Jump to content
Compatible Support Forums
Sign in to follow this  
Followers 0
news

[security-announce] SUSE-SU-2015:0870-1: important: Security update for kvm

By news, in Upcoming News

Recommended Posts

news    28

news
Posted

SUSE Security Update: Security update for kvm

______________________________________________________________________________

 

Announcement ID: SUSE-SU-2015:0870-1

Rating: important

References: #920571 #924018

Cross-References: CVE-2015-1779

Affected Products:

SUSE Linux Enterprise Server 11 SP3

SUSE Linux Enterprise Desktop 11 SP3

______________________________________________________________________________

 

An update that solves one vulnerability and has one errata

is now available. It includes one version update.

 

Description:

 

 

This update for KVM fixes an issue in the virtio-blk driver which could

result in incorrectly setting its WCE configuration. Under some

circumstances, this misconfiguration could cause severe file system

corruption, because cache flushes were not generated as they ought to have

been.

 

The update also addresses one security vulnerability:

 

* CVE-2015-1779: Insufficient resource limiting in VNC websockets

decoder. (bsc#924018)

 

Security Issues:

 

* CVE-2015-1779

 

 

 

Patch Instructions:

 

To install this SUSE Security Update use YaST online_update.

Alternatively you can run the command listed for your product:

 

- SUSE Linux Enterprise Server 11 SP3:

 

zypper in -t patch slessp3-kvm=10645

 

- SUSE Linux Enterprise Desktop 11 SP3:

 

zypper in -t patch sledsp3-kvm=10645

 

To bring your system up-to-date, use "zypper patch".

 

 

Package List:

 

- SUSE Linux Enterprise Server 11 SP3 (i586 s390x x86_64) [New Version: 1.4.2]:

 

kvm-1.4.2-0.22.25.1

 

- SUSE Linux Enterprise Desktop 11 SP3 (i586 x86_64) [New Version: 1.4.2]:

 

kvm-1.4.2-0.22.25.1

 

 

References:

 

https://www.suse.com/security/cve/CVE-2015-1779.html

https://bugzilla.suse.com/920571

https://bugzilla.suse.com/924018

https://download.suse.com/patch/finder/?keywords=5ce7157b96103bdd850e596ab6dff1ba

 

--

To unsubscribe, e-mail: opensuse-security-announce+unsubscribe ( -at -) opensuse.org

For additional commands, e-mail: opensuse-security-announce+help ( -at -) opensuse.org

 

 

 

Share this post

Link to post

Please sign in to comment

You will be able to leave a comment after signing in



Sign In Now
Sign in to follow this  
Followers 0
Go To Topic Listing Upcoming News
×