Описание
ELSA-2008-0194: xen security and bug fix update (IMPORTANT)
[3.0.3-41.el5_1.5]
- Disable QEMU image format auto-detection CVE-2008-2004 (rhbz #444700)
[3.0.3-41.el5_1.4]
- Fix PVFB to validate frame buffer description (rhbz #443376)
- Fix PVFB to cope with bogus update requests (rhbz #368931)
[3.0.3-41.el5_1.3]
- Fix QEMU buffer overflow CVE-2007-5730 (rhbz #360381)
- Fix QEMU block device extents checking CVE-2008-0928 (rhbz #433560)
[3.0.3-41.el5_1.2]
- Fix FV O_DIRECT flushing (rhbz #435495)
[3.0.3-41.el5_1.1]
- Fixed xenbaked tmpfile flaw (CVE-2007-3919) (rhbz #350421)
Обновленные пакеты
Oracle Linux 5
Oracle Linux x86_64
xen
3.0.3-41.el5_1.5
xen-devel
3.0.3-41.el5_1.5
xen-libs
3.0.3-41.el5_1.5
Oracle Linux i386
xen
3.0.3-41.el5_1.5
xen-devel
3.0.3-41.el5_1.5
xen-libs
3.0.3-41.el5_1.5
Ссылки на источники
Связанные уязвимости
(1) xenbaked and (2) xenmon.py in Xen 3.1 and earlier allow local users to truncate arbitrary files via a symlink attack on /tmp/xenq-shm.
(1) xenbaked and (2) xenmon.py in Xen 3.1 and earlier allow local users to truncate arbitrary files via a symlink attack on /tmp/xenq-shm.
(1) xenbaked and (2) xenmon.py in Xen 3.1 and earlier allow local users to truncate arbitrary files via a symlink attack on /tmp/xenq-shm.
1) xenbaked and (2) xenmon.py in Xen 3.1 and earlier allow local user ...
(1) xenbaked and (2) xenmon.py in Xen 3.1 and earlier allow local users to truncate arbitrary files via a symlink attack on /tmp/xenq-shm.