[SECURITY] Fedora 22 Update: xen-4.5.0-9.fc22
updates at fedoraproject.org
updates at fedoraproject.org
Tue May 26 03:43:40 UTC 2015
--------------------------------------------------------------------------------
Fedora Update Notification
FEDORA-2015-8194
2015-05-14 20:19:46
--------------------------------------------------------------------------------
Name : xen
Product : Fedora 22
Version : 4.5.0
Release : 9.fc22
URL : http://xen.org/
Summary : Xen is a virtual machine monitor
Description :
This package contains the XenD daemon and xm command line
tools, needed to manage virtual machines running under the
Xen hypervisor
--------------------------------------------------------------------------------
Update Information:
Privilege escalation via emulated floppy disk drive [XSA-133, CVE-2015-3456] (#1221153)
--------------------------------------------------------------------------------
ChangeLog:
* Wed May 13 2015 Michael Young <m.a.young at durham.ac.uk> - 4.5.0-9
- Privilege escalation via emulated floppy disk drive [XSA-133,
CVE-2015-3456] (#1221153)
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1218611 - CVE-2015-3456 qemu: fdc: out-of-bounds fifo buffer memory access
https://bugzilla.redhat.com/show_bug.cgi?id=1218611
--------------------------------------------------------------------------------
This update can be installed with the "yum" update program. Use
su -c 'yum update xen' at the command line.
For more information, refer to "Managing Software with yum",
available at http://docs.fedoraproject.org/yum/.
All packages are signed with the Fedora Project GPG key. More details on the
GPG keys used by the Fedora Project can be found at
https://fedoraproject.org/keys
--------------------------------------------------------------------------------
More information about the package-announce
mailing list