[Oraclevm-errata] OVMSA-2016-0088 Important: Oracle VM 3.4 xen security update
Errata Announcements for Oracle VM
oraclevm-errata at oss.oracle.com
Wed Jul 27 11:49:46 PDT 2016
Oracle VM Security Advisory OVMSA-2016-0088
The following updated rpms for Oracle VM 3.4 have been uploaded to the
Unbreakable Linux Network:
x86_64:
xen-4.4.4-75.0.1.el6.x86_64.rpm
xen-tools-4.4.4-75.0.1.el6.x86_64.rpm
SRPMS:
http://oss.oracle.com/oraclevm/server/3.4/SRPMS-updates/xen-4.4.4-75.0.1.el6.src.rpm
Description of changes:
[4.4.4-75.0.1.el6]
- BUILDINFO: commit=aff08b43b1a504aa14a0fce65302ccf515b69fdf
- Remove unsafe bits from the mod_l?_entry() fastpath (Andrew Cooper)
{CVE-2016-6258}
- x86/mm: fully honor PS bits in guest page table walks (Jan Beulich)
{CVE-2016-4480} {CVE-2016-4480}
- libxl: Document ~/serial/ correctly (Ian Jackson) {CVE-2016-4962}
- libxl: Cleanup: Have libxl__alloc_vdev use /libxl (Ian Jackson)
{CVE-2016-4962}
- libxl: Do not trust frontend for nic in getinfo (Ian Jackson)
{CVE-2016-4962}
- libxl: Do not trust frontend for nic in libxl_devid_to_device_nic (Ian
Jackson) {CVE-2016-4962}
- libxl: Do not trust frontend for vtpm in getinfo (Ian Jackson)
{CVE-2016-4962}
- libxl: Do not trust frontend for vtpm list (Ian Jackson) {CVE-2016-4962}
- libxl: Do not trust frontend for disk in getinfo (Ian Jackson)
{CVE-2016-4962}
- libxl: Do not trust frontend for disk eject event (Ian Jackson)
{CVE-2016-4962}
- libxl: Do not trust frontend in libxl__device_nextid (Ian Jackson)
{CVE-2016-4962}
- libxl: Do not trust frontend in libxl__devices_destroy (Ian Jackson)
{CVE-2016-4962}
- libxl: Provide libxl__backendpath_parse_domid (Ian Jackson)
{CVE-2016-4962}
- libxl: Record backend/frontend paths in /libxl/$DOMID (Ian Jackson)
{CVE-2016-4962}
- x86: limit GFNs to 32 bits for shadowed superpages. (Tim Deegan)
{CVE-2016-3960}
- x86: fix information leak on AMD CPUs (Jan Beulich) {CVE-2016-3158}
{CVE-2016-3159} {CVE-2016-3158} {CVE-2016-3159} {CVE-2016-3158}
{CVE-2016-3159}
- x86: enforce consistent cachability of MMIO mappings (Jan Beulich)
{CVE-2016-2270} {CVE-2016-2270}
More information about the Oraclevm-errata
mailing list