From 6359fac44913a045f7b3ae892384ca31243e85b1 Mon Sep 17 00:00:00 2001 From: Jacek Konieczny Date: Thu, 31 Oct 2013 22:02:53 +0100 Subject: [PATCH] Version: 4.3.1 * CVE-2013-1922 / XSA-48 qemu-nbd format-guessing due to missing format specification * CVE-2013-2007 / XSA-51 qemu guest agent (qga) insecure file permissions * CVE-2013-1442 / XSA-62 Information leak on AVX and/or LWP capable CPUs * CVE-2013-4355 / XSA-63 Information leaks through I/O instruction emulation * CVE-2013-4356 / XSA-64 Memory accessible by 64-bit PV guests under live migration * CVE-2013-4361 / XSA-66 Information leak through fbld instruction emulation * CVE-2013-4368 / XSA-67 Information leak through outs instruction emulation * CVE-2013-4369 / XSA-68 possible null dereference when parsing vif ratelimiting info * CVE-2013-4370 / XSA-69 misplaced free in ocaml xc_vcpu_getaffinity stub * CVE-2013-4371 / XSA-70 use-after-free in libxl_list_cpupool under memory pressure * CVE-2013-4375 / XSA-71 qemu disk backend (qdisk) resource leak * CVE-2013-4416 / XSA-72 --- xen.spec | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/xen.spec b/xen.spec index 179b0fb..ee87f8f 100644 --- a/xen.spec +++ b/xen.spec @@ -41,12 +41,12 @@ Summary: Xen - a virtual machine monitor Summary(pl.UTF-8): Xen - monitor maszyny wirtualnej Name: xen -Version: 4.3.0 -Release: 3 +Version: 4.3.1 +Release: 1 License: GPL v2, interface parts on BSD-like Group: Applications/System Source0: http://bits.xensource.com/oss-xen/release/%{version}/%{name}-%{version}.tar.gz -# Source0-md5: 7b18cfb58f1ac2ce39cf35a1867f0c0a +# Source0-md5: 7616b8704e1ab89c81f011f0e3703bc8 # used by stubdoms Source10: %{xen_extfiles_url}/lwip-1.3.0.tar.gz # Source10-md5: 36cc57650cffda9a0269493be2a169bb -- 2.44.0