similar to: CentOS-announce Digest, Vol 105, Issue 11

CentOS Errata and Enhancement Advisory 2013:X015 (Xen4CentOS) The following updated files have been uploaded and are currently syncing to the mirrors: ( sha256sum Filename ) ----------------------------- X86_64 ----------------------------- c0e393639da8712303ae87a379fbc7584b4a5b20229473c73e640653702da4db e1000e-2.5.4-3.10.20.2.el6.centos.alt.x86_64.rpm

CentOS Errata and Security Advisory 2013:X013 (Xen4CentOS) The following updated files have been uploaded and are currently syncing to the mirrors: ( sha256sum Filename ) ----------------------------- X86_64 ----------------------------- f3725f9d29b2fd85d3c9568d979b7ea0f26e1844bb7474b8ef4de2e124bae9ff xen-4.2.3-25.el6.centos.alt.x86_64.rpm

Send CentOS-announce mailing list submissions to centos-announce at centos.org To subscribe or unsubscribe via the World Wide Web, visit http://lists.centos.org/mailman/listinfo/centos-announce or, via email, send a message with subject or body 'help' to centos-announce-request at centos.org You can reach the person managing the list at centos-announce-owner at centos.org When

Send CentOS-announce mailing list submissions to centos-announce at centos.org To subscribe or unsubscribe via the World Wide Web, visit http://lists.centos.org/mailman/listinfo/centos-announce or, via email, send a message with subject or body 'help' to centos-announce-request at centos.org You can reach the person managing the list at centos-announce-owner at centos.org When

CentOS Errata and Security Advisory 2014:X013 (Xen4CentOS) The following updated files have been uploaded and are currently syncing to the mirrors: ( sha256sum Filename ) ----------------------------- X86_64 ----------------------------- 7bdc9b1e50859e38f1a87d58c79b53d3fc428d102c3b7a1645c07e576927407c xen-4.2.5-34.el6.centos.alt.x86_64.rpm

The following packages are updated for Xen4CentOS for CentOS 6: Source: 942bc436e401c798991ae4ca956082c12a5a3b65ec53cd7ec9901dda7704f9b7 e1000e-2.5.4-3.10.63.2.el6.centos.alt.src.rpm aa46f97636568c46295d2d99f1e33b5fda50df707a2a8321a516200b8b4e95a6 kernel-3.10.63-11.el6.centos.alt.src.rpm ea44d2658e096ef6f00f7dfd4fecc6bff977d959563e4929539d23643b134c3a libvirt-0.10.2.8-9.el6.centos.alt.src.rpm

Send CentOS-announce mailing list submissions to centos-announce at centos.org To subscribe or unsubscribe via the World Wide Web, visit http://lists.centos.org/mailman/listinfo/centos-announce or, via email, send a message with subject or body 'help' to centos-announce-request at centos.org You can reach the person managing the list at centos-announce-owner at centos.org When

CentOS Errata and Security Advisory 2013:X017 (Xen4CentOS) The following updated files have been uploaded and are currently syncing to the mirrors: ( sha256sum Filename ) ----------------------------- X86_64 ----------------------------- 588443b1936d3da45e5872a1578722fdac5ddf0eaeb02b8e47854a3c1d7a45f5 xen-4.2.3-26.el6.centos.alt.x86_64.rpm

CentOS Errata and Security Advisory 2014:X004 (Xen4CentOS) The following updated files have been uploaded and are currently syncing to the mirrors: ( sha256sum Filename ) ----------------------------- X86_64 ----------------------------- bb6f3ba6c19f731b233c6c0ec338f9b92f418664dc1fd4f31ddc2e3ee2848583 xen-4.2.3-28.el6.centos.alt.x86_64.rpm

Send CentOS-announce mailing list submissions to centos-announce at centos.org To subscribe or unsubscribe via the World Wide Web, visit http://lists.centos.org/mailman/listinfo/centos-announce or, via email, send a message with subject or body 'help' to centos-announce-request at centos.org You can reach the person managing the list at centos-announce-owner at centos.org When

