oVirt 3.3 Release update

Mike Burns mburns at redhat.com
Thu Sep 12 16:27:16 UTC 2013


Final RC builds have been posted to the beta repos on ovirt.org.  The 
current scheduled release for 3.3 is set for Monday assuming no critical 
blocker issues are found before then.

If you picked up beta packages prior to Thursday at approximately 11 AM 
EDT (15:00 UTC), there is a new ovirt-engine package that fixes a single 
security issue [1][2].

Thanks

The oVirt Team


[1] https://bugzilla.redhat.com/show_bug.cgi?id=1007482
[2] A reflected cross-site scripting (XSS) flaw was found in oVirt 
Engine An attacker could construct a carefully-crafted URL, which once 
visited by an unsuspecting user, could cause the user's web browser to 
execute malicious script in the context the of oVirt Engine domain. 
(CVE-2013-4181)



More information about the Announce mailing list