Category Archives: Fedora

Fedora – Security Updates

Fedora

qemu-2.6.2-7.fc24

Leave a comment

* CVE-2017-5525: audio: memory leakage in ac97 (bz #1414110)
* CVE-2017-5526: audio: memory leakage in es1370 (bz #1414210)
* CVE-2016-10155 watchdog: memory leakage in i6300esb (bz #1415200)
* CVE-2017-5552: virtio-gpu-3d: memory leakage (bz #1415283)
* CVE-2017-5667: sd: sdhci OOB access during multi block transfer (bz #1417560)
* CVE-2017-5857: virtio-gpu-3d: host memory leakage in virgl_cmd_resource_unref (bz #1418383)
* CVE-2017-5856: scsi: megasas: memory leakage (bz #1418344)
* CVE-2017-5898: usb: integer overflow in emulated_apdu_from_guest (bz #1419700)
* CVE-2017-5987: sd: infinite loop issue in multi block transfers (bz #1422001)
* CVE-2017-6505: usb: an infinite loop issue in ohci_service_ed_list (bz #1429434)
* CVE-2017-2615: cirrus: oob access while doing bitblt copy backward (bz #1418206)
* CVE-2017-2620: cirrus: potential arbitrary code execution (bz #1425419)

Fedora

cloud-init-0.7.9-4.fc26

Leave a comment

This update fixes several issues with systemd service ordering and network configuration. It also backports a fix for a [security issue](https://bugs.launchpad.net/cloud-init/+bug/1638312) in which instances run in EC2 write IAM instance profile credentials to disk. To work around the security issue without updating cloud-init, wait at least six hours between creating a bundle or an EBS snapshot and registering that as a machine image.

Fedora

cloud-init-0.7.8-6.fc25

Leave a comment

This update fixes a systemd service ordering issue in cloud-init and backports a fix for a [security issue](https://bugs.launchpad.net/cloud-init/+bug/1638312) in which instances run in EC2 write IAM instance profile credentials to disk. To work around the security issue without updating cloud-init, wait at least six hours between creating a bundle or an EBS snapshot and registering that as a machine image.