacy x86 FPU/XMM initialization (XSA-165) https://bugzilla.redhat.com/show_bug.cgi?id=1289130 [ 4 ] Bug #1289125 - CVE-2015-8550 xsa155 xen: paravirtualized drivers incautious about shared memory contents (XSA-155) https://bugzilla.redhat.com/show_bug.cgi?id=1289125 -------------------------------------------------------------------------------- This update can be installed with the "yum" update program. Use su -c 'yum update xen' at the command line. For more information, refer to "Managing Software with yum", available at . All packages are signed with the Fedora Project GPG key. More details on the GPG keys used by the Fedora Project can be found at https://fedoraproject.org/security/ -------------------------------------------------------------------------------- _______________________________________________ package-announce mailing list
paravirtualized drivers incautious about shared memory contents [XSA-155, CVE-2015-8550] qemu-dm buffer overrun in MSI-X handling [XSA-164, CVE-2015-8554] information leak in legacy x86 FPU/XMM initialization [XSA-165, CVE-2015-8555] ioreq handling possibly susceptible to multiple read issue [XSA-166]. -------------------------------------------------------------------------------- Fedora Update Notification FEDORA-2015-d8253e2b1d 2015-12-22 17:48:56.349575 -------------------------------------------------------------------------------- Name : xen Product : Fedora 23 Version : 4.5.2 Release : 6.fc23 URL : https://xenproject.org/ Summary : Xen is a virtual machine monitor Description : This package contains the XenD daemon and xm command line tools, needed to manage virtual machines running under the Xen hypervisor -------------------------------------------------------------------------------- Update Information: paravirtualized drivers incautious about shared memory contents [XSA-155, CVE-2015-8550] qemu-dm buffer overrun in MSI-X handling [XSA-164, CVE-2015-8554] information leak in legacy x86 FPU/XMM initialization [XSA-165, CVE-2015-8555] ioreq handling possibly susceptible to multiple read issue [XSA-166] -------------------------------------------------------------------------------- References: [ 1 ] Bug #1290365 - xsa166 xen: ioreq handling possibly susceptible to multiple read issue (XSA-166) https://bugzilla.redhat.com/show_bug.cgi?id=1290365 [ 2 ] Bug #1289129 - CVE-2015-8554 xsa164 xen: qemu-dm buffer overrun in MSI-X handling (XSA-164) https://bugzilla.redhat.com/show_bug.cgi?id=1289129 [ 3 ] Bug #1289130 - CVE-2015-8555 xsa165 xen: information leak in legacy x86 FPU/XMM initialization (XSA-165) https://bugzilla.redhat.com/show_bug.cgi?id=1289130 [ 4 ] Bug #1289125 - CVE-2015-8550 xsa155 xen: paravirtualized drivers incautious about shared memory contents (XSA-155) https://bugzilla.redhat.com/show_bug.cgi?id=1289125 -------------------------------------------------------------------------------- This update can be installed with the "yum" update program. Use su -c 'yum update xen' at the command line. For more information, refer to "Managing Software with yum", available at . All packages are signed with the Fedora Project GPG key. More details on the GPG keys used by the Fedora Project can be found at https://fedoraproject.org/security/ -------------------------------------------------------------------------------- _______________________________________________ package-announce mailing list
Get the latest Linux and open source security news straight to your inbox.