similar to: CEBA-2017:0928 CentOS 7 NetworkManager BugFix Update

The following errata for CentOS-2 have been built and uploaded to the centos mirror: RHEA-2007:0928-05 tzdata enhancement update Files available: tzdata-2007h-1.el2_1.noarch.rpm More details are available from the RedHat web site at https://rhn.redhat.com/errata/rh21as-errata.html The easy way to make sure you are up to date with all the latest patches is to run: # yum update -- John

Processing commands for control at bugs.debian.org: > clone 469654 -1 Bug#469654: xen-unstable: CVE-2008-0928 privilege escalation Bug 469654 cloned as bug 469662. > reassign -1 xen-3 Bug#469662: xen-unstable: CVE-2008-0928 privilege escalation Bug reassigned from package `xen-unstable' to `xen-3'. > retitle -1 xen-3: CVE-2008-0928 privilege escalation Bug#469662: xen-unstable:

Processing commands for control at bugs.debian.org: > clone 469654 -1 Bug#469654: xen-unstable: CVE-2008-0928 privilege escalation Bug 469654 cloned as bug 469666. > reassign -1 kvm Bug#469666: xen-unstable: CVE-2008-0928 privilege escalation Bug reassigned from package `xen-unstable' to `kvm'. > retitle -1 kvm: CVE-2008-0928 privilege escalation Bug#469666: xen-unstable:

Package: xen-unstable Severity: grave Tags: security patch Hi, the following CVE (Common Vulnerabilities & Exposures) id was published for xen-unstable. CVE-2008-0928[0]: | Qemu 0.9.1 and earlier does not perform range checks for block device | read or write requests, which allows guest host users with root | privileges to access arbitrary memory and escape the virtual machine. If you fix

I might be stupid and ask an idiot or offensive question, but here it is: "Why was tzdata-2007h [RHEA-2007:0928-05] only released for CentOS 2, when upstream has released it for all the versions?" The guys from X/OS have released it for 5.0 along with the other updates (on Oct. 9). Are the "enhancements"... "not important" as long as they're not "security