[El-errata] ELSA-2009-0003 Moderate: Enterprise Linux 5 xen security and bug fix update

Thu Jan 8 07:10:36 PST 2009

Enterprise Linux Security Advisory ELSA-2009-0003

https://rhn.redhat.com/errata/RHSA-2009-0003.html

The following updated rpms for Enterprise Linux 5 have been uploaded to 
the Unbreakable Linux Network:

i386:
xen-libs-3.0.3-64.el5_2.9.i386.rpm
xen-3.0.3-64.el5_2.9.i386.rpm
xen-devel-3.0.3-64.el5_2.9.i386.rpm

x86_64:
xen-libs-3.0.3-64.el5_2.9.i386.rpm
xen-libs-3.0.3-64.el5_2.9.x86_64.rpm
xen-3.0.3-64.el5_2.9.x86_64.rpm
xen-devel-3.0.3-64.el5_2.9.i386.rpm
xen-devel-3.0.3-64.el5_2.9.x86_64.rpm

SRPMS:
http://oss.oracle.com/el5/SRPMS-updates/xen-3.0.3-64.el5_2.9.src.rpm

Description of changes:

[3.0.3-64.el5_2.9]
- More fixes for Xenstore unsafe data access (CVE-2008-4405, rhbz #464817)
- Fix block-detach regression due to (CVE-2008-4405, rhbz #473882)

[3.0.3-64.el5_2.8]
- Remove unneccessary patch & rebuild

[3.0.3-64.el5_2.7]
- Fix reboots after CVE-2008-4405 changes (rhbz #471588)

[3.0.3-64.el5_2.6]
- Remove qemu-dm.debug wrapper script (CVE-2008-4993, rhbz #470795)

[3.0.3-64.el5_2.5]
- Fix unsafe use of xenstore data (CVE-2008-4405, rhbz #464817)

[3.0.3-64.el5_2.4]
- Don't clobber wallclock on restore (rhbz #464455)