[Oraclevm-errata] OVMSA-2020-0038 Important: Oracle VM 3.4 xen security update

Errata Announcements for Oracle VM oraclevm-errata at oss.oracle.com
Thu Aug 27 09:45:41 PDT 2020


Oracle VM Security Advisory OVMSA-2020-0038

The following updated rpms for Oracle VM 3.4 have been uploaded to the 
Unbreakable Linux Network:

x86_64:
xen-4.4.4-222.0.26.el6.x86_64.rpm
xen-tools-4.4.4-222.0.26.el6.x86_64.rpm


SRPMS:
http://oss.oracle.com/oraclevm/server/3.4/SRPMS-updates/xen-4.4.4-222.0.26.el6.src.rpm



Description of changes:

[4.4.4-222.0.26.el6]
- BUILDINFO: OVMF commit=173bf5c847e3ca8b42c11796ce048d8e2e916ff8
- BUILDINFO: xen commit=4e20c4a527d177048e77b2daa6201731fdcdc584
- BUILDINFO: QEMU upstream commit=8bff6989bd0bafcc0ddf859c23ce6a2ff21a80ff
- BUILDINFO: QEMU traditional 
commit=cf459aa4ae4ff6b7bfc208006b47c9992642c4cf
- BUILDINFO: IPXE commit=9a93db3f0947484e30e753bbd61a10b17336e20e
- BUILDINFO: SeaBIOS commit=7d9cbe613694924921ed1a6f8947d711c5832eee
- redtape: QEMU-traditional: usb: fix setup_len init (CVE-2020-14364) 
(Patrick Colp) [Orabug: 31780712] {CVE-2020-14364}
- usb: fix setup_len init (CVE-2020-14364) (Gerd Hoffmann) [Orabug: 
31780712] {CVE-2020-14364} {CVE-2020-14364}

[4.4.4-222.0.25.el6]
- BUILDINFO: OVMF commit=173bf5c847e3ca8b42c11796ce048d8e2e916ff8
- BUILDINFO: xen commit=dffcb5098a9c58a2a59e792b1ded0ab46227d1ff
- BUILDINFO: QEMU upstream commit=8bff6989bd0bafcc0ddf859c23ce6a2ff21a80ff
- BUILDINFO: QEMU traditional 
commit=6e676a4ba6bbd437a2a8dbfc3c6e591d920b013b
- BUILDINFO: IPXE commit=9a93db3f0947484e30e753bbd61a10b17336e20e
- BUILDINFO: SeaBIOS commit=7d9cbe613694924921ed1a6f8947d711c5832eee
- x86: skip further initialization for idle domains (Joe Jin) [Orabug: 
31543204]





More information about the Oraclevm-errata mailing list