[Oraclevm-errata] OVMSA-2016-0005 Important: Oracle VM 3.3 kernel-uek security update
Errata Announcements for Oracle VM
oraclevm-errata at oss.oracle.com
Wed Jan 20 19:21:55 PST 2016
Oracle VM Security Advisory OVMSA-2016-0005
The following updated rpms for Oracle VM 3.3 have been uploaded to the
Unbreakable Linux Network:
x86_64:
kernel-uek-3.8.13-118.2.5.el6uek.x86_64.rpm
kernel-uek-firmware-3.8.13-118.2.5.el6uek.noarch.rpm
SRPMS:
http://oss.oracle.com/oraclevm/server/3.3/SRPMS-updates/kernel-uek-3.8.13-118.2.5.el6uek.src.rpm
Description of changes:
[3.8.13-118.2.5.el6uek]
- KEYS: Fix keyring ref leak in join_session_keyring() (Yevgeny Pats)
[Orabug: 22563965] {CVE-2016-0728}
[3.8.13-118.2.4.el6uek]
- KEYS: Don't permit request_key() to construct a new keyring (David
Howells) [Orabug: 22373442] {CVE-2015-7872}
[3.8.13-118.2.3.el6uek]
- dcache: Handle escaped paths in prepend_path (Eric W. Biederman)
[Orabug: 22373283]
- vfs: Test for and handle paths that are unreachable from their
mnt_root (Eric W. Biederman) [Orabug: 22249875]
- KEYS: Fix crash when attempt to garbage collect an uninstantiated
keyring (David Howells) [Orabug: 22373442] {CVE-2015-7872}
- KEYS: Fix race between key destruction and finding a keyring by name
(David Howells) [Orabug: 22373442]
More information about the Oraclevm-errata
mailing list