English | Deutsch | Español | Português
 UserID:
 Passwd:
new user
 About:   Dedicated  | Advanced  | Standard  | Recurring  | No Risk  | Desktop  | Basic  | Single  | Security Seal  | FAQ
  Price/Feature Summary  | Order  | New Vulnerabilities  | Confidentiality  | Vulnerability Search
 Vulnerability   
Search   
    Search 105790 CVE descriptions
and 56160 test descriptions,
access 10,000+ cross references.
Tests   CVE   All  

---------------------------------------------------------------------
Fedora Update Notification
FEDORA-2007-343
2007-03-19
---------------------------------------------------------------------

Product     : Fedora Core 6
Name        : xen
Version     : 3.0.3
Release     : 8.fc6
Summary     : Xen is a virtual machine monitor
Description :
This package contains the Xen hypervisor and Xen tools, needed to
run virtual machines on x86 systems, together with the kernel-xen*
packages.  Information on how to use Xen can be found at the Xen
project pages.

Virtualisation can be used to run multiple versions or multiple
Linux distributions on one system, or to test untrusted applications
in a sandboxed environment.

---------------------------------------------------------------------
Update Information:

A flaw was found affecting the VNC server code in QEMU. On a
fullyvirtualized guest VM, where qemu monitor mode is
enabled, a user who had access to the VNC server could gain
the ability to read arbitrary files as root in the host
filesystem. (CVE-2007-0998)

---------------------------------------------------------------------
* Wed Mar 14 2007 Daniel P. Berrange <berrange@redhat.com> - 3.0.3-8.fc6
- Disable access to QEMU monitor over VNC (CVE-2007-0998, bz 230295)
* Tue Mar  6 2007 Daniel P. Berrange <berrange@redhat.com> - 3.0.3-7.fc6
- Ensure PVFB daemon terminates if domain doesn't startup (bz 230634)
- Fix ia64 shadow page table mode
- Close QEMU file handles when running network script

---------------------------------------------------------------------
This update can be downloaded from:
    http://download.fedora.redhat.com/pub/fedora/linux/core/updates/6/

1741f962baeb775c9e2519b18aa44e2831c0585f  SRPMS/xen-3.0.3-8.fc6.src.rpm
1741f962baeb775c9e2519b18aa44e2831c0585f  noarch/xen-3.0.3-8.fc6.src.rpm
c384423104620e719c2ae8fa2947ede9f675d4f7  x86_64/debug/xen-debuginfo-3.0.3-8.fc6.x86_64.rpm
9f865fd4ed56c4d35382c51bd00e2019156184c5  x86_64/xen-3.0.3-8.fc6.x86_64.rpm
4b458e342a7a6e54ee4260b2cfe5fa30eceda74f  x86_64/xen-libs-3.0.3-8.fc6.x86_64.rpm
1485f0bbde1c4f9cbe5fd591806007409cdc9e5c  x86_64/xen-devel-3.0.3-8.fc6.x86_64.rpm
e2cac6874e958ec27d6167b23171121b3df08ae9  i386/debug/xen-debuginfo-3.0.3-8.fc6.i386.rpm
435e65f7dd61f4164200f27d72f989571578c288  i386/xen-libs-3.0.3-8.fc6.i386.rpm
6a01404d96baaae8ca45dcd35bc2af6b61dd6f08  i386/xen-devel-3.0.3-8.fc6.i386.rpm
200dc86cf82dc8a7efa6144d037bb52928adf773  i386/xen-3.0.3-8.fc6.i386.rpm

This update can be installed with the 'yum' update program.  Use 'yum update
package-name' at the command line.  For more information, refer to 'Managing
Software with yum,' available at http://fedora.redhat.com/docs/yum/.
---------------------------------------------------------------------

New User Registration
Email:
UserID:
Passwd:
Please email me your monthly newsletters, informing the latest services, improvements & surveys.
Please email me a vulnerability test announcement whenever a new test is added.
   Privacy
Registered User Login
 
UserID:   
Passwd:  

 Forgot userid or passwd?
Email/Userid:




Home | About Us | Contact Us | Partner Programs | Developer APIs | Privacy | Mailing Lists | Abuse
Security Audits | Managed DNS | Network Monitoring | Site Analyzer | Internet Research Reports
Web Probe | Whois

© 1998-2017 E-Soft Inc. All rights reserved.