[Oraclevm-errata] OVMSA-2019-0008 Important: Oracle VM 3.3 polkit security update

Errata Announcements for Oracle VM oraclevm-errata at oss.oracle.com
Sun Mar 3 12:29:38 PST 2019

Oracle VM Security Advisory OVMSA-2019-0008

The following updated rpms for Oracle VM 3.3 have been uploaded to the 
Unbreakable Linux Network:



Description of changes:

- Fix of CVE-2019-6133, PID reuse via slow fork
- Resolves: rhbz#1667310

- Gracefully handle race conditions and other failures to kill polkitd
Related: #1115649

- Fix scriptlet failure when polkitd is not running
Related: #1115649

- Restart polkitd on package upgrade or uninstallation
Resolves: #1115649

- Fix text in (pkcheck --help)
Resolves: #1130156

- Fix a crash on failure to read a command line of a process
Resolves: #1132830

- Use real --help text and error messages instead of showing a man page in
pkaction and pkcheck. Fix description of (pkaction --action-id) in the man
Resolves: #628862
- Add support for Identity=default in .pkla files
Resolves: #812684
- Use a consistent order for .pkla files within a directory. Based on a 
by Jared Jennings <jared.jennings.ctr at eglin.af.mil>.
Resolves: #864613
- Build using PIE and relro
Resolves: #927406

- Actually apply the patch, and modify it to apply to 0.96
- Resolves: #1006264

- Include fix for CVE-2013-4288
- Resolves: #1006264

- Include fixes for CVE-2011-1485
- Resolves: #692942

More information about the Oraclevm-errata mailing list