——————————————————————————–
Fedora Update Notification
FEDORA-2016-7d2c67d1f5
2016-09-13 17:56:34.781586
——————————————————————————–
Name : xen
Product : Fedora 24
Version : 4.6.3
Release : 5.fc24
URL : http://xen.org/
Summary : Xen is a virtual machine monitor
Description :
This package contains the XenD daemon and xm command line
tools, needed to manage virtual machines running under the
Xen hypervisor
——————————————————————————–
Update Information:
x86: Disallow L3 recursive pagetable for 32-bit PV guests [XSA-185,
CVE-2016-7092] (#1374470) x86: Mishandling of instruction pointer truncation
during emulation [XSA-186, CVE-2016-7093] (#1374471) x86 HVM: Overflow of
sh_ctxt->seg_reg[] [XSA-187, CVE-2016-7094] (#1374473)
——————————————————————————–
References:
[ 1 ] Bug #1370319 – CVE-2016-7092 xen: x86: Disallow L3 recursive pagetable for 32-bit PV guests
https://bugzilla.redhat.com/show_bug.cgi?id=1370319
[ 2 ] Bug #1370322 – CVE-2016-7093 xen: x86: Mishandling of instruction pointer truncation during emulation
https://bugzilla.redhat.com/show_bug.cgi?id=1370322
[ 3 ] Bug #1370332 – CVE-2016-7094 xen: x86 HVM: Overflow of sh_ctxt->seg_reg[]
https://bugzilla.redhat.com/show_bug.cgi?id=1370332
——————————————————————————–
This update can be installed with the “yum” update program. Use
su -c ‘yum update xen’ at the command line.
For more information, refer to “Managing Software with yum”,
available at https://docs.fedoraproject.org/yum/.
All packages are signed with the Fedora Project GPG key. More details on the
GPG keys used by the Fedora Project can be found at
https://fedoraproject.org/keys
——————————————————————————–
_______________________________________________
package-announce mailing list
package-announce@lists.fedoraproject.org
https://lists.fedoraproject.org/admin/lists/package-announce@lists.fedoraproject.org