[ovirt-users] When can we expect updated packages for Venom Vulnerability

Doron Fediuck dfediuck at redhat.com
Sun May 17 07:36:25 UTC 2015



On 13/05/15 19:14, Tim Macy wrote:
> https://securityblog.redhat.com/2015/05/13/venom-dont-get-bitten/
> 

Hi Tim,
oVirt is using the platform's qemu package.

So for CentOS and Fedora it's already there-

*
https://www.centosblog.com/critical-qemu-vulnerability-venom-affects-xen-kvm-virtualbox-xenserver/


* http://koji.fedoraproject.org/koji/buildinfo?buildID=636796
 Wed May 13 2015 Cole Robinson <crobinso at redhat.com> - 2:2.1.3-7
- CVE-2015-3456: (VENOM) fdc: out-of-bounds fifo buffer memory access (bz



More information about the Users mailing list