[Oraclevm-errata] OVMSA-2016-0164 Important: Oracle VM 3.4 xen security update

Errata Announcements for Oracle VM oraclevm-errata at oss.oracle.com
Tue Nov 22 19:32:50 PST 2016


Oracle VM Security Advisory OVMSA-2016-0164

The following updated rpms for Oracle VM 3.4 have been uploaded to the 
Unbreakable Linux Network:

x86_64:
xen-4.4.4-105.0.2.el6.x86_64.rpm
xen-tools-4.4.4-105.0.2.el6.x86_64.rpm


SRPMS:
http://oss.oracle.com/oraclevm/server/3.4/SRPMS-updates/xen-4.4.4-105.0.2.el6.src.rpm



Description of changes:

[4.4.4-105.0.2.el6]
- BUILDINFO: commit=5e4dc2c5fbd14b065234c0b5e5b637e0e005fab7
- pygrub: Properly quote results, when returning them to the caller: 
(Ian Jackson)  [Orabug: 25094263]  {CVE-2016-9379} {CVE-2016-9380}
- x86emul: fix huge bit offset handling (Jan Beulich)  [Orabug: 
25088366]  {CVE-2016-9383}
- x86/PV: writes of %fs and %gs base MSRs require canonical addresses 
(Jan Beulich)  [Orabug: 25087576]  {CVE-2016-9385}
- x86/HVM: don't load LDTR with VM86 mode attrs during task switch (Jan 
Beulich)  [Orabug: 25087539]  {CVE-2016-9382}
- x86/hvm: Fix the handling of non-present segments (Andrew Cooper) 
[Orabug: 25087515]  {CVE-2016-9386}

[4.4.4-105.0.1.el6]
- BUILDINFO: commit=286bb9711e33d92767e8608bea4d3da6dbeeb710
- move TLB-flush filtering out into populate_physmap during vm creation 
(Dongli Zhang)  [Orabug: 24951888]
- replace tlbflush check and operation with inline functions (Dongli 
Zhang)  [Orabug: 24951888]
- x86/hvm: extend HVM cpuid leaf with vcpu id (Paul Durrant) - x86/hvm: 
add HVM-specific hypervisor CPUID leaf (Boris Ostrovsky) - xend: 
soft_reset support. (Konrad Rzeszutek Wilk) - (lib)xl: soft reset 
support (Vitaly Kuznetsov) - tools/libxl: Save and restore 
EMULATOR_XENSTORE_DATA content (Andrew Cooper) - libxl: introduce 
libxl__device_model_xs_path (Wei Liu) - libxl: add 
LIBXL_DEVICE_MODEL_SAVE_FILE (Vitaly Kuznetsov) - libxc: support 
XEN_DOMCTL_soft_reset operation (Vitaly Kuznetsov) - arch-specific hooks 
for domain_soft_reset() (Vitaly Kuznetsov) - flask: DOMCTL_soft_reset 
support (Vitaly Kuznetsov) - introduce XEN_DOMCTL_soft_reset (Vitaly 
Kuznetsov) - evtchn: make evtchn_reset() ready for soft reset (Vitaly 
Kuznetsov) - evtchn: make EVTCHNOP_reset suitable for kexec (Vitaly 
Kuznetsov) - xl: introduce enum domain_restart_type (Vitaly Kuznetsov) - 
libxl: support SHUTDOWN_soft_reset shutdown reason (Vitaly Kuznetsov) - 
introduce SHUTDOWN_soft_reset shutdown reason (Vitaly Kuznetsov) - 
x86emul: honor guest CR0.TS and CR0.EM (Jan Beulich)  [Orabug: 24697001] 
  {CVE-2016-7777}



More information about the Oraclevm-errata mailing list