CentOS Errata and Security Advisory 2014:X002 (Xen4CentOS) The following updated files have been uploaded and are currently syncing to the mirrors: ( sha256sum Filename ) ----------------------------- X86_64 ----------------------------- be67f02a8f9eb6193ce790bf21048b2e6e2e17256ec8d236278d6b38a41af47a xen-4.2.3-27.el6.centos.alt.x86_64.rpm

Send CentOS-announce mailing list submissions to centos-announce at centos.org To subscribe or unsubscribe via the World Wide Web, visit http://lists.centos.org/mailman/listinfo/centos-announce or, via email, send a message with subject or body 'help' to centos-announce-request at centos.org You can reach the person managing the list at centos-announce-owner at centos.org When

CentOS Errata and Security Advisory 2013:X014 (Xen4CentOS) The following updated files have been uploaded and are currently syncing to the mirrors: ( sha256sum Filename ) ----------------------------- X86_64 ----------------------------- ab3a48f7c3dbd4f47cd4676fff16282f852ccc230653fdc64b1e7ec6864fb04d libvirt-0.10.2.8-5.el6.centos.alt.x86_64.rpm

CentOS Errata and Security Advisory 2014:X010 (Xen4CentOS) The following updated files have been uploaded and are currently syncing to the mirrors: ( sha256sum Filename ) ----------------------------- X86_64 ----------------------------- f5a30e6c7c17a391dfc218cce2c2ca52dba4bf61d6c2d664faecda673d72fdea xen-4.2.5-33.el6.centos.alt.x86_64.rpm

CentOS Errata and Security Advisory 2014:X008 (Xen4CentOS) The following updated files have been uploaded and are currently syncing to the mirrors: ( sha256sum Filename ) ----------------------------- X86_64 ----------------------------- 58469d64c897d1deb6832b2cc69d1d28c83162075835d256ff56996aecb8d145 xen-4.2.4-33.el6.centos.alt.x86_64.rpm

Send CentOS-announce mailing list submissions to centos-announce at centos.org To subscribe or unsubscribe via the World Wide Web, visit http://lists.centos.org/mailman/listinfo/centos-announce or, via email, send a message with subject or body 'help' to centos-announce-request at centos.org You can reach the person managing the list at centos-announce-owner at centos.org When

It looks like no XSA-142 patch, which is "libxl fails to honour readonly flag on disks with qemu-xen" has been applied to Xen4CentOS. I assume this was on purpose? If not, I can have someone try adding the original patch from http://xenbits.xen.org/xsa/advisory-142.html and some variant of the commit from ef6cb76026628e26e3d1ae53c50ccde1c3c78b1b

tree/branch: https://git.kernel.org/pub/scm/linux/kernel/git/next/linux-next.git master branch HEAD: a734662572708cf062e974f659ae50c24fc1ad17 Add linux-next specific files for 20230801 Error/Warning reports: https://lore.kernel.org/oe-kbuild-all/202307251531.p8ZLFTMZ-lkp at intel.com https://lore.kernel.org/oe-kbuild-all/202308020154.Xrcb9bWT-lkp at intel.com Error/Warning: (recently

tree/branch: https://git.kernel.org/pub/scm/linux/kernel/git/next/linux-next.git master branch HEAD: 1c6f93977947dbba1fc4d250c4eb8a7d4cfdecf1 Add linux-next specific files for 20230704 Error/Warning reports: https://lore.kernel.org/oe-kbuild-all/202306260401.qZlYQpV2-lkp at intel.com https://lore.kernel.org/oe-kbuild-all/202306301709.lvrxzyCj-lkp at intel.com

Source: xen Severity: grave Tags: security Multiple vulnerabilities are unfixed in xen: CVE-2015-5307: http://xenbits.xen.org/xsa/advisory-156.html CVE-2016-3960 http://xenbits.xen.org/xsa/advisory-173.html CVE-2016-3159 / CVE-2016-3158 http://xenbits.xen.org/xsa/advisory-172.html CVE-2016-2271 http://xenbits.xen.org/xsa/advisory-170.html CVE-2016-2270