<!DOCTYPE html PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN">
<html>
<head>
  <meta content="text/html;charset=UTF-8" http-equiv="Content-Type">
</head>
<body bgcolor="#ffffff" text="#000000">
<tt>Oracle VM Security Advisory OVMSA-2009-0008<br>
<br>
The following updated rpms for Oracle VM 2.1 have been uploaded to the
Unbreakable Linux Network:<br>
<br>
i386:<br>
acpid-1.0.4-7.el5_3.1.i386.rpm<br>
<br>
<br>
SRPMS:<br>
<a class="moz-txt-link-freetext"
 href="http://oss.oracle.com/oraclevm/server/SRPMS-updates/acpid-1.0.4-7.el5_3.1.src.rpm">http://oss.oracle.com/oraclevm/server/SRPMS-updates/acpid-1.0.4-7.el5_3.1.src.rpm</a><br>
<br>
<br>
Description of changes:<br>
<br>
</tt>
<pre>Following Security fix is released in this errata:</pre>
<tt><a
 href="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-0798">CVE-2009-0798</a><br>
<br>
The daemon in acpid before 1.0.10 allows remote attackers to cause a
denial of service (CPU consumption and connectivity loss) by opening a
large number of UNIX sockets without closing them, which triggers an
infinite loop.</tt><br>
<tt><br>
[1.0.4-7.el5_3.1]<br>
- Updated the License entry<br>
- Fixed CVE-2009-0798 (too many open files DoS)<br>
- Resolves: #496291<br>
<br>
[1.0.4-7]<br>
- Minor fixes in init script<br>
- Resolves: #237752<br>
<br>
[1.0.4-6]<br>
- Review of init script<br>
- Fixed fd leaking<br>
- Resolves: #237752 #441686<br>
<br>
</tt>
</body>
</html>